GCVE - cpe:2.3:o:openbsd:openbsd:-:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:openbsd:openbsd:-:*:*:*:*:*:*:*

part: o version: - update: *

Vendor	Openbsd (`932cdfc2-94b9-5fb6-8ef3-d0b271f414b5`)
Product	Openbsd (`53340739-b0b7-5bcf-88ee-45d5aaf96683`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/openbsd/src`	purl2cpe	2026-06-01 10:17:38.225307
`pkg:openbsd/openbsd`	purl2cpe	2026-06-01 10:17:38.225308

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2019-6724`	not_vulnerable	2026-06-08 05:14:13.026876	Details available The barracudavpn component of the Barracuda VPN Client prior to version 5.0.2.7 for Linux, macOS, and OpenBSD runs as a privileged process and can allow an unprivileged local attacker to load a malicious library, resulting in arbitrary code executing as root. Published: 2019-03-18T19:12:25.000Z Updated: 2024-08-04T20:31:04.109Z Open on db.gcve.eu Reference links https://campus.barracuda.com/product/networkaccessclient/doc/78154149/release-notes-barracuda-vpn-client-for-linux/ http://campus.barracuda.com/product/networkaccessclient/doc/78154147/release-notes-barracuda-vpn-client-for-macos/ https://blog.mirch.io/2019/02/14/cve-2019-6724-barracuda-vpn-client-privilege-escalation-on-linux-and-macos/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2019-14899`	vulnerable	2026-06-08 05:12:56.383190	Details available HIGH (7.4) A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream. This provides everything that is needed for an attacker to hijack active connections inside the VPN tunnel. Published: 2019-12-11T14:45:12.000Z Updated: 2024-08-05T00:26:39.138Z Open on db.gcve.eu Reference links https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14899 https://openvpn.net/security-advisory/no-flaws-found-in-openvpn-software/ https://support.apple.com/kb/HT211288 https://support.apple.com/kb/HT211290 https://support.apple.com/kb/HT211289	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-1577`	vulnerable	2026-06-08 05:00:49.569058	Details available lib/libc/stdlib/random.c in OpenBSD returns 0 when seeded with 0. Published: 2019-12-10T18:45:07.000Z Updated: 2024-08-06T19:01:02.509Z Open on db.gcve.eu Reference links https://security-tracker.debian.org/tracker/CVE-2012-1577 http://www.openwall.com/lists/oss-security/2012/03/23/14 http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libc/stdlib/random.c#rev1.16 https://github.com/ensc/dietlibc/blob/master/CHANGES	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2008-4609`	vulnerable	2026-06-08 04:50:47.224279	Details available The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. Published: 2008-10-20T17:00:00.000Z Updated: 2024-08-07T10:24:20.677Z Open on db.gcve.eu Reference links http://blog.robertlee.name/2008/10/conjecture-speculation.html https://www.cert.fi/haavoittuvuudet/2008/tcp-vulnerabilities.html http://marc.info/?l=bugtraq&m=125856010926699&w=2 http://lists.immunitysec.com/pipermail/dailydave/2008-October/005360.html http://insecure.org/stf/tcp-dos-attack-explained.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.