OpenBSD 2.6

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*

part: o version: 2.6 update: *

VendorOpenbsd (932cdfc2-94b9-5fb6-8ef3-d0b271f414b5)
ProductOpenbsd (53340739-b0b7-5bcf-88ee-45d5aaf96683)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:github/openbsd/src purl2cpe 2026-06-01 10:17:38.225326
pkg:openbsd/openbsd purl2cpe 2026-06-01 10:17:38.225328

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2011-2895 vulnerable 2026-06-08 04:58:09.433696 Details available
The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896.
Published: 2011-08-19T17:00:00.000Z
Updated: 2024-08-06T23:15:31.486Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2011-2168 vulnerable 2026-06-08 04:58:04.425322 Details available
Multiple integer overflows in the glob implementation in libc in OpenBSD before 4.9 might allow context-dependent attackers to have an unspecified impact via a crafted string, related to the GLOB_APPEND and GLOB_DOOFFS flags, a different issue than CVE-2011-0418.
Published: 2011-05-24T23:00:00.000Z
Updated: 2024-08-06T22:53:16.829Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2009-0537 vulnerable 2026-06-08 04:51:09.881315 Details available
Integer overflow in the fts_build function in fts.c in libc in (1) OpenBSD 4.4 and earlier and (2) Microsoft Interix 6.0 build 10.0.6030.0 allows context-dependent attackers to cause a denial of service (application crash) via a deep directory tree, related to the fts_level structure member, as demonstrated by (a) du, (b) rm, (c) chmod, and (d) chgrp on OpenBSD; and (e) SearchIndexer.exe on Vista Enterprise.
Published: 2009-03-09T21:00:00.000Z
Updated: 2024-08-07T04:40:03.697Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2008-4609 vulnerable 2026-06-08 04:50:47.227856 Details available
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.
Published: 2008-10-20T17:00:00.000Z
Updated: 2024-08-07T10:24:20.677Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2008-1148 not_vulnerable 2026-06-08 04:50:19.161277 Details available
A certain pseudo-random number generator (PRNG) algorithm that uses ADD with 0 random hops (aka "Algorithm A0"), as used in OpenBSD 3.5 through 4.2 and NetBSD 1.6.2 through 4.0, allows remote attackers to guess sensitive values such as (1) DNS transaction IDs or (2) IP fragmentation IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as DNS cache poisoning, injection into TCP packets, and OS fingerprinting.
Published: 2008-03-04T23:00:00.000Z
Updated: 2024-08-07T08:08:57.600Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2008-1147 not_vulnerable 2026-06-08 04:50:19.156421 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2008-1146 not_vulnerable 2026-06-08 04:50:19.141465 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2005-0740 vulnerable 2026-06-08 04:48:13.501363 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2003-1366 vulnerable 2026-06-08 04:47:47.420285 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2003-0144 vulnerable 2026-06-08 04:47:20.798575 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2003-0028 vulnerable 2026-06-08 04:47:20.305163 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2002-2180 vulnerable 2026-06-08 04:47:19.280900 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2002-2092 vulnerable 2026-06-08 04:47:19.073572 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2002-1915 vulnerable 2026-06-08 04:47:18.485356 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2002-0414 vulnerable 2026-06-08 04:46:21.381640 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2001-1047 vulnerable 2026-06-08 04:45:21.335005 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2001-0554 vulnerable 2026-06-08 04:45:20.489491 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2001-0247 vulnerable 2026-06-08 04:45:19.957514 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2001-0053 vulnerable 2026-06-08 04:45:19.647074 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2000-1010 vulnerable 2026-06-08 04:45:19.137410 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2000-1004 vulnerable 2026-06-08 04:45:19.129617 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2000-0997 vulnerable 2026-06-08 04:45:19.119934 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2000-0994 vulnerable 2026-06-08 04:45:19.117080 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2000-0993 vulnerable 2026-06-08 04:45:19.116650 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2000-0914 vulnerable 2026-06-08 04:45:18.968967 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2000-0751 vulnerable 2026-06-08 04:45:18.720277 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2000-0750 vulnerable 2026-06-08 04:45:18.719711 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2000-0489 vulnerable 2026-06-08 04:45:18.150910 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2000-0313 vulnerable 2026-06-08 04:44:58.451503 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2000-0092 vulnerable 2026-06-08 04:44:58.386636 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.