Vulnerabilities (CVE)

Filtered by vendor Openbsd Subscribe
Filtered by product Openbsd
Total 192 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-6397 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2024-08-07 4.4 MEDIUM N/A
** DISPUTED ** Integer overflow in banner/banner.c in FreeBSD, NetBSD, and OpenBSD might allow local users to modify memory via a long banner. NOTE: CVE and multiple third parties dispute this issue. Since banner is not setuid, an exploit would not cross privilege boundaries in normal operations. This issue is not a vulnerability.
CVE-1999-0052 3 Bsdi, Freebsd, Openbsd 3 Bsd Os, Freebsd, Openbsd 2024-08-01 5.0 MEDIUM 7.5 HIGH
IP fragmentation denial of service in FreeBSD allows a remote attacker to cause a crash.
CVE-2023-29323 2 Openbsd, Opensmtpd 2 Openbsd, Opensmtpd 2024-04-19 N/A 7.8 HIGH
ascii_load_sockaddr in smtpd in OpenBSD before 7.1 errata 024 and 7.2 before errata 020, and OpenSMTPD Portable before 7.0.0-portable commit f748277, can abort upon a connection from a local, scoped IPv6 address.
CVE-2011-0419 7 Apache, Apple, Freebsd and 4 more 8 Http Server, Portable Runtime, Mac Os X and 5 more 2024-04-02 4.3 MEDIUM N/A
Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd.
CVE-2001-1559 1 Openbsd 1 Openbsd 2024-02-16 2.1 LOW 5.5 MEDIUM
The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead of versus rval kernel mode values to the fdrelease function, which allows local users to cause a denial of service and trigger a null dereference.
CVE-2004-0221 1 Openbsd 1 Openbsd 2024-02-15 5.0 MEDIUM N/A
isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with a delete payload containing a large number of SPIs, which triggers an out-of-bounds read error, as demonstrated by the Striker ISAKMP Protocol Test Suite.
CVE-2004-0112 24 4d, Apple, Avaya and 21 more 65 Webstar, Mac Os X, Mac Os X Server and 62 more 2024-02-15 5.0 MEDIUM N/A
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
CVE-2003-0078 3 Freebsd, Openbsd, Openssl 3 Freebsd, Openbsd, Openssl 2024-02-14 5.0 MEDIUM N/A
ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the "Vaudenay timing attack."
CVE-2002-0514 1 Openbsd 1 Openbsd 2024-02-14 5.0 MEDIUM N/A
PF in OpenBSD 3.0 with the return-rst rule sets the TTL to 128 in the RST packet, which allows remote attackers to determine if a port is being filtered because the TTL is different than the default TTL.
CVE-2004-0482 1 Openbsd 1 Openbsd 2024-02-14 4.6 MEDIUM N/A
Multiple integer overflows in (1) procfs_cmdline.c, (2) procfs_fpregs.c, (3) procfs_linux.c, (4) procfs_regs.c, (5) procfs_status.c, and (6) procfs_subr.c in procfs for OpenBSD 3.5 and earlier allow local users to read sensitive kernel memory and possibly perform other unauthorized activities.
CVE-2002-1915 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2024-02-08 2.1 LOW 5.5 MEDIUM
tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file.
CVE-2002-0391 4 Freebsd, Microsoft, Openbsd and 1 more 7 Freebsd, Windows 2000, Windows Nt and 4 more 2024-02-08 10.0 HIGH 9.8 CRITICAL
Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd.
CVE-2003-0466 7 Apple, Freebsd, Netbsd and 4 more 8 Mac Os X, Mac Os X Server, Freebsd and 5 more 2024-02-08 10.0 HIGH 9.8 CRITICAL
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
CVE-2021-46880 1 Openbsd 2 Libressl, Openbsd 2024-02-04 N/A 9.8 CRITICAL
x509/x509_verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded.
CVE-2022-48437 1 Openbsd 2 Libressl, Openbsd 2024-02-04 N/A 5.3 MEDIUM
An issue was discovered in x509/x509_verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2 errata 001. x509_verify_ctx_add_chain does not store errors that occur during leaf certificate verification, and therefore an incorrect error is returned. This behavior occurs when there is an installed verification callback that instructs the verifier to continue upon detecting an invalid certificate.
CVE-2023-35784 1 Openbsd 2 Libressl, Openbsd 2024-02-04 N/A 9.8 CRITICAL
A double free or use after free could occur after SSL_clear in OpenBSD 7.2 before errata 026 and 7.3 before errata 004, and in LibreSSL before 3.6.3 and 3.7.x before 3.7.3. NOTE: OpenSSL is not affected.
CVE-2023-27567 1 Openbsd 1 Openbsd 2024-02-04 N/A 7.5 HIGH
In OpenBSD 7.2, a TCP packet with destination port 0 that matches a pf divert-to rule can crash the kernel.
CVE-2022-27881 1 Openbsd 1 Openbsd 2024-02-04 5.0 MEDIUM 7.5 HIGH
engine.c in slaacd in OpenBSD 6.9 and 7.0 before 2022-02-21 has a buffer overflow triggerable by an IPv6 router advertisement with more than seven nameservers. NOTE: privilege separation and pledge can prevent exploitation.
CVE-2022-27882 1 Openbsd 1 Openbsd 2024-02-04 5.0 MEDIUM 7.5 HIGH
slaacd in OpenBSD 6.9 and 7.0 before 2022-03-22 has an integer signedness error and resultant heap-based buffer overflow triggerable by a crafted IPv6 router advertisement. NOTE: privilege separation and pledge can prevent exploitation.
CVE-2010-4816 1 Openbsd 1 Openbsd 2024-02-04 5.0 MEDIUM 7.5 HIGH
It was found in FreeBSD 8.0, 6.3 and 4.9, and OpenBSD 4.6 that a null pointer dereference in ftpd/popen.c may lead to remote denial of service of the ftpd service.