OpenBSD 3.6
Approved changes feed: RSS · Atom
cpe:2.3:o:openbsd:openbsd:3.6:*:*:*:*:*:*:*
part: o version: 3.6 update: *
| Vendor | Openbsd (932cdfc2-94b9-5fb6-8ef3-d0b271f414b5) |
|---|---|
| Product | Openbsd (53340739-b0b7-5bcf-88ee-45d5aaf96683) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/openbsd/src |
purl2cpe | 2026-06-01 10:17:38.225355 |
pkg:openbsd/openbsd |
purl2cpe | 2026-06-01 10:17:38.225356 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2014-7250 |
vulnerable | 2026-06-08 05:05:59.118301 |
Details available
The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service (resource consumption) via crafted packets.
Published: 2014-12-12T02:00:00.000Z
Updated: 2024-08-06T12:40:19.262Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-2895 |
vulnerable | 2026-06-08 04:58:09.433860 |
Details available
The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896.
Published: 2011-08-19T17:00:00.000Z
Updated: 2024-08-06T23:15:31.486Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-2168 |
vulnerable | 2026-06-08 04:58:04.431891 |
Details available
Multiple integer overflows in the glob implementation in libc in OpenBSD before 4.9 might allow context-dependent attackers to have an unspecified impact via a crafted string, related to the GLOB_APPEND and GLOB_DOOFFS flags, a different issue than CVE-2011-0418.
Published: 2011-05-24T23:00:00.000Z
Updated: 2024-08-06T22:53:16.829Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2009-0537 |
vulnerable | 2026-06-08 04:51:09.886231 |
Details available
Integer overflow in the fts_build function in fts.c in libc in (1) OpenBSD 4.4 and earlier and (2) Microsoft Interix 6.0 build 10.0.6030.0 allows context-dependent attackers to cause a denial of service (application crash) via a deep directory tree, related to the fts_level structure member, as demonstrated by (a) du, (b) rm, (c) chmod, and (d) chgrp on OpenBSD; and (e) SearchIndexer.exe on Vista Enterprise.
Published: 2009-03-09T21:00:00.000Z
Updated: 2024-08-07T04:40:03.697Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2008-4609 |
vulnerable | 2026-06-08 04:50:47.232809 |
Details available
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.
Published: 2008-10-20T17:00:00.000Z
Updated: 2024-08-07T10:24:20.677Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2008-1148 |
not_vulnerable | 2026-06-08 04:50:19.161446 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2008-1147 |
not_vulnerable | 2026-06-08 04:50:19.156587 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2008-1146 |
not_vulnerable | 2026-06-08 04:50:19.146537 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2005-0960 |
vulnerable | 2026-06-08 04:48:14.044715 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2005-0740 |
vulnerable | 2026-06-08 04:48:13.502917 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2005-0637 |
vulnerable | 2026-06-08 04:48:13.216470 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2005-0356 |
vulnerable | 2026-06-08 04:48:12.409544 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2004-2230 |
vulnerable | 2026-06-08 04:48:08.948868 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.