Openbsd

openbsd

Vendor: Openbsd • 198 CVEs

CVEs (198)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2010-4816 1Openbsd 1Openbsd Nov 21, 2024 Jun 22, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 It was found in FreeBSD 8.0, 6.3 and 4.9, and OpenBSD 4.6 that a null pointer dereference in ftpd/popen.c may lead to remote denial of service of the ftpd service.
CVE-2020-26142 1Openbsd 1Openbsd Nov 21, 2024 May 11, 2021 N/A· v4 5.3 MEDIUM· v3 2.6 LOW· v2 An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can abuse this to inject arbitrary network packets, independent of t...Show more An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can abuse this to inject arbitrary network packets, independent of the network configuration.Show less
CVE-2020-16088 1Openbsd 1Openbsd Nov 21, 2024 Jul 28, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 iked in OpenIKED, as used in OpenBSD through 6.7, allows authentication bypass because ca.c has the wrong logic for checking whether a public key matches.
CVE-2011-3336 4Apple FreebsdOpenbsd+1 more 4Freebsd Mac Os XOpenbsd+1 more Nov 21, 2024 Feb 12, 2020 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 regcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion.
CVE-2019-19726 1Openbsd 1Openbsd Nov 21, 2024 Dec 12, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 OpenBSD through 6.6 allows local users to escalate to root because a check for LD_LIBRARY_PATH in setuid programs can be defeated by setting a very small RLIMIT_DATA resource limit. When executing chpass or passwd (which...Show more OpenBSD through 6.6 allows local users to escalate to root because a check for LD_LIBRARY_PATH in setuid programs can be defeated by setting a very small RLIMIT_DATA resource limit. When executing chpass or passwd (which are setuid root), _dl_setup_env in ld.so tries to strip LD_LIBRARY_PATH from the environment, but fails when it cannot allocate memory. Thus, the attacker is able to execute their own library code as root.Show less
CVE-2019-14899 4Apple FreebsdLinux+1 more 8Freebsd IpadosIphone Os+5 more Nov 21, 2024 Dec 11, 2019 N/A· v4 7.4 HIGH· v3 4.9 MEDIUM· v2 A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences abou...Show more A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream. This provides everything that is needed for an attacker to hijack active connections inside the VPN tunnel.Show less
CVE-2012-1577 3Debian Dietlibc ProjectOpenbsd 3Debian Linux DietlibcOpenbsd Nov 21, 2024 Dec 10, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 lib/libc/stdlib/random.c in OpenBSD returns 0 when seeded with 0.
CVE-2019-19522 1Openbsd 1Openbsd Nov 21, 2024 Dec 5, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 OpenBSD 6.6, in a non-default configuration where S/Key or YubiKey authentication is enabled, allows local users to become root by leveraging membership in the auth group. This occurs because root's file can be written t...Show more OpenBSD 6.6, in a non-default configuration where S/Key or YubiKey authentication is enabled, allows local users to become root by leveraging membership in the auth group. This occurs because root's file can be written to /etc/skey or /var/db/yubikey, and need not be owned by root.Show less
CVE-2019-19521 1Openbsd 1Openbsd Nov 21, 2024 Dec 5, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 libc in OpenBSD 6.6 allows authentication bypass via the -schallenge username, as demonstrated by smtpd, ldapd, or radiusd. This is related to gen/auth_subr.c and gen/authenticate.c in libc (and login/login.c and xenocar...Show more libc in OpenBSD 6.6 allows authentication bypass via the -schallenge username, as demonstrated by smtpd, ldapd, or radiusd. This is related to gen/auth_subr.c and gen/authenticate.c in libc (and login/login.c and xenocara/app/xenodm/greeter/verify.c).Show less
CVE-2019-19520 1Openbsd 1Openbsd Nov 21, 2024 Dec 5, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 xlock in OpenBSD 6.6 allows local users to gain the privileges of the auth group by providing a LIBGL_DRIVERS_PATH environment variable, because xenocara/lib/mesa/src/loader/loader.c mishandles dlopen.
CVE-2019-19519 1Openbsd 1Openbsd Nov 21, 2024 Dec 5, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 In OpenBSD 6.6, local users can use the su -L option to achieve any login class (often excluding root) because there is a logic error in the main function in su/su.c.
CVE-2019-8460 1Openbsd 1Openbsd Nov 21, 2024 Aug 26, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 OpenBSD kernel version <= 6.5 can be forced to create long chains of TCP SACK holes that causes very expensive calls to tcp_sack_option() for every incoming SACK packet which can lead to a denial of service.
CVE-2018-14775 1Openbsd 1Openbsd Nov 21, 2024 Aug 1, 2018 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 tss_alloc in sys/arch/i386/i386/gdt.c in OpenBSD 6.2 and 6.3 has a Local Denial of Service (system crash) due to incorrect I/O port access control on the i386 architecture.
CVE-2017-1000373 1Openbsd 1Openbsd May 13, 2026 Jun 19, 2017 N/A· v4 6.5 MEDIUM· v3 6.4 MEDIUM· v2 The OpenBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consu...Show more The OpenBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in arbitrary code execution attacks. This affects OpenBSD 6.1 and possibly earlier versions.Show less
CVE-2017-1000372 1Openbsd 1Openbsd May 13, 2026 Jun 19, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A flaw exists in OpenBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using setuid binaries such as /usr/bin/at. This affects OpenBSD 6.1 and possibly...Show more A flaw exists in OpenBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using setuid binaries such as /usr/bin/at. This affects OpenBSD 6.1 and possibly earlier versions.Show less
CVE-2017-5850 1Openbsd 1Openbsd May 13, 2026 Mar 27, 2017 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 httpd in OpenBSD allows remote attackers to cause a denial of service (memory consumption) via a series of requests for a large file using an HTTP Range header.
CVE-2016-6522 1Openbsd 1Openbsd May 13, 2026 Mar 7, 2017 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 Integer overflow in the uvm_map_isavail function in uvm/uvm_map.c in OpenBSD 5.9 allows local users to cause a denial of service (kernel panic) via a crafted mmap call, which triggers the new mapping to overlap with an e...Show more Integer overflow in the uvm_map_isavail function in uvm/uvm_map.c in OpenBSD 5.9 allows local users to cause a denial of service (kernel panic) via a crafted mmap call, which triggers the new mapping to overlap with an existing mapping.Show less
CVE-2016-6350 1Openbsd 1Openbsd May 13, 2026 Mar 7, 2017 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (NULL pointer dereference and panic) via a sysctl call with a path starting with 10,9.
CVE-2016-6247 1Openbsd 1Openbsd May 13, 2026 Mar 7, 2017 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 OpenBSD 5.8 and 5.9 allows certain local users to cause a denial of service (kernel panic) by unmounting a filesystem with an open vnode on the mnt_vnodelist.
CVE-2016-6246 1Openbsd 1Openbsd May 13, 2026 Mar 7, 2017 N/A· v4 4.4 MEDIUM· v3 4.9 MEDIUM· v2 OpenBSD 5.8 and 5.9 allows certain local users with kern.usermount privileges to cause a denial of service (kernel panic) by mounting a tmpfs with a VNOVAL in the (1) username, (2) groupname, or (3) device name of the ro...Show more OpenBSD 5.8 and 5.9 allows certain local users with kern.usermount privileges to cause a denial of service (kernel panic) by mounting a tmpfs with a VNOVAL in the (1) username, (2) groupname, or (3) device name of the root node.Show less

Previous 123 4 5...10 Next