CVE-2021-34999
- EPSS 0.24%
- Veröffentlicht 07.05.2024 23:15:13
- Zuletzt bearbeitet 14.08.2025 01:40:22
OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of OpenBSD Kernel. An attacker must first obtain the abi...
CVE-2021-35000
- EPSS 0.25%
- Veröffentlicht 07.05.2024 23:15:13
- Zuletzt bearbeitet 14.08.2025 01:39:31
OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of OpenBSD Kernel. An attacker must first obtain the abi...
CVE-2024-29937
- EPSS 1.76%
- Veröffentlicht 11.04.2024 01:25:15
- Zuletzt bearbeitet 17.06.2025 20:54:57
NFS in a BSD derived codebase, as used in OpenBSD through 7.4 and FreeBSD through 14.0-RELEASE, allows remote attackers to execute arbitrary code via a bug that is unrelated to memory corruption.
CVE-2023-52556
- EPSS 0.14%
- Veröffentlicht 01.03.2024 17:15:07
- Zuletzt bearbeitet 10.10.2025 17:44:19
In OpenBSD 7.4 before errata 009, a race condition between pf(4)'s processing of packets and expiration of packet states may cause a kernel panic.
CVE-2023-52557
- EPSS 0.56%
- Veröffentlicht 01.03.2024 17:15:07
- Zuletzt bearbeitet 10.10.2025 17:46:02
In OpenBSD 7.3 before errata 016, npppd(8) could crash by a l2tp message which has an AVP (Attribute-Value Pair) with wrong length.
CVE-2023-52558
- EPSS 0.7%
- Veröffentlicht 01.03.2024 17:15:07
- Zuletzt bearbeitet 10.10.2025 17:36:59
In OpenBSD 7.4 before errata 002 and OpenBSD 7.3 before errata 019, a network buffer that had to be split at certain length that could crash the kernel after receiving specially crafted escape sequences.
CVE-2023-40216
- EPSS 0.14%
- Veröffentlicht 10.08.2023 16:15:09
- Zuletzt bearbeitet 21.11.2024 08:19:01
OpenBSD 7.3 before errata 014 is missing an argument-count bounds check in console terminal emulation. This could cause incorrect memory access and a kernel crash after receiving crafted DCS or CSI terminal escape sequences.
CVE-2023-35784
- EPSS 0.95%
- Veröffentlicht 16.06.2023 20:15:09
- Zuletzt bearbeitet 21.11.2024 08:08:41
A double free or use after free could occur after SSL_clear in OpenBSD 7.2 before errata 026 and 7.3 before errata 004, and in LibreSSL before 3.6.3 and 3.7.x before 3.7.3. NOTE: OpenSSL is not affected.
CVE-2021-46880
- EPSS 0.57%
- Veröffentlicht 15.04.2023 00:15:07
- Zuletzt bearbeitet 07.02.2025 16:15:33
x509/x509_verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded.
CVE-2022-48437
- EPSS 0.36%
- Veröffentlicht 12.04.2023 05:15:07
- Zuletzt bearbeitet 10.02.2025 17:15:15
An issue was discovered in x509/x509_verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2 errata 001. x509_verify_ctx_add_chain does not store errors that occur during leaf certificate verification, and therefore an incorrect error is returne...