27 matches found
CVE-2004-0492
Apache mod_proxy vulnerability CVE-2004-0492 is a heap-based overflow in proxy_util.c affecting Apache 1.3.25–1.3.31. A remote attacker can trigger a denial of service (process crash) and possibly execute arbitrary code by sending a negative Content-Length header, causing excessive data copy. The...
CVE-2023-52556
CVE-2023-52556 affects OpenBSD 7.4 before errata 009. The issue is a race condition in pf(4) packet processing and the expiration of packet states that can trigger a kernel panic. Impact is a local denial (kernel crash) described in the OpenBSD advisory, with no exposed remote vector. Remediation...
CVE-2004-0418
CVE-2004-0418 describes an out-of-bounds write vulnerability in CVS servers caused by improper handling of empty data lines in the serve_notify path. Affected CVS versions include CVS 1.12.x (up to 1.12.8) and 1.11.x (up to 1.11.16). The issue could enable remote attackers to execute arbitrary co...
CVE-2022-48437
CVE-2022-48437 affects LibreSSL prior to 3.6.1 and OpenBSD prior to 7.2 with errata 001. The issue is in x509/x509_verify.c where x509_verify_ctx_add_chain does not store errors that occur during leaf certificate verification, causing an incorrect error to be returned when a verification callback...
CVE-2023-52557
OpenBSD 7.3 prior to errata 016 is affected. The npppd(8) component may crash when processing an L2TP message containing an AVP with an incorrect length. The issue is addressed by OpenBSD patch errata 016 for 7.3 (reference patches: 016_npppd.patch.sig; commit abf3a29384c582c807a621e7fc6e7c68d0ca...
CVE-2021-46880
The CVE-2021-46880 issue affects LibreSSL before 3.4.2 and OpenBSD before 7.0 errata 006, where an error for an unverified certificate chain is sometimes discarded during x509_verify.c processing, allowing authentication bypass. This is documented as a high-impact vulnerability with CVSS 3.1 vect...
CVE-2004-0416
The CVE-2004-0416 issue affects CVS servers: a double-free in error_prog_name in CVS 1.12.x (1.12.8 and earlier) and 1.11.x (1.11.16 and earlier) can enable remote attackers to execute arbitrary code via the CVS server. It can also contribute to denial of service in some contexts. Affected deploy...
CVE-2006-6730
CVE-2006-6730 affects OpenBSD and NetBSD. The vulnerability allows local users to execute code with root privileges by killing the display server and writing to the X.Org /dev/xf86 device to replace the System Management Mode (SMM) handler via an SMRAM write within /dev/xf86 (the video card RAM r...
CVE-1999-1225
Concretely, CVE-1999-1225 affects rpc.mountd and is described in SGI IRIX advisories as allowing a remote tester to probe for the existence of files by issuing mount requests, leading to distinguishable error messages. The SGI advisory fixes this by patching/upgrading IRIX (upgrade to IRIX 6.5.23...
CVE-2004-0414
CVE-2004-0414 involves CVS (versions circa 1.12.x and 1.11.x) with insufficient input validation on Entry lines, leading to denial of service, data corruption, or arbitrary code execution. Connected sources confirm related issues (CVE-2004-0416, -0417, -0418) affecting CVS server behavior (Argume...
CVE-2024-11148
CVE-2024-11148 affects OpenBSD 7.3 before errata 020 and OpenBSD 7.4 before errata 006, where httpd(8) is vulnerable to a NULL dereference when processing malformed FastCGI requests. The underlying issue is a null dereference in the HTTP server’s FastCGI handling path, leading to denial of servic...
CVE-2004-0417
CVS-2004-0417 involves an Integer overflow in the Max-dotdot command (serve_max_dotdot) affecting CVS 1.12.x (up to 1.12.8) and 1.11.x (up to 1.11.16). The issue can let remote attackers crash the CVS server, potentially leaving undeleted data and consuming disk space (DoS). Publicly available fi...
CVE-2001-0670
CVE-2001-0670 is a remote buffer overflow in the BSD line printer daemon (in.lpd/lpd) that can allow an attacker to execute arbitrary code with elevated privileges. The vulnerability is triggered by a crafted, incomplete print job followed by a request to display the printer queue, and the attack...
