Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openbsd openbsd vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2016-1907
The ssh_packet_read_poll2 function in packet.c in OpenSSH prior to 7.1p2 allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) via crafted network traffic.
Openbsd Openssh 6.9
Openbsd Openssh 6.8
Openbsd Openssh 7.0
Openbsd Openssh 7.1
NA
CVE-2008-1215
Stack-based buffer overflow in the command_Expand_Interpret function in command.c in ppp (aka user-ppp), as distributed in FreeBSD 6.3 and 7.0, OpenBSD 4.1 and 4.2, and the net/userppp package for NetBSD, allows local users to gain privileges via long commands containing "~&...
Openbsd Openbsd 4.1
Freebsd Freebsd 6.3
Netbsd Netbsd
Freebsd Freebsd 7.0
Openbsd Openbsd 4.2
1 EDB exploit
NA
CVE-2002-2092
Race condition in exec in OpenBSD 4.0 and previous versions, NetBSD 1.5.2 and previous versions, and FreeBSD 4.4 and previous versions allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid.
Freebsd Freebsd 4.3
Freebsd Freebsd 4.1.1
Freebsd Freebsd 3.1
Openbsd Openbsd 2.8
Freebsd Freebsd 2.2.5
Netbsd Netbsd 1.3
Netbsd Netbsd 1.5
Freebsd Freebsd 4.4
Freebsd Freebsd 2.2.2
Netbsd Netbsd 1.3.1
Openbsd Openbsd 2.9
Freebsd Freebsd 2.2.3
Openbsd Openbsd 2.1
Netbsd Netbsd 1.4.2
Freebsd Freebsd 4.2
Freebsd Freebsd 3.5.1
Openbsd Openbsd 2.2
Netbsd Netbsd 1.3.3
Openbsd Openbsd 2.0
Openbsd Openbsd 2.7
Freebsd Freebsd 4.1
Freebsd Freebsd 2.2.8
NA
CVE-2001-0284
Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and previous versions allows remote malicious users to cause a denial of service and possibly execute arbitrary commands via a malformed Authentication header (AH) IPv4 option.
Openbsd Openbsd
6.5
CVSSv3
CVE-2017-1000373
The OpenBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows malicious users to consume arbitrary amounts of stack memory and manipulate st...
Openbsd Openbsd
1 EDB exploit
9.8
CVSSv3
CVE-2017-1000372
A flaw exists in OpenBSD's implementation of the stack guard page that allows malicious users to bypass it resulting in arbitrary code execution using setuid binaries such as /usr/bin/at. This affects OpenBSD 6.1 and possibly earlier versions.
Openbsd Openbsd
NA
CVE-2000-0995
Format string vulnerability in OpenBSD yp_passwd program (and possibly other BSD-based operating systems) allows malicious users to gain root privileges a malformed name.
Openbsd Openbsd
NA
CVE-2000-0996
Format string vulnerability in OpenBSD su program (and possibly other BSD-based operating systems) allows local malicious users to gain root privileges via a malformed shell.
Openbsd Openbsd
7.8
CVSSv3
CVE-2019-19726
OpenBSD up to and including 6.6 allows local users to escalate to root because a check for LD_LIBRARY_PATH in setuid programs can be defeated by setting a very small RLIMIT_DATA resource limit. When executing chpass or passwd (which are setuid root), _dl_setup_env in ld.so tries ...
Openbsd Openbsd
1 Article
9.8
CVSSv3
CVE-2020-16088
iked in OpenIKED, as used in OpenBSD up to and including 6.7, allows authentication bypass because ca.c has the wrong logic for checking whether a public key matches.
Openbsd Openbsd
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »