Vulnerabilities > Openbsd

DATE CVE VULNERABILITY TITLE RISK
2020-07-28 CVE-2020-16088 Authorization Bypass Through User-Controlled KEY vulnerability in Openbsd
iked in OpenIKED, as used in OpenBSD through 6.7, allows authentication bypass because ca.c has the wrong logic for checking whether a public key matches.
network
low complexity
openbsd CWE-639
7.5
2020-07-24 CVE-2020-15778 OS Command Injection vulnerability in Openbsd Openssh
scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument.
network
openbsd CWE-78
6.8
2020-06-29 CVE-2020-14145 Information Exposure vulnerability in Openbsd Openssh
The client side in OpenSSH 5.7 through 8.3 has an Observable Discrepancy leading to an information leak in the algorithm negotiation.
network
openbsd CWE-200
4.3
2020-06-01 CVE-2020-12062 Improper Input Validation vulnerability in Openbsd Openssh 8.2
** DISPUTED ** The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a malicious unprivileged user on the remote server to overwrite arbitrary files in the client's download directory by creating a crafted subdirectory anywhere on the remote server.
network
low complexity
openbsd CWE-20
5.0
2020-02-12 CVE-2011-3336 Resource Exhaustion vulnerability in multiple products
regcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion.
network
low complexity
php apple freebsd openbsd CWE-400
7.8
2020-01-29 CVE-2020-7247 Unchecked Return Value vulnerability in multiple products
smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field.
network
low complexity
openbsd debian CWE-252
critical
10.0
2020-01-23 CVE-2015-5333 Resource Exhaustion vulnerability in multiple products
Memory leak in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (memory consumption) via a large number of ASN.1 object identifiers in X.509 certificates.
network
low complexity
openbsd opensuse CWE-400
5.0
2020-01-23 CVE-2015-5334 Out-Of-Bounds Write vulnerability in multiple products
Off-by-one error in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (program crash) or possible execute arbitrary code via a crafted X.509 certificate, which triggers a stack-based buffer overflow.
network
low complexity
openbsd opensuse CWE-787
7.5
2019-12-30 CVE-2012-5663 Incomplete Cleanup vulnerability in Openbsd Textproc/Isearch
The isearch package (textproc/isearch) before 1.47.01nb1 uses the tempnam() function to create insecure temporary files into a publicly-writable area (/tmp).
network
low complexity
openbsd CWE-459
5.0
2019-12-12 CVE-2019-19726 Improper Privilege Management vulnerability in Openbsd
OpenBSD through 6.6 allows local users to escalate to root because a check for LD_LIBRARY_PATH in setuid programs can be defeated by setting a very small RLIMIT_DATA resource limit.
local
low complexity
openbsd CWE-269
7.2