Vulnerabilities > Openbsd
|2021-07-01||CVE-2019-25048|| Out-Of-Bounds Read vulnerability in Openbsd Libressl |
LibreSSL 2.9.1 through 3.2.1 has a heap-based buffer over-read in do_print_ex (called from asn1_item_print_ctx and ASN1_item_print).
| 5.8 |
|2021-07-01||CVE-2019-25049|| Out-Of-Bounds Read vulnerability in Openbsd Libressl |
LibreSSL 2.9.1 through 3.2.1 has an out-of-bounds read in asn1_item_print_ctx (called from asn1_template_print_ctx).
| 5.8 |
|2021-06-22||CVE-2010-4816|| Null Pointer Dereference vulnerability in Openbsd |
It was found in FreeBSD 8.0, 6.3 and 4.9, and OpenBSD 4.6 that a null pointer dereference in ftpd/popen.c may lead to remote denial of service of the ftpd service.
| 5.0 |
|2021-05-11||CVE-2020-26142|| Injection vulnerability in Openbsd 6.6 |
An issue was discovered in the kernel in OpenBSD 6.6.
| 5.0 |
|2021-03-05||CVE-2021-28041|| Double Free vulnerability in multiple products |
ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.
| 4.6 |
|2020-07-28||CVE-2020-16088|| Authorization Bypass Through User-Controlled KEY vulnerability in Openbsd |
iked in OpenIKED, as used in OpenBSD through 6.7, allows authentication bypass because ca.c has the wrong logic for checking whether a public key matches.
| 7.5 |
|2020-07-24||CVE-2020-15778|| OS Command Injection vulnerability in multiple products |
** DISPUTED ** scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument.
| 6.8 |
|2020-06-29||CVE-2020-14145|| Information Exposure vulnerability in multiple products |
The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation.
| 4.3 |
|2020-06-01||CVE-2020-12062|| Improper Input Validation vulnerability in Openbsd Openssh 8.2 |
** DISPUTED ** The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a malicious unprivileged user on the remote server to overwrite arbitrary files in the client's download directory by creating a crafted subdirectory anywhere on the remote server.
| 5.0 |
|2020-02-12||CVE-2011-3336|| Resource Exhaustion vulnerability in multiple products |
regcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion.
| 7.8 |