Vulnerabilities > Openbsd > High

DATE CVE VULNERABILITY TITLE RISK
2021-03-05 CVE-2021-28041 Double Free vulnerability in multiple products
ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.
network
high complexity
openbsd fedoraproject netapp oracle CWE-415
7.1
2020-07-24 CVE-2020-15778 OS Command Injection vulnerability in multiple products
scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument.
local
low complexity
openbsd netapp broadcom CWE-78
7.8
2020-06-01 CVE-2020-12062 Improper Input Validation vulnerability in Openbsd Openssh 8.2
The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a malicious unprivileged user on the remote server to overwrite arbitrary files in the client's download directory by creating a crafted subdirectory anywhere on the remote server.
network
low complexity
openbsd CWE-20
7.5
2020-02-12 CVE-2011-3336 Resource Exhaustion vulnerability in multiple products
regcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion.
network
low complexity
freebsd apple openbsd php CWE-400
7.5
2020-01-23 CVE-2015-5333 Resource Exhaustion vulnerability in multiple products
Memory leak in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (memory consumption) via a large number of ASN.1 object identifiers in X.509 certificates.
network
low complexity
openbsd opensuse CWE-400
7.5
2019-12-30 CVE-2012-5663 Incomplete Cleanup vulnerability in Openbsd Textproc/Isearch
The isearch package (textproc/isearch) before 1.47.01nb1 uses the tempnam() function to create insecure temporary files into a publicly-writable area (/tmp).
network
low complexity
openbsd CWE-459
7.5
2019-12-12 CVE-2019-19726 Improper Privilege Management vulnerability in Openbsd
OpenBSD through 6.6 allows local users to escalate to root because a check for LD_LIBRARY_PATH in setuid programs can be defeated by setting a very small RLIMIT_DATA resource limit.
local
low complexity
openbsd CWE-269
7.8
2019-12-11 CVE-2019-14899 A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream.
low complexity
freebsd linux openbsd apple
7.4
2019-12-05 CVE-2019-19522 Incorrect Permission Assignment for Critical Resource vulnerability in Openbsd 6.6
OpenBSD 6.6, in a non-default configuration where S/Key or YubiKey authentication is enabled, allows local users to become root by leveraging membership in the auth group.
local
low complexity
openbsd CWE-732
7.8
2019-12-05 CVE-2019-19520 Incorrect Authorization vulnerability in Openbsd 6.6
xlock in OpenBSD 6.6 allows local users to gain the privileges of the auth group by providing a LIBGL_DRIVERS_PATH environment variable, because xenocara/lib/mesa/src/loader/loader.c mishandles dlopen.
local
low complexity
openbsd CWE-863
7.8