Product:

Openbsd

(Openbsd)
Repositories https://github.com/openbsd/src
#Vulnerabilities 185
Date Id Summary Products Score Patch Annotated
2004-10-20 CVE-2004-0687 Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM image file. Openbsd, Suse_linux, X11r6, X11r6 N/A
2008-10-20 CVE-2008-4609 The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. Bsd, Bsd_os, Catalyst_blade_switch_3020_firmware, Catalyst_blade_switch_3120_firmware, Catalyst_blade_switch_3120x_firmware, Ios, Dragonflybsd, Freebsd, Linux_kernel, Windows_2000, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp, Midnightbsd, Netbsd, Openbsd, Solaris, Trustedbsd N/A
1997-10-02 CVE-1999-0061 File creation and deletion, and remote execution, in the BSD line printer daemon (lpd). Bsd_os, Freebsd, Linux_kernel, Openbsd N/A
1998-02-01 CVE-1999-0304 mmap function in BSD allows local attackers in the kmem group to modify memory through devices. Bsd_os, Freebsd, Netbsd, Openbsd N/A
1998-05-21 CVE-1999-0303 Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames. Osf_1, Netbsd, Openbsd, Solaris, Sunos N/A
1999-02-17 CVE-1999-0396 A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service. Netbsd, Openbsd N/A
2022-03-25 CVE-2022-27881 engine.c in slaacd in OpenBSD 6.9 and 7.0 before 2022-02-21 has a buffer overflow triggerable by an IPv6 router advertisement with more than seven nameservers. NOTE: privilege separation and pledge can prevent exploitation. Openbsd 7.5
2022-03-25 CVE-2022-27882 slaacd in OpenBSD 6.9 and 7.0 before 2022-03-22 has an integer signedness error and resultant heap-based buffer overflow triggerable by a crafted IPv6 router advertisement. NOTE: privilege separation and pledge can prevent exploitation. Openbsd 7.5
2001-08-14 CVE-2001-0554 Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. Debian_linux, Freebsd, Aix, Kerberos, Kerberos_5, Netbsd, Linux_netkit, Openbsd, Irix, Solaris, Sunos N/A
2020-07-28 CVE-2020-16088 iked in OpenIKED, as used in OpenBSD through 6.7, allows authentication bypass because ca.c has the wrong logic for checking whether a public key matches. Openbsd 9.8