Filtered by vendor Openbsd
Subscribe
Total
331 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1145 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2025-04-03 | 6.2 MEDIUM | N/A |
| fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a different directory than intended when the directory above the current directory is moved, which could cause scripts to perform dangerous actions on the wrong directories. | |||||
| CVE-2002-0572 | 3 Freebsd, Openbsd, Sun | 4 Freebsd, Openbsd, Solaris and 1 more | 2025-04-03 | 7.2 HIGH | N/A |
| FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which may then be reused by a called setuid process that intended to perform I/O on normal files. | |||||
| CVE-2003-0693 | 1 Openbsd | 1 Openssh | 2025-04-03 | 10.0 HIGH | N/A |
| A "buffer management error" in buffer_append_space of buffer.c for OpenSSH before 3.7 may allow remote attackers to execute arbitrary code by causing an incorrect amount of memory to be freed and corrupting the heap, a different vulnerability than CVE-2003-0695. | |||||
| CVE-2004-0114 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2025-04-03 | 4.6 MEDIUM | N/A |
| The shmat system call in the System V Shared Memory interface for FreeBSD 5.2 and earlier, NetBSD 1.3 and earlier, and OpenBSD 2.6 and earlier, does not properly decrement a shared memory segment's reference count when the vm_map_find function fails, which could allow local users to gain read or write access to a portion of kernel memory and gain privileges. | |||||
| CVE-1999-0304 | 4 Bsdi, Freebsd, Netbsd and 1 more | 4 Bsd Os, Freebsd, Netbsd and 1 more | 2025-04-03 | 7.2 HIGH | N/A |
| mmap function in BSD allows local attackers in the kmem group to modify memory through devices. | |||||
| CVE-2001-0402 | 3 Darren Reed, Freebsd, Openbsd | 3 Ipfilter, Freebsd, Openbsd | 2025-04-03 | 7.5 HIGH | N/A |
| IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port. | |||||
| CVE-2003-1562 | 1 Openbsd | 1 Openssh | 2025-04-03 | 7.6 HIGH | N/A |
| sshd in OpenSSH 3.6.1p2 and earlier, when PermitRootLogin is disabled and using PAM keyboard-interactive authentication, does not insert a delay after a root login attempt with the correct password, which makes it easier for remote attackers to use timing differences to determine if the password step of a multi-step authentication is successful, a different vulnerability than CVE-2003-0190. | |||||
| CVE-2004-0112 | 24 4d, Apple, Avaya and 21 more | 65 Webstar, Mac Os X, Mac Os X Server and 62 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. | |||||
| CVE-2006-0098 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 4.6 MEDIUM | N/A |
| The dupfdopen function in sys/kern/kern_descrip.c in OpenBSD 3.7 and 3.8 allows local users to re-open arbitrary files by using setuid programs to access file descriptors using /dev/fd/. | |||||
| CVE-2003-0786 | 1 Openbsd | 1 Openssh | 2025-04-03 | 10.0 HIGH | N/A |
| The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3.7.1p1, when Privilege Separation is disabled, does not check the result of the authentication attempt, which can allow remote attackers to gain privileges. | |||||
| CVE-2001-1382 | 1 Openbsd | 1 Openssh | 2025-04-03 | 5.0 MEDIUM | N/A |
| The "echo simulation" traffic analysis countermeasure in OpenSSH before 2.9.9p2 sends an additional echo packet after the password and carriage return is entered, which could allow remote attackers to determine that the countermeasure is being used. | |||||
| CVE-2003-0078 | 3 Freebsd, Openbsd, Openssl | 3 Freebsd, Openbsd, Openssl | 2025-04-03 | 5.0 MEDIUM | N/A |
| ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the "Vaudenay timing attack." | |||||
| CVE-1999-0724 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in OpenBSD procfs and fdescfs file systems via uio_offset in the readdir() function. | |||||
| CVE-2004-0482 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 4.6 MEDIUM | N/A |
| Multiple integer overflows in (1) procfs_cmdline.c, (2) procfs_fpregs.c, (3) procfs_linux.c, (4) procfs_regs.c, (5) procfs_status.c, and (6) procfs_subr.c in procfs for OpenBSD 3.5 and earlier allow local users to read sensitive kernel memory and possibly perform other unauthorized activities. | |||||
| CVE-1999-1214 | 5 Bsd, Freebsd, Netbsd and 2 more | 5 Bsd, Freebsd, Netbsd and 2 more | 2025-04-03 | 2.1 LOW | N/A |
| The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID. | |||||
| CVE-2000-0574 | 2 Openbsd, Washington University | 2 Ftpd, Wu-ftpd | 2025-04-03 | 5.0 MEDIUM | N/A |
| FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands. | |||||
| CVE-2000-0914 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 5.0 MEDIUM | N/A |
| OpenBSD 2.6 and earlier allows remote attackers to cause a denial of service by flooding the server with ARP requests. | |||||
| CVE-2005-0740 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 5.0 MEDIUM | N/A |
| The TCP stack (tcp_input.c) in OpenBSD 3.5 and 3.6 allows remote attackers to cause a denial of service (system panic) via crafted values in the TCP timestamp option, which causes invalid arguments to be used when calculating the retransmit timeout. | |||||
| CVE-2003-0190 | 3 Openbsd, Openpkg, Siemens | 6 Openssh, Openpkg, Scalance X204rna and 3 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support enabled immediately sends an error message when a user does not exist, which allows remote attackers to determine valid usernames via a timing attack. | |||||
| CVE-2005-0637 | 1 Openbsd | 1 Openbsd | 2025-04-03 | 5.0 MEDIUM | N/A |
| The copy functions in locore.s such as copyout in OpenBSD 3.5 and 3.6, and possibly other BSD based operating systems, may allow attackers to exceed certain address boundaries and modify kernel memory. | |||||