Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Openbsd Subscribe
Filtered by product Openbsd
Total 187 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-27567 1 Openbsd 1 Openbsd 2023-03-10 N/A 7.5 HIGH
In OpenBSD 7.2, a TCP packet with destination port 0 that matches a pf divert-to rule can crash the kernel.
CVE-2019-14899 4 Apple, Freebsd, Linux and 1 more 8 Ipados, Iphone Os, Mac Os X and 5 more 2023-03-01 4.9 MEDIUM 7.4 HIGH
A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream. This provides everything that is needed for an attacker to hijack active connections inside the VPN tunnel.
CVE-2011-1013 2 Linux, Openbsd 2 Linux Kernel, Openbsd 2023-02-12 7.2 HIGH N/A
Integer signedness error in the drm_modeset_ctl function in (1) drivers/gpu/drm/drm_irq.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.38 and (2) sys/dev/pci/drm/drm_irq.c in the kernel in OpenBSD before 4.9 allows local users to trigger out-of-bounds write operations, and consequently cause a denial of service (system crash) or possibly have unspecified other impact, via a crafted num_crtcs (aka vb_num) structure member in an ioctl argument.
CVE-2019-19726 1 Openbsd 1 Openbsd 2023-01-30 7.2 HIGH 7.8 HIGH
OpenBSD through 6.6 allows local users to escalate to root because a check for LD_LIBRARY_PATH in setuid programs can be defeated by setting a very small RLIMIT_DATA resource limit. When executing chpass or passwd (which are setuid root), _dl_setup_env in ld.so tries to strip LD_LIBRARY_PATH from the environment, but fails when it cannot allocate memory. Thus, the attacker is able to execute their own library code as root.
CVE-2004-0687 4 Openbsd, Suse, X.org and 1 more 4 Openbsd, Suse Linux, X11r6 and 1 more 2023-01-20 7.5 HIGH N/A
Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM image file.
CVE-2008-4609 12 Bsd, Bsdi, Cisco and 9 more 22 Bsd, Bsd Os, Catalyst Blade Switch 3020 and 19 more 2022-12-14 7.1 HIGH N/A
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.
CVE-2011-0419 9 Apache, Apple, Debian and 6 more 10 Http Server, Portable Runtime, Mac Os X and 7 more 2022-09-19 4.3 MEDIUM N/A
Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd.
CVE-1999-0304 4 Bsdi, Freebsd, Netbsd and 1 more 4 Bsd Os, Freebsd, Netbsd and 1 more 2022-08-17 7.2 HIGH N/A
mmap function in BSD allows local attackers in the kmem group to modify memory through devices.
CVE-1999-0396 2 Netbsd, Openbsd 2 Netbsd, Openbsd 2022-08-17 2.6 LOW N/A
A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service.
CVE-1999-0303 4 Digital, Netbsd, Openbsd and 1 more 5 Osf 1, Netbsd, Openbsd and 2 more 2022-08-17 4.6 MEDIUM N/A
Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames.
CVE-1999-0061 4 Bsdi, Freebsd, Linux and 1 more 4 Bsd Os, Freebsd, Linux Kernel and 1 more 2022-08-17 5.1 MEDIUM N/A
File creation and deletion, and remote execution, in the BSD line printer daemon (lpd).
CVE-2022-27881 1 Openbsd 1 Openbsd 2022-05-12 5.0 MEDIUM 7.5 HIGH
engine.c in slaacd in OpenBSD 6.9 and 7.0 before 2022-02-21 has a buffer overflow triggerable by an IPv6 router advertisement with more than seven nameservers. NOTE: privilege separation and pledge can prevent exploitation.
CVE-2022-27882 1 Openbsd 1 Openbsd 2022-05-12 5.0 MEDIUM 7.5 HIGH
slaacd in OpenBSD 6.9 and 7.0 before 2022-03-22 has an integer signedness error and resultant heap-based buffer overflow triggerable by a crafted IPv6 router advertisement. NOTE: privilege separation and pledge can prevent exploitation.
CVE-2001-0554 9 Debian, Freebsd, Ibm and 6 more 11 Debian Linux, Freebsd, Aix and 8 more 2022-01-21 10.0 HIGH N/A
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.
CVE-2020-16088 1 Openbsd 1 Openbsd 2022-01-04 7.5 HIGH 9.8 CRITICAL
iked in OpenIKED, as used in OpenBSD through 6.7, allows authentication bypass because ca.c has the wrong logic for checking whether a public key matches.
CVE-2020-26142 1 Openbsd 1 Openbsd 2021-12-03 2.6 LOW 5.3 MEDIUM
An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can abuse this to inject arbitrary network packets, independent of the network configuration.
CVE-2004-0112 23 4d, Apple, Avaya and 20 more 65 Webstar, Mac Os X, Mac Os X Server and 62 more 2021-11-08 5.0 MEDIUM N/A
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
CVE-2004-0081 23 4d, Apple, Avaya and 20 more 66 Webstar, Mac Os X, Mac Os X Server and 63 more 2021-11-08 5.0 MEDIUM N/A
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
CVE-2004-0079 23 4d, Apple, Avaya and 20 more 66 Webstar, Mac Os X, Mac Os X Server and 63 more 2021-11-08 5.0 MEDIUM N/A
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
CVE-2010-4816 1 Openbsd 1 Openbsd 2021-09-20 5.0 MEDIUM 7.5 HIGH
It was found in FreeBSD 8.0, 6.3 and 4.9, and OpenBSD 4.6 that a null pointer dereference in ftpd/popen.c may lead to remote denial of service of the ftpd service.