Total
187 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-8460 | 1 Openbsd | 1 Openbsd | 2021-08-02 | 5.0 MEDIUM | 7.5 HIGH |
| OpenBSD kernel version <= 6.5 can be forced to create long chains of TCP SACK holes that causes very expensive calls to tcp_sack_option() for every incoming SACK packet which can lead to a denial of service. | |||||
| CVE-2019-19519 | 1 Openbsd | 1 Openbsd | 2021-07-21 | 4.6 MEDIUM | 7.8 HIGH |
| In OpenBSD 6.6, local users can use the su -L option to achieve any login class (often excluding root) because there is a logic error in the main function in su/su.c. | |||||
| CVE-2004-0492 | 5 Apache, Hp, Ibm and 2 more | 7 Http Server, Virtualvault, Vvos and 4 more | 2021-06-06 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied. | |||||
| CVE-2019-19520 | 1 Openbsd | 1 Openbsd | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| xlock in OpenBSD 6.6 allows local users to gain the privileges of the auth group by providing a LIBGL_DRIVERS_PATH environment variable, because xenocara/lib/mesa/src/loader/loader.c mishandles dlopen. | |||||
| CVE-2019-19522 | 1 Openbsd | 1 Openbsd | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| OpenBSD 6.6, in a non-default configuration where S/Key or YubiKey authentication is enabled, allows local users to become root by leveraging membership in the auth group. This occurs because root's file can be written to /etc/skey or /var/db/yubikey, and need not be owned by root. | |||||
| CVE-2019-6724 | 4 Apple, Barracuda, Linux and 1 more | 4 Mac Os X, Vpn Client, Linux Kernel and 1 more | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| The barracudavpn component of the Barracuda VPN Client prior to version 5.0.2.7 for Linux, macOS, and OpenBSD runs as a privileged process and can allow an unprivileged local attacker to load a malicious library, resulting in arbitrary code executing as root. | |||||
| CVE-2011-3336 | 4 Apple, Freebsd, Openbsd and 1 more | 4 Mac Os X, Freebsd, Openbsd and 1 more | 2020-02-18 | 7.8 HIGH | 7.5 HIGH |
| regcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion. | |||||
| CVE-2001-0247 | 5 Freebsd, Mit, Netbsd and 2 more | 5 Freebsd, Kerberos 5, Netbsd and 2 more | 2020-01-21 | 10.0 HIGH | N/A |
| Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3. | |||||
| CVE-2003-0028 | 10 Cray, Freebsd, Gnu and 7 more | 13 Unicos, Freebsd, Glibc and 10 more | 2020-01-21 | 7.5 HIGH | N/A |
| Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391. | |||||
| CVE-2012-1577 | 3 Debian, Dietlibc Project, Openbsd | 3 Debian Linux, Dietlibc, Openbsd | 2019-12-17 | 7.5 HIGH | 9.8 CRITICAL |
| lib/libc/stdlib/random.c in OpenBSD returns 0 when seeded with 0. | |||||
| CVE-2019-19521 | 1 Openbsd | 1 Openbsd | 2019-12-12 | 7.5 HIGH | 9.8 CRITICAL |
| libc in OpenBSD 6.6 allows authentication bypass via the -schallenge username, as demonstrated by smtpd, ldapd, or radiusd. This is related to gen/auth_subr.c and gen/authenticate.c in libc (and login/login.c and xenocara/app/xenodm/greeter/verify.c). | |||||
| CVE-2017-5850 | 1 Openbsd | 1 Openbsd | 2019-10-02 | 7.8 HIGH | 7.5 HIGH |
| httpd in OpenBSD allows remote attackers to cause a denial of service (memory consumption) via a series of requests for a large file using an HTTP Range header. | |||||
| CVE-2017-1000372 | 1 Openbsd | 1 Openbsd | 2019-10-02 | 7.5 HIGH | 9.8 CRITICAL |
| A flaw exists in OpenBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using setuid binaries such as /usr/bin/at. This affects OpenBSD 6.1 and possibly earlier versions. | |||||
| CVE-2005-0356 | 9 Alaxala, Cisco, F5 and 6 more | 76 Alaxala Networks, Agent Desktop, Aironet Ap1200 and 73 more | 2019-04-30 | 5.0 MEDIUM | N/A |
| Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old. | |||||
| CVE-2009-0689 | 5 Freebsd, K-meleon Project, Mozilla and 2 more | 6 Freebsd, K-meleon, Firefox and 3 more | 2018-11-02 | 6.8 MEDIUM | N/A |
| Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number. | |||||
| CVE-1999-0674 | 3 Netbsd, Openbsd, Sun | 4 Netbsd, Openbsd, Solaris and 1 more | 2018-10-30 | 7.2 HIGH | N/A |
| The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve. | |||||
| CVE-2002-1345 | 3 Ncftp Software, Openbsd, Sun | 4 Ncftp, Openbsd, Solaris and 1 more | 2018-10-30 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences. | |||||
| CVE-2001-1244 | 7 Freebsd, Hp, Linux and 4 more | 9 Freebsd, Hp-ux, Vvos and 6 more | 2018-10-30 | 5.0 MEDIUM | N/A |
| Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process. | |||||
| CVE-2002-0572 | 3 Freebsd, Openbsd, Sun | 4 Freebsd, Openbsd, Solaris and 1 more | 2018-10-30 | 7.2 HIGH | N/A |
| FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which may then be reused by a called setuid process that intended to perform I/O on normal files. | |||||
| CVE-2002-0391 | 3 Freebsd, Openbsd, Sun | 4 Freebsd, Openbsd, Solaris and 1 more | 2018-10-30 | 10.0 HIGH | N/A |
| Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd. | |||||