Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openbsd openbsd vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-35784
A double free or use after free could occur after SSL_clear in OpenBSD 7.2 before errata 026 and 7.3 before errata 004, and in LibreSSL prior to 3.6.3 and 3.7.x prior to 3.7.3. NOTE: OpenSSL is not affected.
Openbsd Openbsd 7.2
Openbsd Libressl
Openbsd Openbsd 7.3
NA
CVE-2007-4752
ssh in OpenSSH prior to 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows malicious users to violate intended policy and gain privileges by causing an X client to be treated as trusted.
Openbsd Openssh 4.3p2
Openbsd Openssh
Openbsd Openssh 4.1
Openbsd Openssh 4.0p1
Openbsd Openssh 4.4
Openbsd Openssh 4.1p1
Openbsd Openssh 4.2p1
Openbsd Openssh 4.5
Openbsd Openssh 4.2
Openbsd Openssh 4.4p1
Openbsd Openssh 4.3p1
Openbsd Openssh 4.3
Openbsd Openssh 4.0
NA
CVE-2009-0687
The pf_test_rule function in OpenBSD Packet Filter (PF), as used in OpenBSD 4.2 up to and including 4.5, NetBSD 5.0 before RC3, MirOS 10 and previous versions, and MidnightBSD 0.3-current allows remote malicious users to cause a denial of service (panic) via crafted IP packets th...
Openbsd Openbsd 4.4
Mirbsd Miros
Netbsd Netbsd 5.0
Midnightbsd Midnightbsd 0.3-current
Openbsd Openbsd 4.5
Openbsd Openbsd 4.2
Openbsd Openbsd 4.3
3 EDB exploits
NA
CVE-2003-0955
OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code in 3.4 via a program with an invalid header that is not properly handled by (1) ibcs2_exec.c in the iBCS2 emulation (compat_ibcs2) or (2) exec_elf.c, whic...
Openbsd Openbsd 3.3
Openbsd Openbsd 3.4
2 EDB exploits
7.8
CVSSv3
CVE-2016-6240
Integer truncation error in the amap_alloc function in OpenBSD 5.8 and 5.9 allows local users to execute arbitrary code with kernel privileges via a large size value.
Openbsd Openbsd 5.9
Openbsd Openbsd 5.8
5.5
CVSSv3
CVE-2016-6242
OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (assertion failure and kernel panic) via a large ident value in a kevent system call.
Openbsd Openbsd 5.9
Openbsd Openbsd 5.8
NA
CVE-2008-1058
The tcp_respond function in netinet/tcp_subr.c in OpenBSD 4.1 and 4.2 allows malicious users to cause a denial of service (panic) via crafted TCP packets. NOTE: some of these details are obtained from third party information.
Openbsd Openbsd 4.1
Openbsd Openbsd 4.2
7.5
CVSSv3
CVE-2022-27882
slaacd in OpenBSD 6.9 and 7.0 prior to 2022-03-22 has an integer signedness error and resultant heap-based buffer overflow triggerable by a crafted IPv6 router advertisement. NOTE: privilege separation and pledge can prevent exploitation.
Openbsd Openbsd 6.9
Openbsd Openbsd 7.0
NA
CVE-2006-0098
The dupfdopen function in sys/kern/kern_descrip.c in OpenBSD 3.7 and 3.8 allows local users to re-open arbitrary files by using setuid programs to access file descriptors using /dev/fd/.
Openbsd Openbsd 3.7
Openbsd Openbsd 3.8
NA
CVE-2001-1415
vi.recover in OpenBSD prior to 3.1 allows local users to remove arbitrary zero-byte files such as device nodes.
Openbsd Openbsd 2.9
Openbsd Openbsd 3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »