Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Netbsd Subscribe
Total 178 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-3566 11 Apple, Debian, Fedoraproject and 8 more 20 Mac Os X, Debian Linux, Fedora and 17 more 2023-02-12 4.3 MEDIUM 3.4 LOW
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
CVE-2008-4609 12 Bsd, Bsdi, Cisco and 9 more 22 Bsd, Bsd Os, Catalyst Blade Switch 3020 and 19 more 2022-12-14 7.1 HIGH N/A
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.
CVE-2020-26139 5 Arista, Cisco, Debian and 2 more 330 C-100, C-100 Firmware, C-110 and 327 more 2022-09-29 2.9 LOW 5.3 MEDIUM
An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients.
CVE-2011-0419 9 Apache, Apple, Debian and 6 more 10 Http Server, Portable Runtime, Mac Os X and 7 more 2022-09-19 4.3 MEDIUM N/A
Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd.
CVE-1999-0303 4 Digital, Netbsd, Openbsd and 1 more 5 Osf 1, Netbsd, Openbsd and 2 more 2022-08-17 4.6 MEDIUM N/A
Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames.
CVE-1999-0433 5 Netbsd, Redhat, Slackware and 2 more 5 Netbsd, Linux, Slackware Linux and 2 more 2022-08-17 4.6 MEDIUM N/A
XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
CVE-1999-0422 1 Netbsd 1 Netbsd 2022-08-17 4.6 MEDIUM N/A
In some cases, NetBSD 1.3.3 mount allows local users to execute programs in some file systems that have the "noexec" flag set.
CVE-1999-0297 5 Bsdi, Freebsd, Netbsd and 2 more 5 Bsd Os, Freebsd, Netbsd and 2 more 2022-08-17 7.2 HIGH N/A
Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable.
CVE-1999-0420 1 Netbsd 1 Umapfs 2022-08-17 7.2 HIGH N/A
umapfs allows local users to gain root privileges by changing their uid through a malicious mount_umap program.
CVE-1999-0304 4 Bsdi, Freebsd, Netbsd and 1 more 4 Bsd Os, Freebsd, Netbsd and 1 more 2022-08-17 7.2 HIGH N/A
mmap function in BSD allows local attackers in the kmem group to modify memory through devices.
CVE-1999-0396 2 Netbsd, Openbsd 2 Netbsd, Openbsd 2022-08-17 2.6 LOW N/A
A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service.
CVE-1999-0628 4 Freebsd, Ibm, Linux and 1 more 4 Freebsd, Aix, Linux Kernel and 1 more 2022-08-17 5.0 MEDIUM N/A
The rwho/rwhod service is running, which exposes machine status and user information.
CVE-1999-0513 7 Digital, Freebsd, Hp and 4 more 8 Unix, Freebsd, Hp-ux and 5 more 2022-08-17 5.0 MEDIUM N/A
ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.
CVE-1999-0017 9 Caldera, Freebsd, Gnu and 6 more 11 Openlinux, Freebsd, Inet and 8 more 2022-08-17 7.5 HIGH N/A
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
CVE-1999-0046 10 Bsdi, Data General, Debian and 7 more 12 Bsd Os, Dg Ux, Debian Linux and 9 more 2022-08-17 10.0 HIGH N/A
Buffer overflow of rlogin program using TERM environmental variable.
CVE-1999-0074 4 Freebsd, Linux, Microsoft and 1 more 4 Freebsd, Linux Kernel, Windows Nt and 1 more 2022-08-16 6.4 MEDIUM N/A
Listening TCP ports are sequentially allocated, allowing spoofing attacks.
CVE-2001-0554 9 Debian, Freebsd, Ibm and 6 more 11 Debian Linux, Freebsd, Aix and 8 more 2022-01-21 10.0 HIGH N/A
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.
CVE-2021-45484 1 Netbsd 1 Netbsd 2022-01-10 5.0 MEDIUM 7.5 HIGH
In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG.
CVE-2021-45487 1 Netbsd 1 Netbsd 2022-01-10 5.0 MEDIUM 7.5 HIGH
In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures.
CVE-2021-45488 1 Netbsd 1 Netbsd 2022-01-10 5.0 MEDIUM 7.5 HIGH
In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm.