Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Openbsd
(Openbsd)Repositories | https://github.com/openbsd/src |
#Vulnerabilities | 185 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2019-12-10 | CVE-2012-1577 | lib/libc/stdlib/random.c in OpenBSD returns 0 when seeded with 0. | Debian_linux, Dietlibc, Openbsd | N/A | ||
2017-03-27 | CVE-2017-5850 | httpd in OpenBSD allows remote attackers to cause a denial of service (memory consumption) via a series of requests for a large file using an HTTP Range header. | Openbsd | 7.5 | ||
2017-06-19 | CVE-2017-1000372 | A flaw exists in OpenBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using setuid binaries such as /usr/bin/at. This affects OpenBSD 6.1 and possibly earlier versions. | Openbsd | 9.8 | ||
2005-05-31 | CVE-2005-0356 | Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old. | Alaxala_networks, Agent_desktop, Aironet_ap1200, Aironet_ap350, Call_manager, Ciscoworks_1105_hosting_solution_engine, Ciscoworks_1105_wireless_lan_solution_engine, Ciscoworks_access_control_list_manager, Ciscoworks_cd1, Ciscoworks_common_management_foundation, Ciscoworks_common_services, Ciscoworks_lms, Ciscoworks_vpn_security_management_solution, Ciscoworks_windows, Ciscoworks_windows_wug, Conference_connection, Content_services_switch_11000, Content_services_switch_11050, Content_services_switch_11150, Content_services_switch_11500, Content_services_switch_11501, Content_services_switch_11503, Content_services_switch_11506, Content_services_switch_11800, E\-Mail_manager, Emergency_responder, Intelligent_contact_manager, Interactive_voice_response, Ip_contact_center_enterprise, Ip_contact_center_express, Meetingplace, Mgx_8230, Mgx_8250, Personal_assistant, Remote_monitoring_suite_option, Secure_access_control_server, Sn_5420_storage_router, Sn_5420_storage_router_firmware, Sn_5428_storage_router, Support_tools, Unity_server, Web_collaboration_option, Webns, Tmos, Freebsd, Alaxala, Gr3000, Gr4000, Gs4000, Windows_2000, Windows_2003_server, Windows_xp, 7220_wlan_access_point, 7250_wlan_access_point, Business_communications_manager, Callpilot, Contact_center, Ethernet_routing_switch_1612, Ethernet_routing_switch_1624, Ethernet_routing_switch_1648, Optical_metro_5000, Optical_metro_5100, Optical_metro_5200, Succession_communication_server_1000, Survivable_remote_gateway, Universal_signaling_point, Openbsd, Rt105, Rt250i, Rt300i, Rt57i, Rtv700, Rtx1000, Rtx1100, Rtx1500, Rtx2000 | N/A | ||
2018-08-01 | CVE-2018-14775 | tss_alloc in sys/arch/i386/i386/gdt.c in OpenBSD 6.2 and 6.3 has a Local Denial of Service (system crash) due to incorrect I/O port access control on the i386 architecture. | Openbsd | 5.5 | ||
2017-06-19 | CVE-2017-1000373 | The OpenBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in arbitrary code execution attacks. This affects OpenBSD 6.1 and possibly earlier versions. | Openbsd | 6.5 | ||
2017-03-07 | CVE-2016-6522 | Integer overflow in the uvm_map_isavail function in uvm/uvm_map.c in OpenBSD 5.9 allows local users to cause a denial of service (kernel panic) via a crafted mmap call, which triggers the new mapping to overlap with an existing mapping. | Openbsd | 5.5 | ||
2017-03-07 | CVE-2016-6350 | OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (NULL pointer dereference and panic) via a sysctl call with a path starting with 10,9. | Openbsd | 5.5 | ||
2017-03-07 | CVE-2016-6247 | OpenBSD 5.8 and 5.9 allows certain local users to cause a denial of service (kernel panic) by unmounting a filesystem with an open vnode on the mnt_vnodelist. | Openbsd | 5.5 | ||
2017-03-07 | CVE-2016-6246 | OpenBSD 5.8 and 5.9 allows certain local users with kern.usermount privileges to cause a denial of service (kernel panic) by mounting a tmpfs with a VNOVAL in the (1) username, (2) groupname, or (3) device name of the root node. | Openbsd | 4.4 |