Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openbsd vulnerabilities and exploits
(subscribe to this query)
4.9
CVSSv2
CVE-2018-14775
tss_alloc in sys/arch/i386/i386/gdt.c in OpenBSD 6.2 and 6.3 has a Local Denial of Service (system crash) due to incorrect I/O port access control on the i386 architecture.
Openbsd Openbsd 6.2
Openbsd Openbsd 6.3
1 Github repository
1.9
CVSSv2
CVE-2018-12434
LibreSSL prior to 2.6.5 and 2.7.x prior to 2.7.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attacker needs access to either the local machine or a different virtual machine on...
Openbsd Libressl 2.7.0
Openbsd Libressl 2.7.3
Openbsd Libressl 2.7.2
Openbsd Libressl 2.7.1
Openbsd Libressl
5.8
CVSSv2
CVE-2018-8970
The int_x509_param_set_hosts function in lib/libcrypto/x509/x509_vpm.c in LibreSSL 2.7.0 prior to 2.7.1 does not support a certain special case of a zero name length, which causes silent omission of hostname verification, and consequently allows man-in-the-middle malicious users ...
Openbsd Libressl 2.7.0
1 Github repository
7.5
CVSSv2
CVE-2015-7687
Use-after-free vulnerability in OpenSMTPD prior to 5.7.2 allows remote malicious users to cause a denial of service (crash) or execute arbitrary code via vectors involving req_ca_vrfy_smtp and req_ca_vrfy_mta.
Openbsd Opensmtpd
Fedoraproject Fedora 22
Fedoraproject Fedora 23
7.5
CVSSv2
CVE-2017-1000372
A flaw exists in OpenBSD's implementation of the stack guard page that allows malicious users to bypass it resulting in arbitrary code execution using setuid binaries such as /usr/bin/at. This affects OpenBSD 6.1 and possibly earlier versions.
Openbsd Openbsd
6.4
CVSSv2
CVE-2017-1000373
The OpenBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows malicious users to consume arbitrary amounts of stack memory and manipulate st...
Openbsd Openbsd
1 EDB exploit
2.6
CVSSv2
CVE-2017-8301
LibreSSL 2.5.1 to 2.5.3 lacks TLS certificate verification if SSL_get_verify_result is relied upon for a later check of a verification result, in a use case where a user-provided verification callback returns 1, as demonstrated by acceptance of invalid certificates by nginx.
Openbsd Libressl 2.5.3
Openbsd Libressl 2.5.2
Openbsd Libressl 2.5.1
7.8
CVSSv2
CVE-2017-5850
httpd in OpenBSD allows remote malicious users to cause a denial of service (memory consumption) via a series of requests for a large file using an HTTP Range header.
Openbsd Openbsd 6.0
1 EDB exploit
1 Article
7.2
CVSSv2
CVE-2016-6241
Integer overflow in the amap_alloc1 function in OpenBSD 5.8 and 5.9 allows local users to execute arbitrary code with kernel privileges via a large size value.
Openbsd Openbsd 5.9
Openbsd Openbsd 5.8
4.9
CVSSv2
CVE-2016-6242
OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (assertion failure and kernel panic) via a large ident value in a kevent system call.
Openbsd Openbsd 5.9
Openbsd Openbsd 5.8
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »