Vulnerabilities > Openbsd > Openbsd > 4.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-04-15 | CVE-2021-46880 | Improper Certificate Validation vulnerability in Openbsd x509/x509_verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded. | 9.8 |
2023-04-12 | CVE-2022-48437 | Improper Certificate Validation vulnerability in Openbsd An issue was discovered in x509/x509_verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2 errata 001. | 5.3 |
2021-06-22 | CVE-2010-4816 | NULL Pointer Dereference vulnerability in Openbsd It was found in FreeBSD 8.0, 6.3 and 4.9, and OpenBSD 4.6 that a null pointer dereference in ftpd/popen.c may lead to remote denial of service of the ftpd service. | 5.0 |
2020-07-28 | CVE-2020-16088 | Improper Authentication vulnerability in Openbsd iked in OpenIKED, as used in OpenBSD through 6.7, allows authentication bypass because ca.c has the wrong logic for checking whether a public key matches. | 7.5 |
2019-12-12 | CVE-2019-19726 | Improper Privilege Management vulnerability in Openbsd OpenBSD through 6.6 allows local users to escalate to root because a check for LD_LIBRARY_PATH in setuid programs can be defeated by setting a very small RLIMIT_DATA resource limit. | 7.8 |
2019-08-26 | CVE-2019-8460 | Unspecified vulnerability in Openbsd OpenBSD kernel version <= 6.5 can be forced to create long chains of TCP SACK holes that causes very expensive calls to tcp_sack_option() for every incoming SACK packet which can lead to a denial of service. | 5.0 |
2017-06-19 | CVE-2017-1000373 | Resource Exhaustion vulnerability in Openbsd The OpenBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. | 6.4 |
2017-06-19 | CVE-2017-1000372 | Security Bypass vulnerability in OpenBSD A flaw exists in OpenBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using setuid binaries such as /usr/bin/at. | 7.5 |
2009-10-06 | CVE-2009-3572 | Local Denial of Service vulnerability in Openbsd 4.4/4.5/4.6 OpenBSD 4.4, 4.5, and 4.6, when running on an i386 kernel, does not properly handle XMM exceptions, which allows local users to cause a denial of service (kernel panic) via unspecified vectors. | 4.9 |