Vulnerabilities > Openbsd
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-11 | CVE-2016-1908 | Improper Authentication vulnerability in multiple products The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server. | 9.8 |
| 2017-03-27 | CVE-2017-5850 | Allocation of Resources Without Limits or Throttling vulnerability in Openbsd 6.0 httpd in OpenBSD allows remote attackers to cause a denial of service (memory consumption) via a series of requests for a large file using an HTTP Range header. | 7.5 |
| 2017-03-07 | CVE-2016-6522 | Integer Overflow or Wraparound vulnerability in Openbsd 5.9 Integer overflow in the uvm_map_isavail function in uvm/uvm_map.c in OpenBSD 5.9 allows local users to cause a denial of service (kernel panic) via a crafted mmap call, which triggers the new mapping to overlap with an existing mapping. | 5.5 |
| 2017-03-07 | CVE-2016-6350 | NULL Pointer Dereference vulnerability in Openbsd 5.8/5.9 OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (NULL pointer dereference and panic) via a sysctl call with a path starting with 10,9. | 5.5 |
| 2017-03-07 | CVE-2016-6247 | Improper Input Validation vulnerability in Openbsd 5.8/5.9 OpenBSD 5.8 and 5.9 allows certain local users to cause a denial of service (kernel panic) by unmounting a filesystem with an open vnode on the mnt_vnodelist. | 5.5 |
| 2017-03-07 | CVE-2016-6246 | Improper Input Validation vulnerability in Openbsd 5.8/5.9 OpenBSD 5.8 and 5.9 allows certain local users with kern.usermount privileges to cause a denial of service (kernel panic) by mounting a tmpfs with a VNOVAL in the (1) username, (2) groupname, or (3) device name of the root node. | 4.4 |
| 2017-03-07 | CVE-2016-6245 | Unspecified vulnerability in Openbsd 5.8/5.9 OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (kernel panic) via a large size in a getdents system call. | 5.5 |
| 2017-03-07 | CVE-2016-6243 | Improper Input Validation vulnerability in Openbsd 5.8/5.9 thrsleep in kern/kern_synch.c in OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (kernel panic) via a crafted value in the tsp parameter of the __thrsleep system call. | 5.5 |
| 2017-03-07 | CVE-2016-6242 | Numeric Errors vulnerability in Openbsd 5.8/5.9 OpenBSD 5.8 and 5.9 allows local users to cause a denial of service (assertion failure and kernel panic) via a large ident value in a kevent system call. | 5.5 |
| 2017-03-07 | CVE-2016-6241 | Integer Overflow or Wraparound vulnerability in Openbsd 5.8/5.9 Integer overflow in the amap_alloc1 function in OpenBSD 5.8 and 5.9 allows local users to execute arbitrary code with kernel privileges via a large size value. | 7.8 |