Filtered by vendor Openbsd
Subscriptions
Filtered by product Openbsd
Subscriptions
Total
203 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-34999 | 1 Openbsd | 1 Openbsd | 2025-08-14 | 5.5 Medium |
OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of OpenBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the implementation of multicast routing. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel. . Was ZDI-CAN-14540. | ||||
CVE-2021-35000 | 1 Openbsd | 1 Openbsd | 2025-08-14 | N/A |
OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of OpenBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the implementation of multicast routing. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel. . Was ZDI-CAN-16112. | ||||
CVE-2024-10933 | 1 Openbsd | 1 Openbsd | 2025-07-13 | 5 Medium |
In OpenBSD 7.5 before errata 009 and OpenBSD 7.4 before errata 022, exclude any '/' in readdir name validation to avoid unexpected directory traversal on untrusted file systems. | ||||
CVE-2024-29937 | 2 Freebsd, Openbsd | 2 Freebsd, Openbsd | 2025-06-17 | 9.8 Critical |
NFS in a BSD derived codebase, as used in OpenBSD through 7.4 and FreeBSD through 14.0-RELEASE, allows remote attackers to execute arbitrary code via a bug that is unrelated to memory corruption. | ||||
CVE-2017-1000372 | 1 Openbsd | 1 Openbsd | 2025-04-20 | N/A |
A flaw exists in OpenBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using setuid binaries such as /usr/bin/at. This affects OpenBSD 6.1 and possibly earlier versions. | ||||
CVE-2017-1000373 | 1 Openbsd | 1 Openbsd | 2025-04-20 | N/A |
The OpenBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in arbitrary code execution attacks. This affects OpenBSD 6.1 and possibly earlier versions. | ||||
CVE-2016-6522 | 1 Openbsd | 1 Openbsd | 2025-04-20 | N/A |
Integer overflow in the uvm_map_isavail function in uvm/uvm_map.c in OpenBSD 5.9 allows local users to cause a denial of service (kernel panic) via a crafted mmap call, which triggers the new mapping to overlap with an existing mapping. | ||||
CVE-2016-6243 | 1 Openbsd | 1 Openbsd | 2025-04-20 | N/A |
thrsleep in kern/kern_synch.c in OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (kernel panic) via a crafted value in the tsp parameter of the __thrsleep system call. | ||||
CVE-2016-6246 | 1 Openbsd | 1 Openbsd | 2025-04-20 | N/A |
OpenBSD 5.8 and 5.9 allows certain local users with kern.usermount privileges to cause a denial of service (kernel panic) by mounting a tmpfs with a VNOVAL in the (1) username, (2) groupname, or (3) device name of the root node. | ||||
CVE-2016-6244 | 1 Openbsd | 1 Openbsd | 2025-04-20 | N/A |
The sys_thrsigdivert function in kern/kern_sig.c in the OpenBSD kernel 5.9 allows remote attackers to cause a denial of service (panic) via a negative "ts.tv_sec" value. | ||||
CVE-2016-6245 | 1 Openbsd | 1 Openbsd | 2025-04-20 | N/A |
OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (kernel panic) via a large size in a getdents system call. | ||||
CVE-2016-6350 | 1 Openbsd | 1 Openbsd | 2025-04-20 | N/A |
OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (NULL pointer dereference and panic) via a sysctl call with a path starting with 10,9. | ||||
CVE-2016-6241 | 1 Openbsd | 1 Openbsd | 2025-04-20 | N/A |
Integer overflow in the amap_alloc1 function in OpenBSD 5.8 and 5.9 allows local users to execute arbitrary code with kernel privileges via a large size value. | ||||
CVE-2016-6247 | 1 Openbsd | 1 Openbsd | 2025-04-20 | N/A |
OpenBSD 5.8 and 5.9 allows certain local users to cause a denial of service (kernel panic) by unmounting a filesystem with an open vnode on the mnt_vnodelist. | ||||
CVE-2016-6242 | 1 Openbsd | 1 Openbsd | 2025-04-20 | N/A |
OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (assertion failure and kernel panic) via a large ident value in a kevent system call. | ||||
CVE-2017-5850 | 1 Openbsd | 1 Openbsd | 2025-04-20 | N/A |
httpd in OpenBSD allows remote attackers to cause a denial of service (memory consumption) via a series of requests for a large file using an HTTP Range header. | ||||
CVE-2016-6239 | 1 Openbsd | 1 Openbsd | 2025-04-20 | N/A |
The mmap extension __MAP_NOFAULT in OpenBSD 5.8 and 5.9 allows attackers to cause a denial of service (kernel panic and crash) via a large size value. | ||||
CVE-2016-6240 | 1 Openbsd | 1 Openbsd | 2025-04-20 | N/A |
Integer truncation error in the amap_alloc function in OpenBSD 5.8 and 5.9 allows local users to execute arbitrary code with kernel privileges via a large size value. | ||||
CVE-2014-7250 | 4 Bsd, Freebsd, Netbsd and 1 more | 4 Bsd, Freebsd, Netbsd and 1 more | 2025-04-12 | N/A |
The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service (resource consumption) via crafted packets. | ||||
CVE-2011-1013 | 3 Linux, Openbsd, Redhat | 4 Linux Kernel, Openbsd, Enterprise Linux and 1 more | 2025-04-11 | N/A |
Integer signedness error in the drm_modeset_ctl function in (1) drivers/gpu/drm/drm_irq.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.38 and (2) sys/dev/pci/drm/drm_irq.c in the kernel in OpenBSD before 4.9 allows local users to trigger out-of-bounds write operations, and consequently cause a denial of service (system crash) or possibly have unspecified other impact, via a crafted num_crtcs (aka vb_num) structure member in an ioctl argument. |