Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openbsd vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-27881
engine.c in slaacd in OpenBSD 6.9 and 7.0 prior to 2022-02-21 has a buffer overflow triggerable by an IPv6 router advertisement with more than seven nameservers. NOTE: privilege separation and pledge can prevent exploitation.
Openbsd Openbsd 7.0
Openbsd Openbsd 6.9
7.5
CVSSv3
CVE-2022-27882
slaacd in OpenBSD 6.9 and 7.0 prior to 2022-03-22 has an integer signedness error and resultant heap-based buffer overflow triggerable by a crafted IPv6 router advertisement. NOTE: privilege separation and pledge can prevent exploitation.
Openbsd Openbsd 6.9
Openbsd Openbsd 7.0
NA
CVE-2003-0955
OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code in 3.4 via a program with an invalid header that is not properly handled by (1) ibcs2_exec.c in the iBCS2 emulation (compat_ibcs2) or (2) exec_elf.c, whic...
Openbsd Openbsd 3.3
Openbsd Openbsd 3.4
2 EDB exploits
NA
CVE-2009-0780
The aspath_prepend function in rde_attr.c in bgpd in OpenBSD 4.3 and 4.4 allows remote malicious users to cause a denial of service (application crash) via an Autonomous System (AS) advertisement containing a long AS path.
Openbsd Openbsd 4.4
Openbsd Openbsd 4.3
NA
CVE-2002-0542
mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cron.
Openbsd Openbsd 3.0
Openbsd Openbsd 2.9
1 EDB exploit
NA
CVE-2004-2338
OpenBSD 3.3 and 3.4 does not properly parse Accept and Deny rules without netmasks on big-endian 64-bit platforms such as SPARC64, which may allow remote malicious users to bypass access restrictions.
Openbsd Openbsd 3.3
Openbsd Openbsd 3.4
NA
CVE-2006-4435
OpenBSD 3.8, 3.9, and possibly earlier versions allows context-dependent malicious users to cause a denial of service (kernel panic) by allocating more semaphores than the default.
Openbsd Openbsd 3.9
Openbsd Openbsd 3.8
NA
CVE-2006-4436
isakmpd in OpenBSD 3.8, 3.9, and possibly earlier versions, creates Security Associations (SA) with a replay window of size 0 when isakmpd acts as a responder during SA negotiation, which allows remote malicious users to replay IPSec packets and bypass the replay protection.
Openbsd Openbsd 3.8
Openbsd Openbsd 3.9
NA
CVE-2006-0098
The dupfdopen function in sys/kern/kern_descrip.c in OpenBSD 3.7 and 3.8 allows local users to re-open arbitrary files by using setuid programs to access file descriptors using /dev/fd/.
Openbsd Openbsd 3.8
Openbsd Openbsd 3.7
NA
CVE-2006-6164
The _dl_unsetenv function in loader.c in the ELF ld.so in OpenBSD 3.9 and 4.0 does not properly remove duplicate environment variables, which allows local users to pass dangerous variables such as LD_PRELOAD to loading processes, which might be leveraged to gain privileges.
Openbsd Openbsd 4.0
Openbsd Openbsd 3.9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »