OpenBSD 3.5
Approved changes feed: RSS · Atom
cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*
part: o version: 3.5 update: *
| Vendor | Openbsd (932cdfc2-94b9-5fb6-8ef3-d0b271f414b5) |
|---|---|
| Product | Openbsd (53340739-b0b7-5bcf-88ee-45d5aaf96683) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/openbsd/src |
purl2cpe | 2026-06-01 10:17:38.225352 |
pkg:openbsd/openbsd |
purl2cpe | 2026-06-01 10:17:38.225353 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2011-2895 |
vulnerable | 2026-06-08 04:58:09.433843 |
Details available
The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896.
Published: 2011-08-19T17:00:00.000Z
Updated: 2024-08-06T23:15:31.486Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-2168 |
vulnerable | 2026-06-08 04:58:04.431144 |
Details available
Multiple integer overflows in the glob implementation in libc in OpenBSD before 4.9 might allow context-dependent attackers to have an unspecified impact via a crafted string, related to the GLOB_APPEND and GLOB_DOOFFS flags, a different issue than CVE-2011-0418.
Published: 2011-05-24T23:00:00.000Z
Updated: 2024-08-06T22:53:16.829Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2009-0537 |
vulnerable | 2026-06-08 04:51:09.885697 |
Details available
Integer overflow in the fts_build function in fts.c in libc in (1) OpenBSD 4.4 and earlier and (2) Microsoft Interix 6.0 build 10.0.6030.0 allows context-dependent attackers to cause a denial of service (application crash) via a deep directory tree, related to the fts_level structure member, as demonstrated by (a) du, (b) rm, (c) chmod, and (d) chgrp on OpenBSD; and (e) SearchIndexer.exe on Vista Enterprise.
Published: 2009-03-09T21:00:00.000Z
Updated: 2024-08-07T04:40:03.697Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2008-4609 |
vulnerable | 2026-06-08 04:50:47.232307 |
Details available
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.
Published: 2008-10-20T17:00:00.000Z
Updated: 2024-08-07T10:24:20.677Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2008-1148 |
not_vulnerable | 2026-06-08 04:50:19.161429 |
Details available
A certain pseudo-random number generator (PRNG) algorithm that uses ADD with 0 random hops (aka "Algorithm A0"), as used in OpenBSD 3.5 through 4.2 and NetBSD 1.6.2 through 4.0, allows remote attackers to guess sensitive values such as (1) DNS transaction IDs or (2) IP fragmentation IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as DNS cache poisoning, injection into TCP packets, and OS fingerprinting.
Published: 2008-03-04T23:00:00.000Z
Updated: 2024-08-07T08:08:57.600Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2008-1147 |
not_vulnerable | 2026-06-08 04:50:19.156570 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2008-1146 |
not_vulnerable | 2026-06-08 04:50:19.146025 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2005-0960 |
vulnerable | 2026-06-08 04:48:14.044693 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2005-0740 |
vulnerable | 2026-06-08 04:48:13.502899 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2005-0637 |
vulnerable | 2026-06-08 04:48:13.216449 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2005-0356 |
vulnerable | 2026-06-08 04:48:12.409527 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2004-2230 |
vulnerable | 2026-06-08 04:48:08.947754 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2004-2163 |
vulnerable | 2026-06-08 04:48:08.756938 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2004-1471 |
vulnerable | 2026-06-08 04:47:54.281624 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2004-1082 |
vulnerable | 2026-06-08 04:47:52.867412 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2004-0819 |
vulnerable | 2026-06-08 04:47:51.422043 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2004-0688 |
vulnerable | 2026-06-08 04:47:50.854347 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2004-0687 |
vulnerable | 2026-06-08 04:47:50.851209 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2004-0492 |
vulnerable | 2026-06-08 04:47:49.980639 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2004-0482 |
vulnerable | 2026-06-08 04:47:49.933052 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2004-0418 |
vulnerable | 2026-06-08 04:47:49.772244 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2004-0417 |
vulnerable | 2026-06-08 04:47:49.771183 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2004-0416 |
vulnerable | 2026-06-08 04:47:49.770186 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2004-0414 |
vulnerable | 2026-06-08 04:47:49.756716 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.