Filtered by vendor Openbsd
Subscriptions
Filtered by product Openbsd
Subscriptions
Total
206 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-6247 | 1 Openbsd | 1 Openbsd | 2025-04-20 | N/A |
| OpenBSD 5.8 and 5.9 allows certain local users to cause a denial of service (kernel panic) by unmounting a filesystem with an open vnode on the mnt_vnodelist. | ||||
| CVE-2017-1000372 | 1 Openbsd | 1 Openbsd | 2025-04-20 | N/A |
| A flaw exists in OpenBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using setuid binaries such as /usr/bin/at. This affects OpenBSD 6.1 and possibly earlier versions. | ||||
| CVE-2016-6522 | 1 Openbsd | 1 Openbsd | 2025-04-20 | N/A |
| Integer overflow in the uvm_map_isavail function in uvm/uvm_map.c in OpenBSD 5.9 allows local users to cause a denial of service (kernel panic) via a crafted mmap call, which triggers the new mapping to overlap with an existing mapping. | ||||
| CVE-2016-6246 | 1 Openbsd | 1 Openbsd | 2025-04-20 | N/A |
| OpenBSD 5.8 and 5.9 allows certain local users with kern.usermount privileges to cause a denial of service (kernel panic) by mounting a tmpfs with a VNOVAL in the (1) username, (2) groupname, or (3) device name of the root node. | ||||
| CVE-2017-1000373 | 1 Openbsd | 1 Openbsd | 2025-04-20 | N/A |
| The OpenBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in arbitrary code execution attacks. This affects OpenBSD 6.1 and possibly earlier versions. | ||||
| CVE-2016-6242 | 1 Openbsd | 1 Openbsd | 2025-04-20 | N/A |
| OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (assertion failure and kernel panic) via a large ident value in a kevent system call. | ||||
| CVE-2016-6240 | 1 Openbsd | 1 Openbsd | 2025-04-20 | N/A |
| Integer truncation error in the amap_alloc function in OpenBSD 5.8 and 5.9 allows local users to execute arbitrary code with kernel privileges via a large size value. | ||||
| CVE-2014-7250 | 4 Bsd, Freebsd, Netbsd and 1 more | 4 Bsd, Freebsd, Netbsd and 1 more | 2025-04-12 | N/A |
| The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service (resource consumption) via crafted packets. | ||||
| CVE-2010-4755 | 3 Freebsd, Netbsd, Openbsd | 4 Freebsd, Netbsd, Openbsd and 1 more | 2025-04-11 | N/A |
| The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632. | ||||
| CVE-2011-0419 | 10 Apache, Apple, Debian and 7 more | 12 Http Server, Portable Runtime, Mac Os X and 9 more | 2025-04-11 | N/A |
| Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd. | ||||
| CVE-2011-1013 | 3 Linux, Openbsd, Redhat | 4 Linux Kernel, Openbsd, Enterprise Linux and 1 more | 2025-04-11 | N/A |
| Integer signedness error in the drm_modeset_ctl function in (1) drivers/gpu/drm/drm_irq.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.38 and (2) sys/dev/pci/drm/drm_irq.c in the kernel in OpenBSD before 4.9 allows local users to trigger out-of-bounds write operations, and consequently cause a denial of service (system crash) or possibly have unspecified other impact, via a crafted num_crtcs (aka vb_num) structure member in an ioctl argument. | ||||
| CVE-2011-2168 | 1 Openbsd | 1 Openbsd | 2025-04-11 | N/A |
| Multiple integer overflows in the glob implementation in libc in OpenBSD before 4.9 might allow context-dependent attackers to have an unspecified impact via a crafted string, related to the GLOB_APPEND and GLOB_DOOFFS flags, a different issue than CVE-2011-0418. | ||||
| CVE-2011-2895 | 6 Freebsd, Freetype, Netbsd and 3 more | 7 Freebsd, Freetype, Netbsd and 4 more | 2025-04-11 | N/A |
| The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896. | ||||
| CVE-2010-4754 | 4 Apple, Freebsd, Netbsd and 1 more | 4 Mac Os X, Freebsd, Netbsd and 1 more | 2025-04-11 | N/A |
| The glob implementation in libc in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, and OpenBSD 4.7, and Libsystem in Apple Mac OS X before 10.6.8, allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632. | ||||
| CVE-2008-0384 | 1 Openbsd | 1 Openbsd | 2025-04-09 | N/A |
| OpenBSD 4.2 allows local users to cause a denial of service (kernel panic) by calling the SIOCGIFRTLABEL IOCTL on an interface that does not have a route label, which triggers a NULL pointer dereference when the return value from the rtlabel_id2name function is not checked. | ||||
| CVE-2008-1215 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2025-04-09 | N/A |
| Stack-based buffer overflow in the command_Expand_Interpret function in command.c in ppp (aka user-ppp), as distributed in FreeBSD 6.3 and 7.0, OpenBSD 4.1 and 4.2, and the net/userppp package for NetBSD, allows local users to gain privileges via long commands containing "~" characters. | ||||
| CVE-2008-2476 | 6 Force10, Freebsd, Juniper and 3 more | 6 Ftos, Freebsd, Jnos and 3 more | 2025-04-09 | N/A |
| The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB). | ||||
| CVE-2007-6700 | 1 Openbsd | 1 Openbsd | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in cgi-bin/bgplg in the web interface for the BGPD daemon in OpenBSD 4.1 allows remote attackers to inject arbitrary web script or HTML via the cmd parameter. | ||||
| CVE-2006-6164 | 1 Openbsd | 1 Openbsd | 2025-04-09 | N/A |
| The _dl_unsetenv function in loader.c in the ELF ld.so in OpenBSD 3.9 and 4.0 does not properly remove duplicate environment variables, which allows local users to pass dangerous variables such as LD_PRELOAD to loading processes, which might be leveraged to gain privileges. | ||||
| CVE-2009-0689 | 6 Freebsd, K-meleon Project, Mozilla and 3 more | 9 Freebsd, K-meleon, Firefox and 6 more | 2025-04-09 | N/A |
| Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number. | ||||