Vulnerabilities > Openbsd

DATE CVE VULNERABILITY TITLE RISK
2023-12-24 CVE-2023-51767 OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit.
local
high complexity
openbsd fedoraproject redhat
7.0
2023-12-18 CVE-2023-51384 Unspecified vulnerability in Openbsd Openssh
In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied.
local
low complexity
openbsd
5.5
2023-12-18 CVE-2023-51385 OS Command Injection vulnerability in multiple products
In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations.
network
low complexity
openbsd debian CWE-78
6.5
2023-12-18 CVE-2023-48795 Improper Validation of Integrity Check Value vulnerability in multiple products
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack.
5.9
2023-08-10 CVE-2023-40216 Missing Authorization vulnerability in Openbsd 7.3
OpenBSD 7.3 before errata 014 is missing an argument-count bounds check in console terminal emulation.
local
low complexity
openbsd CWE-862
5.5
2023-07-20 CVE-2023-38408 Unquoted Search Path or Element vulnerability in multiple products
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system.
network
low complexity
openbsd fedoraproject CWE-428
critical
9.8
2023-06-16 CVE-2023-35784 Use After Free vulnerability in Openbsd Libressl and Openbsd
A double free or use after free could occur after SSL_clear in OpenBSD 7.2 before errata 026 and 7.3 before errata 004, and in LibreSSL before 3.6.3 and 3.7.x before 3.7.3.
network
low complexity
openbsd CWE-416
critical
9.8
2023-04-15 CVE-2021-46880 Improper Certificate Validation vulnerability in Openbsd
x509/x509_verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded.
network
low complexity
openbsd CWE-295
critical
9.8
2023-04-12 CVE-2022-48437 Improper Certificate Validation vulnerability in Openbsd
An issue was discovered in x509/x509_verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2 errata 001.
network
low complexity
openbsd CWE-295
5.3
2023-04-04 CVE-2023-29323 ascii_load_sockaddr in smtpd in OpenBSD before 7.1 errata 024 and 7.2 before errata 020, and OpenSMTPD Portable before 7.0.0-portable commit f748277, can abort upon a connection from a local, scoped IPv6 address.
local
low complexity
openbsd opensmtpd
7.8