Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openbsd vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2018-14775
tss_alloc in sys/arch/i386/i386/gdt.c in OpenBSD 6.2 and 6.3 has a Local Denial of Service (system crash) due to incorrect I/O port access control on the i386 architecture.
Openbsd Openbsd 6.3
Openbsd Openbsd 6.2
1 Github repository
4.7
CVSSv3
CVE-2018-12434
LibreSSL prior to 2.6.5 and 2.7.x prior to 2.7.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attacker needs access to either the local machine or a different virtual machine on...
Openbsd Libressl 2.7.2
Openbsd Libressl 2.7.1
Openbsd Libressl 2.7.0
Openbsd Libressl
Openbsd Libressl 2.7.3
7.4
CVSSv3
CVE-2018-8970
The int_x509_param_set_hosts function in lib/libcrypto/x509/x509_vpm.c in LibreSSL 2.7.0 prior to 2.7.1 does not support a certain special case of a zero name length, which causes silent omission of hostname verification, and consequently allows man-in-the-middle malicious users ...
Openbsd Libressl 2.7.0
1 Github repository
9.8
CVSSv3
CVE-2015-7687
Use-after-free vulnerability in OpenSMTPD prior to 5.7.2 allows remote malicious users to cause a denial of service (crash) or execute arbitrary code via vectors involving req_ca_vrfy_smtp and req_ca_vrfy_mta.
Openbsd Opensmtpd
Fedoraproject Fedora 22
Fedoraproject Fedora 23
9.8
CVSSv3
CVE-2017-1000372
A flaw exists in OpenBSD's implementation of the stack guard page that allows malicious users to bypass it resulting in arbitrary code execution using setuid binaries such as /usr/bin/at. This affects OpenBSD 6.1 and possibly earlier versions.
Openbsd Openbsd
6.5
CVSSv3
CVE-2017-1000373
The OpenBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows malicious users to consume arbitrary amounts of stack memory and manipulate st...
Openbsd Openbsd
1 EDB exploit
5.3
CVSSv3
CVE-2017-8301
LibreSSL 2.5.1 to 2.5.3 lacks TLS certificate verification if SSL_get_verify_result is relied upon for a later check of a verification result, in a use case where a user-provided verification callback returns 1, as demonstrated by acceptance of invalid certificates by nginx.
Openbsd Libressl 2.5.2
Openbsd Libressl 2.5.3
Openbsd Libressl 2.5.1
7.5
CVSSv3
CVE-2017-5850
httpd in OpenBSD allows remote malicious users to cause a denial of service (memory consumption) via a series of requests for a large file using an HTTP Range header.
Openbsd Openbsd 6.0
1 EDB exploit
1 Article
5.5
CVSSv3
CVE-2016-6522
Integer overflow in the uvm_map_isavail function in uvm/uvm_map.c in OpenBSD 5.9 allows local users to cause a denial of service (kernel panic) via a crafted mmap call, which triggers the new mapping to overlap with an existing mapping.
Openbsd Openbsd 5.9
5.5
CVSSv3
CVE-2016-6239
The mmap extension __MAP_NOFAULT in OpenBSD 5.8 and 5.9 allows malicious users to cause a denial of service (kernel panic and crash) via a large size value.
Openbsd Openbsd 5.9
Openbsd Openbsd 5.8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »