Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openbsd vulnerabilities and exploits
(subscribe to this query)
2.6
CVSSv2
CVE-2020-26142
An issue exists in the kernel in OpenBSD 6.6. The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can abuse this to inject arbitrary network packets, independent of the network configuration.
Openbsd Openbsd 6.6
4.6
CVSSv2
CVE-2021-28041
ssh-agent in OpenSSH prior to 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.
Openbsd Openssh
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Cloud Backup -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Hci Compute Node Firmware -
Netapp Hci Storage Node Firmware -
Oracle Zfs Storage Appliance 8.8
Oracle Communications Offline Mediation Controller 12.0.0.3.0
2 Github repositories
7.5
CVSSv2
CVE-2020-16088
iked in OpenIKED, as used in OpenBSD up to and including 6.7, allows authentication bypass because ca.c has the wrong logic for checking whether a public key matches.
Openbsd Openbsd
6.8
CVSSv2
CVE-2020-15778
scp in OpenSSH up to and including 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfe...
Openbsd Openssh 8.3
Openbsd Openssh
Netapp A700s Firmware -
Netapp Steelstore Cloud Integrated Storage -
Netapp Active Iq Unified Manager
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Hci Storage Node -
Netapp Hci Compute Node -
Broadcom Fabric Operating System -
9 Github repositories
4.3
CVSSv2
CVE-2020-14145
The client side in OpenSSH 5.7 up to and including 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle malicious users to target initial connection attempts (where no host key for the server has been cached ...
Openbsd Openssh 8.4
Openbsd Openssh
Openbsd Openssh 8.5
Openbsd Openssh 8.6
Netapp Aff A700s Firmware -
Netapp Steelstore Cloud Integrated Storage -
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Hci Storage Node -
Netapp Hci Compute Node -
1 Github repository
5
CVSSv2
CVE-2020-12062
The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a malicious unprivileged user on the remote server to overwrite arbitrary files in the client's download directory by creating a crafted subdirec...
Openbsd Openssh 8.2
6.5
CVSSv2
CVE-2020-10030
An issue has been found in PowerDNS Recursor 4.1.0 up to and including 4.3.0. It allows an attacker (with enough privileges to change the system's hostname) to cause disclosure of uninitialized memory content via a stack-based out-of-bounds read. It only occurs on systems wh...
Powerdns Recursor
7.8
CVSSv2
CVE-2011-3336
regcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion.
Php Php
Apple Mac Os X
Freebsd Freebsd 8.2
Openbsd Openbsd 5.0
1 EDB exploit
10
CVSSv2
CVE-2020-7247
smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote malicious users to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncomm...
Openbsd Opensmtpd 6.6
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
9 Github repositories
1 Article
5
CVSSv2
CVE-2015-5333
Memory leak in the OBJ_obj2txt function in LibreSSL prior to 2.3.1 allows remote malicious users to cause a denial of service (memory consumption) via a large number of ASN.1 object identifiers in X.509 certificates.
Openbsd Libressl
Opensuse Opensuse 13.2
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »