Openbsd OpenSSH vulnerabilities
125 known vulnerabilities affecting openbsd/openssh.
Total CVEs
125
CISA KEV
0
Public exploits
24
Exploited in wild
10
Severity breakdown
CRITICAL12HIGH46MEDIUM54LOW13
Vulnerabilities
Page 7 of 7
CVE-2005-2666P4LOWCVSS 1.2v3.0v3.0.1+28 more2005-08-23
CVE-2005-2666 [LOW] CWE-255 CVE-2005-2666: SSH, as implemented in OpenSSH before 4.0 and possibly other implementations, stores hostnames, IP a
SSH, as implemented in OpenSSH before 4.0 and possibly other implementations, stores hostnames, IP addresses, and keys in plaintext in the known_hosts file, which makes it easier for an attacker that has compromised an SSH user's account to generate a list of additional targets that are more likely to have the same password or key.
nvdosv
CVE-2000-0143P4MEDIUMCVSS 4.6≤ 1.2.1v1.22000-02-11
CVE-2000-0143 [MEDIUM] CVE-2000-0143: The SSH protocol server sshd allows local users without shell access to redirect a TCP connection th
The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP.
nvd
CVE-2026-35388P4LOWCVSS 2.5fixed in 10.32026-04-02
CVE-2026-35388 [LOW] CWE-420 CVE-2026-35388: OpenSSH before 10.3 omits connection multiplexing confirmation for proxy-mode multiplexing sessions.
OpenSSH before 10.3 omits connection multiplexing confirmation for proxy-mode multiplexing sessions.
nvd
CVE-1999-1010P4LOWCVSS 2.1v1.2.271999-12-14
CVE-1999-1010 [LOW] CVE-1999-1010: An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the serv
An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.
nvd
CVE-2008-3259P4LOWCVSS 1.2≤ 5.0v1.2+69 more2008-07-22
CVE-2008-3259 [LOW] CWE-200 CVE-2008-3259: OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration settin
OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a bind to a single IP address, as demonstrated on the HP-UX platform.
nvd
← Previous7 / 7