Filtered by vendor Openbsd
Subscriptions
Filtered by product Openbsd
Subscriptions
Total
195 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-34999 | 1 Openbsd | 1 Openbsd | 2024-09-18 | N/A |
OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of OpenBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the implementation of multicast routing. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel. . Was ZDI-CAN-14540. | ||||
CVE-2009-3572 | 1 Openbsd | 1 Openbsd | 2024-09-17 | N/A |
OpenBSD 4.4, 4.5, and 4.6, when running on an i386 kernel, does not properly handle XMM exceptions, which allows local users to cause a denial of service (kernel panic) via unspecified vectors. | ||||
CVE-2002-2188 | 1 Openbsd | 1 Openbsd | 2024-09-17 | N/A |
OpenBSD before 3.2 allows local users to cause a denial of service (kernel crash) via a call to getrlimit(2) with invalid arguments, possibly due to an integer signedness error. | ||||
CVE-2002-1915 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2024-09-17 | 5.5 Medium |
tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file. | ||||
CVE-2004-2338 | 1 Openbsd | 1 Openbsd | 2024-09-16 | N/A |
OpenBSD 3.3 and 3.4 does not properly parse Accept and Deny rules without netmasks on big-endian 64-bit platforms such as SPARC64, which may allow remote attackers to bypass access restrictions. | ||||
CVE-2006-5550 | 2 Freebsd, Openbsd | 2 Freebsd, Openbsd | 2024-09-16 | N/A |
The kernel in FreeBSD 6.1 and OpenBSD 4.0 allows local users to cause a denial of service via unspecified vectors involving certain ioctl requests to /dev/crypto. | ||||
CVE-2002-2180 | 1 Openbsd | 1 Openbsd | 2024-09-16 | N/A |
The setitimer(2) system call in OpenBSD 2.0 through 3.1 does not properly check certain arguments, which allows local users to write to kernel memory and possibly gain root privileges, possibly via an integer signedness error. | ||||
CVE-2001-1559 | 1 Openbsd | 1 Openbsd | 2024-09-16 | 5.5 Medium |
The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead of versus rval kernel mode values to the fdrelease function, which allows local users to cause a denial of service and trigger a null dereference. | ||||
CVE-2024-43688 | 2 Openbsd, Vixie | 2 Openbsd, Cron | 2024-08-26 | 7.3 High |
cron/entry.c in vixie cron before 9cc8ab1, as used in OpenBSD 7.4 and 7.5, allows a heap-based buffer underflow and memory corruption. NOTE: this issue was introduced during a May 2023 refactoring. | ||||
CVE-2000-1208 | 4 Immunix, Netbsd, Openbsd and 1 more | 4 Immunix, Netbsd, Openbsd and 1 more | 2024-08-08 | N/A |
Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call. | ||||
CVE-2000-1004 | 1 Openbsd | 1 Openbsd | 2024-08-08 | N/A |
Format string vulnerability in OpenBSD photurisd allows local users to execute arbitrary commands via a configuration file directory name that contains formatting characters. | ||||
CVE-2000-1010 | 2 Openbsd, Redhat | 2 Openbsd, Linux | 2024-08-08 | N/A |
Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters. | ||||
CVE-2000-0994 | 1 Openbsd | 1 Openbsd | 2024-08-08 | N/A |
Format string vulnerability in OpenBSD fstat program (and possibly other BSD-based operating systems) allows local users to gain root privileges via the PWD environmental variable. | ||||
CVE-2000-0995 | 1 Openbsd | 1 Openbsd | 2024-08-08 | N/A |
Format string vulnerability in OpenBSD yp_passwd program (and possibly other BSD-based operating systems) allows attackers to gain root privileges a malformed name. | ||||
CVE-2000-0993 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2024-08-08 | N/A |
Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd. | ||||
CVE-2000-0996 | 1 Openbsd | 1 Openbsd | 2024-08-08 | N/A |
Format string vulnerability in OpenBSD su program (and possibly other BSD-based operating systems) allows local attackers to gain root privileges via a malformed shell. | ||||
CVE-2000-0997 | 2 Netbsd, Openbsd | 2 Netbsd, Openbsd | 2024-08-08 | N/A |
Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, and possibly other operating systems allows local attackers to gain root privileges. | ||||
CVE-2000-0962 | 1 Openbsd | 1 Openbsd | 2024-08-08 | N/A |
The IPSEC implementation in OpenBSD 2.7 does not properly handle empty AH/ESP packets, which allows remote attackers to cause a denial of service. | ||||
CVE-2000-0914 | 1 Openbsd | 1 Openbsd | 2024-08-08 | N/A |
OpenBSD 2.6 and earlier allows remote attackers to cause a denial of service by flooding the server with ARP requests. | ||||
CVE-2000-0750 | 3 Netbsd, Openbsd, Redhat | 3 Netbsd, Openbsd, Linux | 2024-08-08 | N/A |
Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name. |