CVE-2023-29323
- EPSS 0.28%
- Veröffentlicht 04.04.2023 23:15:07
- Zuletzt bearbeitet 04.11.2025 19:15:42
ascii_load_sockaddr in smtpd in OpenBSD before 7.1 errata 024 and 7.2 before errata 020, and OpenSMTPD Portable before 7.0.0-portable commit f748277, can abort upon a connection from a local, scoped IPv6 address.
CVE-2023-27567
- EPSS 0.76%
- Veröffentlicht 03.03.2023 22:15:10
- Zuletzt bearbeitet 06.03.2025 17:15:17
In OpenBSD 7.2, a TCP packet with destination port 0 that matches a pf divert-to rule can crash the kernel.
CVE-2022-27882
- EPSS 1.88%
- Veröffentlicht 25.03.2022 18:15:28
- Zuletzt bearbeitet 21.11.2024 06:56:24
slaacd in OpenBSD 6.9 and 7.0 before 2022-03-22 has an integer signedness error and resultant heap-based buffer overflow triggerable by a crafted IPv6 router advertisement. NOTE: privilege separation and pledge can prevent exploitation.
CVE-2010-4816
- EPSS 2.42%
- Veröffentlicht 22.06.2021 14:15:08
- Zuletzt bearbeitet 21.11.2024 01:21:50
It was found in FreeBSD 8.0, 6.3 and 4.9, and OpenBSD 4.6 that a null pointer dereference in ftpd/popen.c may lead to remote denial of service of the ftpd service.
CVE-2020-26142
- EPSS 2.08%
- Veröffentlicht 11.05.2021 20:15:08
- Zuletzt bearbeitet 21.11.2024 05:19:21
An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can abuse this to inject arbitrary network packets, independent of the network configuration.
CVE-2020-16088
- EPSS 2.42%
- Veröffentlicht 28.07.2020 12:15:12
- Zuletzt bearbeitet 21.11.2024 05:06:44
iked in OpenIKED, as used in OpenBSD through 6.7, allows authentication bypass because ca.c has the wrong logic for checking whether a public key matches.
CVE-2011-3336
- EPSS 6.49%
- Veröffentlicht 12.02.2020 20:15:13
- Zuletzt bearbeitet 21.11.2024 01:30:17
regcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion.
CVE-2019-19726
- EPSS 3.52%
- Veröffentlicht 12.12.2019 01:15:10
- Zuletzt bearbeitet 21.11.2024 04:35:15
OpenBSD through 6.6 allows local users to escalate to root because a check for LD_LIBRARY_PATH in setuid programs can be defeated by setting a very small RLIMIT_DATA resource limit. When executing chpass or passwd (which are setuid root), _dl_setup_e...
CVE-2019-14899
- EPSS 0.84%
- Veröffentlicht 11.12.2019 15:15:14
- Zuletzt bearbeitet 21.11.2024 04:27:38
A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiti...
CVE-2012-1577
- EPSS 1.55%
- Veröffentlicht 10.12.2019 19:15:14
- Zuletzt bearbeitet 21.11.2024 01:37:14
lib/libc/stdlib/random.c in OpenBSD returns 0 when seeded with 0.