Vulnerabilities > Openbsd

DATE CVE VULNERABILITY TITLE RISK
2022-03-25 CVE-2022-27881 Classic Buffer Overflow vulnerability in Openbsd 6.9/7.0
engine.c in slaacd in OpenBSD 6.9 and 7.0 before 2022-02-21 has a buffer overflow triggerable by an IPv6 router advertisement with more than seven nameservers.
network
low complexity
openbsd CWE-120
5.0
2022-03-25 CVE-2022-27882 Incorrect Conversion between Numeric Types vulnerability in Openbsd 6.9/7.0
slaacd in OpenBSD 6.9 and 7.0 before 2022-03-22 has an integer signedness error and resultant heap-based buffer overflow triggerable by a crafted IPv6 router advertisement.
network
low complexity
openbsd CWE-681
5.0
2022-03-13 CVE-2021-36368 Improper Authentication vulnerability in multiple products
** DISPUTED ** An issue was discovered in OpenSSH before 8.9.
network
high complexity
openbsd debian CWE-287
2.6
2021-09-26 CVE-2021-41617 Improper Privilege Management vulnerability in multiple products
sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected.
4.4
2021-09-24 CVE-2021-41581 Out-of-bounds Read vulnerability in Openbsd Libressl
x509_constraints_parse_mailbox in lib/libcrypto/x509/x509_constraints.c in LibreSSL through 3.4.0 has a stack-based buffer over-read.
network
openbsd CWE-125
4.3
2021-09-15 CVE-2016-20012 ** DISPUTED ** OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct.
network
openbsd netapp
4.3
2021-07-01 CVE-2019-25048 Out-of-bounds Read vulnerability in Openbsd Libressl
LibreSSL 2.9.1 through 3.2.1 has a heap-based buffer over-read in do_print_ex (called from asn1_item_print_ctx and ASN1_item_print).
network
openbsd CWE-125
5.8
2021-07-01 CVE-2019-25049 Out-of-bounds Read vulnerability in Openbsd Libressl
LibreSSL 2.9.1 through 3.2.1 has an out-of-bounds read in asn1_item_print_ctx (called from asn1_template_print_ctx).
network
openbsd CWE-125
5.8
2021-06-22 CVE-2010-4816 NULL Pointer Dereference vulnerability in Openbsd
It was found in FreeBSD 8.0, 6.3 and 4.9, and OpenBSD 4.6 that a null pointer dereference in ftpd/popen.c may lead to remote denial of service of the ftpd service.
network
low complexity
openbsd CWE-476
5.0
2021-05-11 CVE-2020-26142 Injection vulnerability in Openbsd 6.6
An issue was discovered in the kernel in OpenBSD 6.6.
network
high complexity
openbsd CWE-74
2.6