Filtered by vendor Openbsd
Subscriptions
Filtered by product Openbsd
Subscriptions
Total
199 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-1058 | 1 Openbsd | 1 Openbsd | 2025-04-09 | N/A |
| The tcp_respond function in netinet/tcp_subr.c in OpenBSD 4.1 and 4.2 allows attackers to cause a denial of service (panic) via crafted TCP packets. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-1365 | 1 Openbsd | 1 Openbsd | 2025-04-09 | N/A |
| Buffer overflow in kern/uipc_mbuf2.c in OpenBSD 3.9 and 4.0 allows remote attackers to execute arbitrary code via fragmented IPv6 packets due to "incorrect mbuf handling for ICMP6 packets." NOTE: this was originally reported as a denial of service. | ||||
| CVE-2007-0343 | 1 Openbsd | 1 Openbsd | 2025-04-09 | N/A |
| OpenBSD before 20070116 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via certain IPv6 ICMP (aka ICMP6) echo request packets. | ||||
| CVE-2007-2242 | 5 Freebsd, Ietf, Netbsd and 2 more | 5 Freebsd, Ipv6, Netbsd and 2 more | 2025-04-09 | N/A |
| The IPv6 protocol allows remote attackers to cause a denial of service via crafted IPv6 type 0 route headers (IPV6_RTHDR_TYPE_0) that create network amplification between two routers. | ||||
| CVE-2006-5550 | 2 Freebsd, Openbsd | 2 Freebsd, Openbsd | 2025-04-09 | N/A |
| The kernel in FreeBSD 6.1 and OpenBSD 4.0 allows local users to cause a denial of service via unspecified vectors involving certain ioctl requests to /dev/crypto. | ||||
| CVE-2006-5218 | 2 Netbsd, Openbsd | 2 Netbsd, Openbsd | 2025-04-09 | N/A |
| Integer overflow in the systrace_preprepl function (STRIOCREPLACE) in systrace in OpenBSD 3.9 and NetBSD 3 allows local users to cause a denial of service (crash), gain privileges, or read arbitrary kernel memory via large numeric arguments to the systrace ioctl. | ||||
| CVE-2007-0085 | 1 Openbsd | 1 Openbsd | 2025-04-09 | N/A |
| Unspecified vulnerability in sys/dev/pci/vga_pci.c in the VGA graphics driver for wscons in OpenBSD 3.9 and 4.0, when the kernel is compiled with the PCIAGP option and a non-AGP device is being used, allows local users to gain privileges via unspecified vectors, possibly related to agp_ioctl NULL pointer reference. | ||||
| CVE-2007-6700 | 1 Openbsd | 1 Openbsd | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in cgi-bin/bgplg in the web interface for the BGPD daemon in OpenBSD 4.1 allows remote attackers to inject arbitrary web script or HTML via the cmd parameter. | ||||
| CVE-2006-6164 | 1 Openbsd | 1 Openbsd | 2025-04-09 | N/A |
| The _dl_unsetenv function in loader.c in the ELF ld.so in OpenBSD 3.9 and 4.0 does not properly remove duplicate environment variables, which allows local users to pass dangerous variables such as LD_PRELOAD to loading processes, which might be leveraged to gain privileges. | ||||
| CVE-2006-6397 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2025-04-09 | N/A |
| Integer overflow in banner/banner.c in FreeBSD, NetBSD, and OpenBSD might allow local users to modify memory via a long banner. NOTE: CVE and multiple third parties dispute this issue. Since banner is not setuid, an exploit would not cross privilege boundaries in normal operations. This issue is not a vulnerability | ||||
| CVE-2007-5365 | 5 Debian, Openbsd, Redhat and 2 more | 7 Debian Linux, Openbsd, Enterprise Linux and 4 more | 2025-04-09 | N/A |
| Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU. | ||||
| CVE-2000-1010 | 2 Openbsd, Redhat | 2 Openbsd, Linux | 2025-04-03 | N/A |
| Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters. | ||||
| CVE-2004-0081 | 23 4d, Apple, Avaya and 20 more | 67 Webstar, Mac Os X, Mac Os X Server and 64 more | 2025-04-03 | N/A |
| OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. | ||||
| CVE-1999-1225 | 5 Digital, Linux, Netbsd and 2 more | 5 Ultrix, Linux Kernel, Netbsd and 2 more | 2025-04-03 | N/A |
| rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not. | ||||
| CVE-2004-0492 | 6 Apache, Hp, Ibm and 3 more | 8 Http Server, Virtualvault, Vvos and 5 more | 2025-04-03 | N/A |
| Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied. | ||||
| CVE-2002-1420 | 1 Openbsd | 1 Openbsd | 2025-04-03 | N/A |
| Integer signedness error in select() on OpenBSD 3.1 and earlier allows local users to overwrite arbitrary kernel memory via a negative value for the size parameter, which satisfies the boundary check as a signed integer, but is later used as an unsigned integer during a data copying operation. | ||||
| CVE-2000-1004 | 1 Openbsd | 1 Openbsd | 2025-04-03 | N/A |
| Format string vulnerability in OpenBSD photurisd allows local users to execute arbitrary commands via a configuration file directory name that contains formatting characters. | ||||
| CVE-2002-1345 | 3 Ncftp Software, Openbsd, Sun | 4 Ncftp, Openbsd, Solaris and 1 more | 2025-04-03 | N/A |
| Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences. | ||||
| CVE-2004-0687 | 5 Openbsd, Redhat, Suse and 2 more | 6 Openbsd, Enterprise Linux, Network Satellite and 3 more | 2025-04-03 | N/A |
| Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM image file. | ||||
| CVE-2002-1220 | 3 Freebsd, Isc, Openbsd | 3 Freebsd, Bind, Openbsd | 2025-04-03 | N/A |
| BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size. | ||||