Openbsd OpenSSH vulnerabilities
125 known vulnerabilities affecting openbsd/openssh.
Total CVEs
125
CISA KEV
0
Public exploits
24
Exploited in wild
10
Severity breakdown
CRITICAL12HIGH46MEDIUM54LOW13
Vulnerabilities
Page 2 of 7
CVE-2016-1908P2CRITICALCVSS 9.8fixed in 7.22017-04-11
CVE-2016-1908 [CRITICAL] CWE-287 CVE-2016-1908: The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding an
The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SEC
nvdosv
CVE-2003-0190P4MEDIUMCVSS 5.0PoCfixed in 3.6.1v3.6.12003-05-12
CVE-2003-0190 [MEDIUM] CWE-203 CVE-2003-0190: OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support enabled immediately sends an error m
OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support enabled immediately sends an error message when a user does not exist, which allows remote attackers to determine valid usernames via a timing attack.
nvdosv
CVE-2016-10010P3HIGHCVSS 7.0PoC≤ 7.32017-01-05
CVE-2016-10010 [HIGH] CWE-264 CVE-2016-10010: sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain soc
sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.
nvdosv
CVE-2016-0777P3MEDIUMCVSS 6.5v5.0v5.1+20 more2016-01-14
CVE-2016-0777 [MEDIUM] CWE-200 CVE-2016-0777: The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p
The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
nvdosv
CVE-2016-0778P3HIGHCVSS 8.1v5.4v5.5+16 more2016-01-14
CVE-2016-0778 [HIGH] CWE-119 CVE-2016-0778: The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.
The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified othe
nvdosv
CVE-2002-0575P3HIGHCVSS 7.5PoCv2.1v2.1.1+14 more2002-06-18
CVE-2002-0575 [HIGH] CVE-2002-0575: Buffer overflow in OpenSSH before 2.9.9, and 3.x before 3.2.1, with Kerberos/AFS support and Kerbero
Buffer overflow in OpenSSH before 2.9.9, and 3.x before 3.2.1, with Kerberos/AFS support and KerberosTgtPassing or AFSTokenPassing enabled, allows remote and local authenticated users to gain privileges.
nvd
CVE-2008-3234P3MEDIUMCVSS 6.5PoCv4.02008-07-18
CVE-2008-3234 [MEDIUM] CWE-264 CVE-2008-3234: sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticate
sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticated users to obtain access to arbitrary SELinux roles by appending a :/ (colon slash) sequence, followed by the role name, to the username.
nvd
CVE-2006-5229P4LOWCVSS 2.6PoCv4.12006-10-10
CVE-2006-5229 [LOW] CWE-200 CVE-2006-5229: OpenSSH portable 4.1 on SUSE Linux, and possibly other platforms and versions, and possibly under li
OpenSSH portable 4.1 on SUSE Linux, and possibly other platforms and versions, and possibly under limited configurations, allows remote attackers to determine valid usernames via timing discrepancies in which responses take longer for valid usernames than invalid ones, as demonstrated by sshtime. NOTE: as of 20061014, it appears that this issue is depend
nvd
CVE-2023-51385P3MEDIUMCVSS 6.5fixed in 9.62023-12-18
CVE-2023-51385 [MEDIUM] CWE-78 CVE-2023-51385: In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell
In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.
nvdosv
CVE-2006-5051P3HIGHCVSS 8.1≤ 4.42006-09-27
CVE-2006-5051 [HIGH] CWE-415 CVE-2006-5051: Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of ser
Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free.
nvdosv
CVE-2015-6565P4HIGHCVSS 7.2PoCv6.8v6.92015-08-24
CVE-2015-6565 [HIGH] CWE-264 CVE-2015-6565: sshd in OpenSSH 6.8 and 6.9 uses world-writable permissions for TTY devices, which allows local user
sshd in OpenSSH 6.8 and 6.9 uses world-writable permissions for TTY devices, which allows local users to cause a denial of service (terminal disruption) or possibly have unspecified other impact by writing to a device, as demonstrated by writing an escape sequence.
nvd
CVE-2008-5161P4LOWCVSS 3.7PoCv4.7p12008-11-19
CVE-2008-5161 [LOW] CWE-200 CVE-2008-5161: Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4
Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10
nvdosv
CVE-2015-5600P3HIGHCVSS 8.1≤ 6.92015-08-03
CVE-2015-5600 [HIGH] CWE-264 CVE-2015-5600: The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly re
The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInte
nvdosv
CVE-2025-26466P3MEDIUMCVSS 5.9v9.5-p1v9.6+7 more2025-02-28
CVE-2025-26466 [MEDIUM] CWE-770 CVE-2025-26466: A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet
A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the
nvdosv
CVE-2016-8858P3HIGHCVSS 7.5v6.8v6.9+4 more2016-12-09
CVE-2016-8858 [HIGH] CWE-399 CVE-2016-8858: The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers t
The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that "OpenSSH upstream does not consider this as a security issue."
nvdosv
CVE-2023-28531P3CRITICALCVSS 9.8≥ 8.9, < 9.32023-03-17
CVE-2023-28531 [CRITICAL] CWE-284 CVE-2023-28531: ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destinat
ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9.
nvdosv
CVE-2020-15778P3HIGHCVSS 7.4fixed in 8.3v8.32020-07-24
CVE-2020-15778 [HIGH] CWE-78 CVE-2020-15778: scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrate
scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."
nvd
CVE-2002-0639P3CRITICALCVSS 9.8≥ 2.9.9, ≤ 3.32002-07-03
CVE-2002-0639 [CRITICAL] CWE-190 CVE-2002-0639: Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary c
Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using SKEY or BSD_AUTH authentication.
nvdosv
CVE-2010-4478P3CRITICALCVSS 9.8≤ 5.6v1.2+76 more2010-12-06
CVE-2010-4478 [CRITICAL] CVE-2010-4478: OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in
OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.
nvd
CVE-2026-3497P3LOWCVSS 3.6≥ 0, < 1:8.9p1-3ubuntu0.14≥ 0, < 1:9.6p1-3ubuntu13.15+1 more2026-03-12
CVE-2026-3497 [LOW] openssh vulnerabilities
openssh vulnerabilities
Jeremy Brown discovered that the OpenSSH GSSAPI Key Exchange incorrectly
handled disconnecting clients. In non-default configurations where the
GSSAPIKeyExchange setting is enabled, a remote attacker could use this
issue to cause OpenSSH to crash, resulting in a denial of service, or
possibly execute arbitrary code. (CVE-2026-3497)
David Leadbeater discovered that OpenSSH incorrectly handled certain
control characters in usern
osv