CVE-2023-52558
CVE-2023-52558 affects OpenBSD 7.4 before errata 002 and OpenBSD 7.3 before errata 019. A kernel crash can occur from a network buffer that must be split at a certain length after receiving specially crafted escape sequences. The issue arises in the m_split handling; patches 002_msplit.patch (Ope...
CVE-2006-6397
The CVE-2006-6397 entry concerns an alleged integer overflow in the banner/banner.c component across FreeBSD, NetBSD, and OpenBSD. The issue is disputed by CVE and others and, because the banner is not setuid, an exploit would not cross privilege boundaries in normal operations; the notes explici...
CVE-2025-30334
CVE-2025-30334 affects OpenBSD 7.6 before errata 006 and OpenBSD 7.5 before errata 015. The issue is triggered by traffic sent over wg(4), which can cause a kernel crash. Public details in the CVE entry and patches indicate mitigations via OpenBSD patches 006_wg.patch.sig and 015_wg.patch.sig, ad...
CVE-1999-0483
OpenBSD crash vulnerability CVE-1999-0483 affects FFS and EXT2FS filesystems. The root cause is handling an improper nlink value, leading to a crash (local, with low impact on confidentiality/integrity and partial impact on availability per CVSS). Exploitation details, affected product versions, ...
CVE-1999-0484
The consolidated data confirms CVE-1999-0484 is a vulnerability described as a buffer overflow in OpenBSD ping. The Red Hat and CVE records reproduce the same description. No technical specifics are provided in the connected documents regarding affected versions, exact root cause details, exploit...
CVE-2000-0995
CVE-2000-0995 describes a format-string vulnerability in the OpenBSD yp_passwd utility (and possibly other BSD-based OSes) that can allow an attacker to gain root privileges via a malformed name. The initial description states the vulnerability and impact; a patch is referenced (028_format_string...
CVE-2024-10934
CVE-2024-10934 affects OpenBSD NFS components (client and server) on OpenBSD 7.4 before errata 021 and 7.5 before errata 008, due to a mbuf double-free and use of an uninitialized variable in NFS server error handling. The vulnerability is tied to the same CVE entry across multiple feeds; patches...
CVE-2024-11149
OpenBSD 7.4 prior to errata 014 contains a vulnerability in vmm(4) where the GDTR limits were not properly restored on Intel (VMX) CPUs. The issue affects the vmm subsystem, specifically the GDTR handling in the virtual machine monitor, leading to potential misbehavior on affected Intel VMX hosts...
CVE-2024-10933
OpenBSD CVE-2024-10933 affects OpenBSD 7.4 and 7.5 prior to specific patches: readdir name validation must exclude the character '/'. The underlying issue is improper validation of readdir names that can lead to unexpected directory traversal on untrusted file systems. Affected versions: 7.4 befo...
CVE-1999-0482
The vulnerability CVE-1999-0482 affects the OpenBSD kernel, with the crash triggered by the crashme program during TSS handling. The issue is a kernel crash path in TSS processing; concrete affected component is the kernel’s TSS handling, but the connected documents do not provide specific affect...
CVE-2000-0996
CVE-2000-0996: A format-string vulnerability in the OpenBSD su utility (and possibly other BSD-based OSes) allows a local attacker to gain root privileges via a malformed shell. The issue is described in the NVD entry with a CVSS v2 base score of 7.2 (HIGH) and LOCAL, LOW–complexity conditions, e...
CVE-2002-0381
The CVE-2002-0381 entry concerns the TCP implementation in various BSD operating systems (tcp_input.c) that fails to properly block connections to broadcast addresses. This allows remote attackers to bypass filters by sending packets with a unicast link-layer address to an IP broadcast address. A...
CVE-2002-0701
Technical details (affected products, versions, root cause, fixes) are not publicly available in the provided connected documents; monitor for updates.
CVE-2026-56099
OpenBSD before commit 6a23123 (2026-06-18) contains an out-of-bounds read in sys/netmpls/mpls_input.c:mpls_do_error, allowing remote disclosure of kernel stack memory by crafting MPLS frames with 16 labels and no Bottom-of-Stack bit. Affected component is the MPLS input handling path; root cause ...