Vulnerabilities (CVE)

Vendor filter

Openbsd Subscribe


273 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-6111 5 Openbsd, Winscp, Canonical and 2 more 5 Openssh, Winscp, Ubuntu Linux and 2 more 2019-05-04 5.8
An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name...
CVE-2019-6109 5 Openbsd, Winscp, Netapp and 2 more 7 Openssh, Winscp, Element Software and 4 more 2019-05-04 4.0
An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control...
CVE-2016-10708 4 Openbsd, Debian, Netapp and 1 more 11 Openssh, Debian Linux, Cloud Backup and 8 more 2019-05-01 5.0
sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.
CVE-2008-4609 11 Bsd, Linux, Cisco and 8 more 26 Windows 98, Windows 98se, Bsd Os and 23 more 2019-04-30 7.1
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple...
CVE-2005-0356 9 Cisco, Freebsd, Microsoft and 6 more 78 Aironet Ap350, Conference Connection, Ciscoworks Access Control List Manager and 75 more 2019-04-30 5.0
Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which...
CVE-2018-20685 7 Openbsd, Netapp, Winscp and 4 more 11 Openssh, Cloud Backup, Element Software and 8 more 2019-04-25 2.6
In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.
CVE-2019-6110 3 Openbsd, Winscp, Netapp 5 Openssh, Winscp, Element Software and 2 more 2019-04-18 4.0
In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.
CVE-2018-15473 5 Openbsd, Debian, Netapp and 2 more 16 Openssh, Debian Linux, Aff Baseboard Management Controller and 13 more 2019-04-16 5.0
OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and...
CVE-2018-15919 2 Openbsd, Netapp 6 Openssh, Cloud Backup, Data Ontap Edge and 3 more 2019-03-07 5.0
Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do...
CVE-2016-0778 5 Sophos, Hp, Apple and 2 more 6 Linux, Openssh, Solaris and 3 more 2019-02-20 4.6
The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which...
CVE-2016-0777 5 Sophos, Hp, Apple and 2 more 6 Linux, Openssh, Remote Device Access Virtual Customer Access System and 3 more 2019-02-20 4.0
The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by...
CVE-2016-6210 1 Openbsd 1 Openssh 2019-02-07 4.3
sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing...
CVE-2009-0689 5 K-meleon Project, Mozilla, Netbsd and 2 more 6 Seamonkey, Freebsd, K-meleon and 3 more 2018-11-02 6.8
Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0,...
CVE-2002-2280 1 Openbsd 1 Openbsd 2018-10-30 2.1
syslogd on OpenBSD 2.9 through 3.2 does not change the source IP address of syslog packets when the machine's IP addressed is changed without rebooting, e.g. via ifconfig, which can cause incorrect information to be sent to the syslog server.
CVE-2002-0572 3 Openbsd, Sun, Freebsd 4 Freebsd, Openbsd, Solaris and 1 more 2018-10-30 7.2
FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which may then...
CVE-2001-1244 7 Linux, Freebsd, Microsoft and 4 more 10 Hp-ux, Windows Nt, Linux Kernel and 7 more 2018-10-30 5.0
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more...
CVE-2002-1345 3 Ncftp Software, Sun, Openbsd 4 Ncftp, Openbsd, Solaris and 1 more 2018-10-30 5.0
Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences.
CVE-2003-0028 10 Freebsd, Sgi, Ibm and 7 more 13 Hp-ux, Hp-ux Series 700, Aix and 10 more 2018-10-30 7.5
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code...
CVE-1999-0674 3 Openbsd, Sun, Netbsd 4 Netbsd, Openbsd, Solaris and 1 more 2018-10-30 7.2
The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.
CVE-2001-0554 8 Freebsd, Sgi, Ibm and 5 more 9 Aix, Solaris, Kerberos and 6 more 2018-10-30 10.0
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.