Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openbsd vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2022-27881
engine.c in slaacd in OpenBSD 6.9 and 7.0 prior to 2022-02-21 has a buffer overflow triggerable by an IPv6 router advertisement with more than seven nameservers. NOTE: privilege separation and pledge can prevent exploitation.
Openbsd Openbsd 7.0
Openbsd Openbsd 6.9
5
CVSSv2
CVE-2022-27882
slaacd in OpenBSD 6.9 and 7.0 prior to 2022-03-22 has an integer signedness error and resultant heap-based buffer overflow triggerable by a crafted IPv6 router advertisement. NOTE: privilege separation and pledge can prevent exploitation.
Openbsd Openbsd 6.9
Openbsd Openbsd 7.0
7.2
CVSSv2
CVE-2006-6164
The _dl_unsetenv function in loader.c in the ELF ld.so in OpenBSD 3.9 and 4.0 does not properly remove duplicate environment variables, which allows local users to pass dangerous variables such as LD_PRELOAD to loading processes, which might be leveraged to gain privileges.
Openbsd Openbsd 4.0
Openbsd Openbsd 3.9
10
CVSSv2
CVE-2001-0053
One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote malicious users to gain root privileges.
David Madore Ftpd-bsd 0.2.3
Openbsd Openbsd 2.6
Openbsd Openbsd 2.7
Netbsd Netbsd 1.4.2
Netbsd Netbsd 1.5
Openbsd Openbsd 2.4
Openbsd Openbsd 2.5
Netbsd Netbsd 1.4
Netbsd Netbsd 1.4.1
Openbsd Openbsd 2.8
2 EDB exploits
7.5
CVSSv2
CVE-2001-1459
OpenSSH 2.9 and previous versions does not initiate a Pluggable Authentication Module (PAM) session if commands are executed with no pty, which allows local users to bypass resource limits (rlimits) set in pam.d.
Openbsd Openssh 2.3
Openbsd Openssh 2.5
Openbsd Openssh 2.5.1
Openbsd Openssh 2.5.2
Openbsd Openssh 2.1.1
Openbsd Openssh 2.2
Openbsd Openssh 2.1
Openbsd Openssh 2.9
5.8
CVSSv2
CVE-2014-2653
The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and previous versions allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.
Openbsd Openssh 6.4
Openbsd Openssh 6.3
Openbsd Openssh 6.5
Openbsd Openssh 6.2
Openbsd Openssh 6.1
Openbsd Openssh 6.0
Openbsd Openssh
NA
CVE-2023-29323
ascii_load_sockaddr in smtpd in OpenBSD prior to 7.1 errata 024 and 7.2 before errata 020, and OpenSMTPD Portable prior to 7.0.0-portable commit f748277, can abort upon a connection from a local, scoped IPv6 address.
Openbsd Openbsd 7.2
Opensmtpd Opensmtpd
Openbsd Openbsd 7.1
NA
CVE-2021-46880
x509/x509_verify.c in LibreSSL prior to 3.4.2, and OpenBSD prior to 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded.
Openbsd Openbsd
Openbsd Libressl
NA
CVE-2022-48437
An issue exists in x509/x509_verify.c in LibreSSL prior to 3.6.1, and in OpenBSD prior to 7.2 errata 001. x509_verify_ctx_add_chain does not store errors that occur during leaf certificate verification, and therefore an incorrect error is returned. This behavior occurs when there...
Openbsd Openbsd
Openbsd Libressl
7.5
CVSSv2
CVE-2000-0750
Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote malicious users to execute arbitrary commands via a long file name.
Netbsd Netbsd 1.4.2
Redhat Linux 6.0
Redhat Linux 6.2
Openbsd Openbsd 2.4
Openbsd Openbsd 2.5
Openbsd Openbsd 2.6
Openbsd Openbsd 2.7
Netbsd Netbsd 1.4.1
Redhat Linux 6.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »