Vulnerabilities (CVE)

Filtered by vendor Netbsd Subscribe
Filtered by product Netbsd
Total 175 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-45484 1 Netbsd 1 Netbsd 2022-01-10 5.0 MEDIUM 7.5 HIGH
In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG.
CVE-2021-45487 1 Netbsd 1 Netbsd 2022-01-10 5.0 MEDIUM 7.5 HIGH
In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures.
CVE-2021-45488 1 Netbsd 1 Netbsd 2022-01-10 5.0 MEDIUM 7.5 HIGH
In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm.
CVE-2021-45489 1 Netbsd 1 Netbsd 2022-01-10 5.0 MEDIUM 7.5 HIGH
In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG.
CVE-2014-3566 11 Apple, Debian, Fedoraproject and 8 more 20 Mac Os X, Debian Linux, Fedora and 17 more 2021-11-17 4.3 MEDIUM 3.4 LOW
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
CVE-2020-26139 1 Netbsd 1 Netbsd 2021-10-28 2.9 LOW 5.3 MEDIUM
An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients.
CVE-2008-4609 11 Bsd, Bsdi, Cisco and 8 more 27 Bsd, Bsd Os, Ios and 24 more 2021-07-07 7.1 HIGH N/A
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.
CVE-2011-0419 7 Apache, Apple, Freebsd and 4 more 8 Http Server, Portable Runtime, Mac Os X and 5 more 2021-06-06 4.3 MEDIUM N/A
Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd.
CVE-2012-0217 8 Citrix, Freebsd, Illumos and 5 more 11 Xenserver, Freebsd, Illumos and 8 more 2020-09-28 7.2 HIGH N/A
The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier.
CVE-2012-5363 2 Freebsd, Netbsd 2 Freebsd, Netbsd 2020-02-28 7.8 HIGH 7.5 HIGH
The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2011-2393.
CVE-2012-5365 2 Freebsd, Netbsd 2 Freebsd, Netbsd 2020-02-25 7.8 HIGH 7.5 HIGH
The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries.
CVE-2001-0247 5 Freebsd, Mit, Netbsd and 2 more 5 Freebsd, Kerberos 5, Netbsd and 2 more 2020-01-21 10.0 HIGH N/A
Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.
CVE-2001-0554 8 Freebsd, Ibm, Mit and 5 more 10 Freebsd, Aix, Kerberos and 7 more 2020-01-21 10.0 HIGH N/A
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.
CVE-2011-2480 2 Freebsd, Netbsd 2 Freebsd, Netbsd 2019-12-10 5.0 MEDIUM 7.5 HIGH
Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures. A signedness error in the IEEE80211_IOC_CHANINFO ioctl allows a local unprivileged user to cause the kernel to copy large amounts of kernel memory back to the user, disclosing potentially sensitive information.
CVE-2017-1000378 1 Netbsd 1 Netbsd 2019-10-03 7.5 HIGH 9.8 CRITICAL
The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in arbitrary code execution attacks. This affects NetBSD 7.1 and possibly earlier versions.
CVE-2017-1000374 1 Netbsd 1 Netbsd 2019-10-03 7.5 HIGH 9.8 CRITICAL
A flaw exists in NetBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using certain setuid binaries. This affects NetBSD 7.1 and possibly earlier versions.
CVE-2003-0001 4 Freebsd, Linux, Microsoft and 1 more 5 Freebsd, Linux Kernel, Windows 2000 and 2 more 2019-04-30 5.0 MEDIUM N/A
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.
CVE-2009-0689 5 Freebsd, K-meleon Project, Mozilla and 2 more 6 Freebsd, K-meleon, Firefox and 3 more 2018-11-02 6.8 MEDIUM N/A
Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.
CVE-2002-1337 7 Gentoo, Hp, Netbsd and 4 more 12 Linux, Alphaserver Sc, Hp-ux and 9 more 2018-10-30 10.0 HIGH N/A
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
CVE-1999-0046 10 Bsdi, Data General, Debian and 7 more 12 Bsd Os, Dg Ux, Debian Linux and 9 more 2018-10-30 10.0 HIGH N/A
Buffer overflow of rlogin program using TERM environmental variable.