Total
194 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0309 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 2.1 LOW | N/A |
| The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a local user to cause a denial of service. | |||||
| CVE-2002-1915 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2025-04-03 | 2.1 LOW | 5.5 MEDIUM |
| tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file. | |||||
| CVE-1999-0052 | 3 Bsdi, Freebsd, Openbsd | 3 Bsd Os, Freebsd, Openbsd | 2025-04-03 | 5.0 MEDIUM | 7.5 HIGH |
| IP fragmentation denial of service in FreeBSD allows a remote attacker to cause a crash. | |||||
| CVE-2003-0144 | 4 Bsd, Freebsd, Lprold and 1 more | 4 Lpr, Freebsd, Lprold and 1 more | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in the lprm command in the lprold lpr package on SuSE 7.1 through 7.3, OpenBSD 3.2 and earlier, and possibly other operating systems, allows local users to gain root privileges via long command line arguments such as (1) request ID or (2) user name. | |||||
| CVE-2000-1010 | 2 Openbsd, Redhat | 2 Openbsd, Linux | 2025-04-03 | 10.0 HIGH | N/A |
| Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters. | |||||
| CVE-2000-0993 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2025-04-03 | 7.2 HIGH | N/A |
| Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd. | |||||
| CVE-2001-0268 | 2 Netbsd, Openbsd | 2 Netbsd, Openbsd | 2025-04-03 | 7.2 HIGH | N/A |
| The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address. | |||||
| CVE-2003-0804 | 3 Apple, Freebsd, Openbsd | 4 Mac Os X, Mac Os X Server, Freebsd and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| The arplookup function in FreeBSD 5.1 and earlier, Mac OS X before 10.2.8, and possibly other BSD-based systems, allows remote attackers on a local subnet to cause a denial of service (resource starvation and panic) via a flood of spoofed ARP requests. | |||||
| CVE-2002-2092 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2025-04-03 | 3.7 LOW | N/A |
| Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid. | |||||
| CVE-2004-0417 | 5 Cvs, Gentoo, Openbsd and 2 more | 5 Cvs, Linux, Openbsd and 2 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space. | |||||
| CVE-2002-1345 | 3 Ncftp Software, Openbsd, Sun | 4 Ncftp, Openbsd, Solaris and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences. | |||||
| CVE-2002-1221 | 3 Freebsd, Isc, Openbsd | 3 Freebsd, Bind, Openbsd | 2025-04-03 | 5.0 MEDIUM | N/A |
| BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference. | |||||
| CVE-2000-0962 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 5.0 MEDIUM | N/A |
| The IPSEC implementation in OpenBSD 2.7 does not properly handle empty AH/ESP packets, which allows remote attackers to cause a denial of service. | |||||
| CVE-1999-0062 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 7.2 HIGH | N/A |
| The chpass command in OpenBSD allows a local user to gain root access through file descriptor leakage. | |||||
| CVE-2004-0222 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple memory leaks in isakmpd in OpenBSD 3.4 and earlier allow remote attackers to cause a denial of service (memory exhaustion) via certain ISAKMP packets, as demonstrated by the Striker ISAKMP Protocol Test Suite. | |||||
| CVE-2001-0247 | 5 Freebsd, Mit, Netbsd and 2 more | 5 Freebsd, Kerberos 5, Netbsd and 2 more | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3. | |||||
| CVE-1999-0483 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 2.1 LOW | N/A |
| OpenBSD crash using nlink value in FFS and EXT2FS filesystems. | |||||
| CVE-2002-2180 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 6.8 MEDIUM | N/A |
| The setitimer(2) system call in OpenBSD 2.0 through 3.1 does not properly check certain arguments, which allows local users to write to kernel memory and possibly gain root privileges, possibly via an integer signedness error. | |||||
| CVE-2002-0557 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 7.5 HIGH | N/A |
| Vulnerability in OpenBSD 3.0, when using YP with netgroups in the password database, causes (1) rexec or (2) rsh to run another user's shell, or (3) atrun to change to a different user's directory, possibly due to memory allocation failures or an incorrect call to auth_approval(). | |||||
| CVE-1999-0724 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in OpenBSD procfs and fdescfs file systems via uio_offset in the readdir() function. | |||||