Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openbsd vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2023-25136
OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address...
Openbsd Openssh 9.1
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Netapp Ontap Select Deploy Administration Utility -
Netapp A250 Firmware -
Netapp 500f Firmware -
Netapp C250 Firmware -
10 Github repositories
7.5
CVSSv3
CVE-2022-27881
engine.c in slaacd in OpenBSD 6.9 and 7.0 prior to 2022-02-21 has a buffer overflow triggerable by an IPv6 router advertisement with more than seven nameservers. NOTE: privilege separation and pledge can prevent exploitation.
Openbsd Openbsd 7.0
Openbsd Openbsd 6.9
7.5
CVSSv3
CVE-2022-27882
slaacd in OpenBSD 6.9 and 7.0 prior to 2022-03-22 has an integer signedness error and resultant heap-based buffer overflow triggerable by a crafted IPv6 router advertisement. NOTE: privilege separation and pledge can prevent exploitation.
Openbsd Openbsd 6.9
Openbsd Openbsd 7.0
3.7
CVSSv3
CVE-2021-36368
An issue exists in OpenSSH prior to 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO au...
Openbsd Openssh
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
8 Github repositories
7
CVSSv3
CVE-2021-41617
sshd in OpenSSH 6.2 up to and including 8.x prior to 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run w...
Openbsd Openssh
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Aff A250 Firmware -
Netapp Aff 500f Firmware -
Oracle Http Server 12.2.1.2.0
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Starwindsoftware Starwind Virtual San V8r13
5 Github repositories
5.5
CVSSv3
CVE-2021-41581
x509_constraints_parse_mailbox in lib/libcrypto/x509/x509_constraints.c in LibreSSL up to and including 3.4.0 has a stack-based buffer over-read. When the input exceeds DOMAIN_PART_MAX_LEN, the buffer lacks '\0' termination.
Openbsd Libressl
5.3
CVSSv3
CVE-2016-20012
OpenSSH up to and including 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be va...
Openbsd Openssh
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp Solidfire -
Netapp Hci Management Node -
4 Github repositories
7.1
CVSSv3
CVE-2019-25048
LibreSSL 2.9.1 up to and including 3.2.1 has a heap-based buffer over-read in do_print_ex (called from asn1_item_print_ctx and ASN1_item_print).
Openbsd Libressl
7.1
CVSSv3
CVE-2019-25049
LibreSSL 2.9.1 up to and including 3.2.1 has an out-of-bounds read in asn1_item_print_ctx (called from asn1_template_print_ctx).
Openbsd Libressl
7.5
CVSSv3
CVE-2010-4816
It was found in FreeBSD 8.0, 6.3 and 4.9, and OpenBSD 4.6 that a null pointer dereference in ftpd/popen.c may lead to remote denial of service of the ftpd service.
Openbsd Openbsd 4.6
Openbsd Openbsd 4.9
Openbsd Openbsd 6.3
Openbsd Openbsd 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »