Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openbsd vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-0542
mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cron.
Openbsd Openbsd 3.0
Openbsd Openbsd 2.9
1 EDB exploit
7.5
CVSSv3
CVE-2022-27881
engine.c in slaacd in OpenBSD 6.9 and 7.0 prior to 2022-02-21 has a buffer overflow triggerable by an IPv6 router advertisement with more than seven nameservers. NOTE: privilege separation and pledge can prevent exploitation.
Openbsd Openbsd 7.0
Openbsd Openbsd 6.9
7.5
CVSSv3
CVE-2022-27882
slaacd in OpenBSD 6.9 and 7.0 prior to 2022-03-22 has an integer signedness error and resultant heap-based buffer overflow triggerable by a crafted IPv6 router advertisement. NOTE: privilege separation and pledge can prevent exploitation.
Openbsd Openbsd 6.9
Openbsd Openbsd 7.0
NA
CVE-2001-0053
One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote malicious users to gain root privileges.
David Madore Ftpd-bsd 0.2.3
Openbsd Openbsd 2.6
Openbsd Openbsd 2.7
Netbsd Netbsd 1.4.2
Netbsd Netbsd 1.5
Openbsd Openbsd 2.4
Openbsd Openbsd 2.5
Netbsd Netbsd 1.4
Netbsd Netbsd 1.4.1
Openbsd Openbsd 2.8
2 EDB exploits
NA
CVE-2001-1459
OpenSSH 2.9 and previous versions does not initiate a Pluggable Authentication Module (PAM) session if commands are executed with no pty, which allows local users to bypass resource limits (rlimits) set in pam.d.
Openbsd Openssh 2.3
Openbsd Openssh 2.5
Openbsd Openssh 2.5.1
Openbsd Openssh 2.5.2
Openbsd Openssh 2.1.1
Openbsd Openssh 2.2
Openbsd Openssh 2.1
Openbsd Openssh 2.9
NA
CVE-2014-2653
The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and previous versions allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.
Openbsd Openssh 6.4
Openbsd Openssh 6.3
Openbsd Openssh 6.5
Openbsd Openssh 6.2
Openbsd Openssh 6.1
Openbsd Openssh 6.0
Openbsd Openssh
7.8
CVSSv3
CVE-2023-29323
ascii_load_sockaddr in smtpd in OpenBSD prior to 7.1 errata 024 and 7.2 before errata 020, and OpenSMTPD Portable prior to 7.0.0-portable commit f748277, can abort upon a connection from a local, scoped IPv6 address.
Openbsd Openbsd 7.2
Opensmtpd Opensmtpd
Openbsd Openbsd 7.1
5.3
CVSSv3
CVE-2022-48437
An issue exists in x509/x509_verify.c in LibreSSL prior to 3.6.1, and in OpenBSD prior to 7.2 errata 001. x509_verify_ctx_add_chain does not store errors that occur during leaf certificate verification, and therefore an incorrect error is returned. This behavior occurs when there...
Openbsd Openbsd
Openbsd Libressl
9.8
CVSSv3
CVE-2021-46880
x509/x509_verify.c in LibreSSL prior to 3.4.2, and OpenBSD prior to 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded.
Openbsd Openbsd
Openbsd Libressl
NA
CVE-2000-0751
mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote malicious users to execute arbitrary commands.
Openbsd Openbsd 2.7
Redhat Linux 6.1
Redhat Linux 6.2
Netbsd Netbsd 1.4.1
Netbsd Netbsd 1.4.2
Openbsd Openbsd 2.4
Openbsd Openbsd 2.5
Openbsd Openbsd 2.6
Redhat Linux 6.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »