Openbsd Security Vulnerabilities and Issues — Openbsd CVE List

Lucene search

OpenbsdOpenbsd

10 matches found

CVE•added 2019/12/10 7:15 p.m.•1805 views

CVE-2012-1577

lib/libc/stdlib/random.c in OpenBSD returns 0 when seeded with 0.

9.8CVSS9.4AI score0.00914EPSS

CVE•added 2023/06/16 8:15 p.m.•368 views

CVE-2023-35784

A double free or use after free could occur after SSL_clear in OpenBSD 7.2 before errata 026 and 7.3 before errata 004, and in LibreSSL before 3.6.3 and 3.7.x before 3.7.3. NOTE: OpenSSL is not affected.

9.8CVSS9.4AI score0.00107EPSS

CVE•added 2020/07/28 12:15 p.m.•267 views

CVE-2020-16088

iked in OpenIKED, as used in OpenBSD through 6.7, allows authentication bypass because ca.c has the wrong logic for checking whether a public key matches.

9.8CVSS9.5AI score0.00161EPSS

CVE•added 2011/08/19 5:55 p.m.•253 views

CVE-2011-2895

The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products...

9.3CVSS7.3AI score0.09814EPSS

CVE•added 2008/10/03 3:7 p.m.•117 views

CVE-2008-2476

The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows re...

9.3CVSS6.2AI score0.14849EPSS

CVE•added 2017/06/19 4:29 p.m.•84 views

CVE-2017-1000372

A flaw exists in OpenBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using setuid binaries such as /usr/bin/at. This affects OpenBSD 6.1 and possibly earlier versions.

9.8CVSS9.7AI score0.05368EPSS

CVE•added 2019/12/05 12:15 a.m.•83 views

CVE-2019-19521

libc in OpenBSD 6.6 allows authentication bypass via the -schallenge username, as demonstrated by smtpd, ldapd, or radiusd. This is related to gen/auth_subr.c and gen/authenticate.c in libc (and login/login.c and xenocara/app/xenodm/greeter/verify.c).

9.8CVSS9.5AI score0.00491EPSS

CVE•added 2023/04/15 12:15 a.m.•54 views

CVE-2021-46880

x509/x509_verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded.

9.8CVSS9.6AI score0.00031EPSS

CVE•added 2024/11/15 8:15 p.m.•38 views

CVE-2024-10934

In OpenBSD 7.5 before errata 008 and OpenBSD 7.4 before errata 021,avoid possible mbuf double free in NFS client and server implementation, do not use uninitialized variable in error handling of NFS server.

9.8CVSS9.8AI score0.00236EPSS

CVE•added 2024/04/11 1:25 a.m.•30 views

CVE-2024-29937

NFS in a BSD derived codebase, as used in OpenBSD through 7.4 and FreeBSD through 14.0-RELEASE, allows remote attackers to execute arbitrary code via a bug that is unrelated to memory corruption.

9.8CVSS8AI score0.04281EPSS