Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Openbsd
(Openbsd)Repositories | https://github.com/openbsd/src |
#Vulnerabilities | 185 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2017-03-07 | CVE-2016-6244 | The sys_thrsigdivert function in kern/kern_sig.c in the OpenBSD kernel 5.9 allows remote attackers to cause a denial of service (panic) via a negative "ts.tv_sec" value. | Openbsd | 7.5 | ||
2017-03-07 | CVE-2016-6243 | thrsleep in kern/kern_synch.c in OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (kernel panic) via a crafted value in the tsp parameter of the __thrsleep system call. | Openbsd | 5.5 | ||
2017-03-07 | CVE-2016-6242 | OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (assertion failure and kernel panic) via a large ident value in a kevent system call. | Openbsd | 5.5 | ||
2017-03-07 | CVE-2016-6241 | Integer overflow in the amap_alloc1 function in OpenBSD 5.8 and 5.9 allows local users to execute arbitrary code with kernel privileges via a large size value. | Openbsd | 7.8 | ||
2017-03-07 | CVE-2016-6240 | Integer truncation error in the amap_alloc function in OpenBSD 5.8 and 5.9 allows local users to execute arbitrary code with kernel privileges via a large size value. | Openbsd | 7.8 | ||
2017-03-07 | CVE-2016-6239 | The mmap extension __MAP_NOFAULT in OpenBSD 5.8 and 5.9 allows attackers to cause a denial of service (kernel panic and crash) via a large size value. | Openbsd | 5.5 | ||
2014-12-12 | CVE-2014-7250 | The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service (resource consumption) via crafted packets. | Bsd, Freebsd, Netbsd, Openbsd | N/A | ||
2011-08-19 | CVE-2011-2895 | The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer... | Freebsd, Freetype, Netbsd, Openbsd, Libxfont | N/A | ||
2011-03-02 | CVE-2010-4755 | The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632. | Freebsd, Netbsd, Openbsd, Openssh | N/A | ||
2011-03-02 | CVE-2010-4754 | The glob implementation in libc in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, and OpenBSD 4.7, and Libsystem in Apple Mac OS X before 10.6.8, allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632. | Mac_os_x, Freebsd, Netbsd, Openbsd | N/A |