Filtered by vendor Openbsd
Subscribe
Total
320 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-12434 | 1 Openbsd | 1 Libressl | 2024-02-28 | 1.9 LOW | 4.7 MEDIUM |
| LibreSSL before 2.6.5 and 2.7.x before 2.7.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attacker needs access to either the local machine or a different virtual machine on the same physical host. | |||||
| CVE-2016-10708 | 4 Canonical, Debian, Netapp and 1 more | 12 Ubuntu Linux, Debian Linux, Cloud Backup and 9 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c. | |||||
| CVE-2018-8970 | 1 Openbsd | 1 Libressl | 2024-02-28 | 5.8 MEDIUM | 7.4 HIGH |
| The int_x509_param_set_hosts function in lib/libcrypto/x509/x509_vpm.c in LibreSSL 2.7.0 before 2.7.1 does not support a certain special case of a zero name length, which causes silent omission of hostname verification, and consequently allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. NOTE: the LibreSSL documentation indicates that this special case is supported, but the BoringSSL documentation does not. | |||||
| CVE-2015-7687 | 2 Fedoraproject, Openbsd | 2 Fedora, Opensmtpd | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| Use-after-free vulnerability in OpenSMTPD before 5.7.2 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via vectors involving req_ca_vrfy_smtp and req_ca_vrfy_mta. | |||||
| CVE-2017-15906 | 5 Debian, Netapp, Openbsd and 2 more | 22 Debian Linux, Active Iq Unified Manager, Cloud Backup and 19 more | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files. | |||||
| CVE-2017-1000372 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| A flaw exists in OpenBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using setuid binaries such as /usr/bin/at. This affects OpenBSD 6.1 and possibly earlier versions. | |||||
| CVE-2017-1000373 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 6.4 MEDIUM | 6.5 MEDIUM |
| The OpenBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in arbitrary code execution attacks. This affects OpenBSD 6.1 and possibly earlier versions. | |||||
| CVE-2017-5850 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
| httpd in OpenBSD allows remote attackers to cause a denial of service (memory consumption) via a series of requests for a large file using an HTTP Range header. | |||||
| CVE-2016-1908 | 4 Debian, Openbsd, Oracle and 1 more | 9 Debian Linux, Openssh, Linux and 6 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server. | |||||
| CVE-2017-8301 | 1 Openbsd | 1 Libressl | 2024-02-28 | 2.6 LOW | 5.3 MEDIUM |
| LibreSSL 2.5.1 to 2.5.3 lacks TLS certificate verification if SSL_get_verify_result is relied upon for a later check of a verification result, in a use case where a user-provided verification callback returns 1, as demonstrated by acceptance of invalid certificates by nginx. | |||||
| CVE-2016-6247 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
| OpenBSD 5.8 and 5.9 allows certain local users to cause a denial of service (kernel panic) by unmounting a filesystem with an open vnode on the mnt_vnodelist. | |||||
| CVE-2016-6240 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
| Integer truncation error in the amap_alloc function in OpenBSD 5.8 and 5.9 allows local users to execute arbitrary code with kernel privileges via a large size value. | |||||
| CVE-2016-6239 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
| The mmap extension __MAP_NOFAULT in OpenBSD 5.8 and 5.9 allows attackers to cause a denial of service (kernel panic and crash) via a large size value. | |||||
| CVE-2016-6244 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
| The sys_thrsigdivert function in kern/kern_sig.c in the OpenBSD kernel 5.9 allows remote attackers to cause a denial of service (panic) via a negative "ts.tv_sec" value. | |||||
| CVE-2016-6243 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
| thrsleep in kern/kern_synch.c in OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (kernel panic) via a crafted value in the tsp parameter of the __thrsleep system call. | |||||
| CVE-2016-10009 | 1 Openbsd | 1 Openssh | 2024-02-28 | 7.5 HIGH | 7.3 HIGH |
| Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket. | |||||
| CVE-2016-6350 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
| OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (NULL pointer dereference and panic) via a sysctl call with a path starting with 10,9. | |||||
| CVE-2016-10010 | 1 Openbsd | 1 Openssh | 2024-02-28 | 6.9 MEDIUM | 7.0 HIGH |
| sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c. | |||||
| CVE-2016-6246 | 1 Openbsd | 1 Openbsd | 2024-02-28 | 4.9 MEDIUM | 4.4 MEDIUM |
| OpenBSD 5.8 and 5.9 allows certain local users with kern.usermount privileges to cause a denial of service (kernel panic) by mounting a tmpfs with a VNOVAL in the (1) username, (2) groupname, or (3) device name of the root node. | |||||
| CVE-2016-6210 | 1 Openbsd | 1 Openssh | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
| sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large password is provided. | |||||