Openbsd

Openbsd

196 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.9

CVE-2016-6246

Exploit
  • EPSS 0.05%
  • Veröffentlicht 07.03.2017 16:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

OpenBSD 5.8 and 5.9 allows certain local users with kern.usermount privileges to cause a denial of service (kernel panic) by mounting a tmpfs with a VNOVAL in the (1) username, (2) groupname, or (3) device name of the root node.

5.5

CVE-2016-6247

Exploit
  • EPSS 0.04%
  • Veröffentlicht 07.03.2017 16:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

OpenBSD 5.8 and 5.9 allows certain local users to cause a denial of service (kernel panic) by unmounting a filesystem with an open vnode on the mnt_vnodelist.

5.5

CVE-2016-6350

Exploit
  • EPSS 0.15%
  • Veröffentlicht 07.03.2017 16:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (NULL pointer dereference and panic) via a sysctl call with a path starting with 10,9.

5.5

CVE-2016-6522

Exploit
  • EPSS 0.08%
  • Veröffentlicht 07.03.2017 16:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Integer overflow in the uvm_map_isavail function in uvm/uvm_map.c in OpenBSD 5.9 allows local users to cause a denial of service (kernel panic) via a crafted mmap call, which triggers the new mapping to overlap with an existing mapping.

7.8

CVE-2016-6244

Exploit
  • EPSS 1.05%
  • Veröffentlicht 07.03.2017 15:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The sys_thrsigdivert function in kern/kern_sig.c in the OpenBSD kernel 5.9 allows remote attackers to cause a denial of service (panic) via a negative "ts.tv_sec" value.

5

CVE-2014-7250

  • EPSS 3.73%
  • Veröffentlicht 12.12.2014 03:03:47
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service (resource consumption) via crafted packets...

9.3

CVE-2011-2895

  • EPSS 7.02%
  • Veröffentlicht 19.08.2011 17:55:03
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x...

5

CVE-2011-2168

  • EPSS 0.39%
  • Veröffentlicht 24.05.2011 23:55:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple integer overflows in the glob implementation in libc in OpenBSD before 4.9 might allow context-dependent attackers to have an unspecified impact via a crafted string, related to the GLOB_APPEND and GLOB_DOOFFS flags, a different issue than C...

4.3

CVE-2011-0419

Exploit
  • EPSS 56.21%
  • Veröffentlicht 16.05.2011 17:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac...

7.2

CVE-2011-1013

  • EPSS 0.1%
  • Veröffentlicht 09.05.2011 19:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Integer signedness error in the drm_modeset_ctl function in (1) drivers/gpu/drm/drm_irq.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.38 and (2) sys/dev/pci/drm/drm_irq.c in the kernel in OpenBSD before 4.9 allows l...