Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openbsd openbsd - vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-0542
mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cron.
Openbsd Openbsd 3.0
Openbsd Openbsd 2.9
1 EDB exploit
NA
CVE-2003-0955
OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code in 3.4 via a program with an invalid header that is not properly handled by (1) ibcs2_exec.c in the iBCS2 emulation (compat_ibcs2) or (2) exec_elf.c, whic...
Openbsd Openbsd 3.3
Openbsd Openbsd 3.4
2 EDB exploits
NA
CVE-2006-0098
The dupfdopen function in sys/kern/kern_descrip.c in OpenBSD 3.7 and 3.8 allows local users to re-open arbitrary files by using setuid programs to access file descriptors using /dev/fd/.
Openbsd Openbsd 3.8
Openbsd Openbsd 3.7
NA
CVE-2008-1058
The tcp_respond function in netinet/tcp_subr.c in OpenBSD 4.1 and 4.2 allows malicious users to cause a denial of service (panic) via crafted TCP packets. NOTE: some of these details are obtained from third party information.
Openbsd Openbsd 4.1
Openbsd Openbsd 4.2
NA
CVE-2006-6164
The _dl_unsetenv function in loader.c in the ELF ld.so in OpenBSD 3.9 and 4.0 does not properly remove duplicate environment variables, which allows local users to pass dangerous variables such as LD_PRELOAD to loading processes, which might be leveraged to gain privileges.
Openbsd Openbsd 4.0
Openbsd Openbsd 3.9
NA
CVE-2004-0482
Multiple integer overflows in (1) procfs_cmdline.c, (2) procfs_fpregs.c, (3) procfs_linux.c, (4) procfs_regs.c, (5) procfs_status.c, and (6) procfs_subr.c in procfs for OpenBSD 3.5 and previous versions allow local users to read sensitive kernel memory and possibly perform other ...
Openbsd Openbsd 3.5
Openbsd Openbsd 3.4
7.5
CVSSv3
CVE-2022-27882
slaacd in OpenBSD 6.9 and 7.0 prior to 2022-03-22 has an integer signedness error and resultant heap-based buffer overflow triggerable by a crafted IPv6 router advertisement. NOTE: privilege separation and pledge can prevent exploitation.
Openbsd Openbsd 6.9
Openbsd Openbsd 7.0
7.5
CVSSv3
CVE-2022-27881
engine.c in slaacd in OpenBSD 6.9 and 7.0 prior to 2022-02-21 has a buffer overflow triggerable by an IPv6 router advertisement with more than seven nameservers. NOTE: privilege separation and pledge can prevent exploitation.
Openbsd Openbsd 7.0
Openbsd Openbsd 6.9
NA
CVE-2005-0637
The copy functions in locore.s such as copyout in OpenBSD 3.5 and 3.6, and possibly other BSD based operating systems, may allow malicious users to exceed certain address boundaries and modify kernel memory.
Openbsd Openbsd 3.5
Openbsd Openbsd 3.6
NA
CVE-2001-1415
vi.recover in OpenBSD prior to 3.1 allows local users to remove arbitrary zero-byte files such as device nodes.
Openbsd Openbsd 2.9
Openbsd Openbsd 3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »