NetBSD
by NetBSD
Source repositories
CVEs (176)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-1999-0074 | 0.01 | — | 0.08 | Jul 1, 1997 | Listening TCP ports are sequentially allocated, allowing spoofing attacks. | |||
| CVE-2021-45484 | 0.00 | — | 0.01 | Dec 25, 2021 | In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG. | |||
| CVE-2021-45487 | 0.00 | — | 0.01 | Dec 25, 2021 | In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures. | |||
| CVE-2021-45488 | 0.00 | — | 0.01 | Dec 25, 2021 | In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm. | |||
| CVE-2021-45489 | 0.00 | — | 0.01 | Dec 25, 2021 | In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG. | |||
| CVE-2012-5365 | 0.00 | — | 0.03 | Feb 20, 2020 | The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries. | |||
| CVE-2011-2480 | 0.00 | — | 0.02 | Nov 27, 2019 | Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures. A signedness error in the IEEE80211_IOC_CHANINFO ioctl allows a local unprivileged user to cause the kernel to copy large amounts of… | |||
| CVE-2014-7250 | 0.00 | — | 0.05 | Dec 12, 2014 | The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service (resource consumption) via crafted packets. | |||
| CVE-2014-5384 | 0.00 | — | 0.02 | Aug 21, 2014 | The VIQR module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denial of service (out-of-bounds array access) via a crafted argument to the iconv_open function. NOTE: this issue was SPLIT from CVE-2014-3951 per… | |||
| CVE-2014-3951 | 0.00 | — | 0.02 | Aug 21, 2014 | The HZ module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a crafted argument to the iconv_open function. NOTE: this issue was SPLIT per ADT2 due to different… | |||
| CVE-2014-5015 | 0.00 | — | 0.02 | Jul 24, 2014 | bozotic HTTP server (aka bozohttpd) before 20140708, as used in NetBSD, truncates paths when checking .htpasswd restrictions, which allows remote attackers to bypass the HTTP authentication scheme and access restrictions via a long path. | |||
| CVE-2007-6754 | 0.00 | — | 0.01 | Jul 25, 2012 | The ipalloc function in libc/stdlib/malloc.c in jemalloc in libc for FreeBSD 6.4 and NetBSD does not properly allocate memory, which makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, related to… | |||
| CVE-2006-7252 | 0.00 | — | 0.01 | Jul 25, 2012 | Integer overflow in the calloc function in libc/stdlib/malloc.c in jemalloc in libc for FreeBSD 6.4 and NetBSD makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which triggers a memory allocation of… | |||
| CVE-2011-2393 | 0.00 | — | 0.02 | Feb 2, 2012 | The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in FreeBSD, NetBSD, and possibly other BSD-based operating systems allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with… | |||
| CVE-2011-1920 | 0.00 | — | 0.00 | May 23, 2011 | The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and other products, allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_depend##### temporary file, related to (1) bsd.lib.mk and (2) bsd.prog.mk. | |||
| CVE-2010-4754 | 0.00 | — | 0.01 | Mar 2, 2011 | The glob implementation in libc in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, and OpenBSD 4.7, and Libsystem in Apple Mac OS X before 10.6.8, allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any… | |||
| CVE-2010-2530 | 0.00 | — | 0.00 | Sep 29, 2010 | Multiple integer signedness errors in smb_subr.c in the netsmb module in the kernel in NetBSD 5.0.2 and earlier, FreeBSD, and Apple Mac OS X allow local users to cause a denial of service (panic) via a negative size value in a /dev/nsmb ioctl operation, as demonstrated by a (1)… | |||
| CVE-2010-3014 | 0.00 | — | 0.00 | Aug 20, 2010 | The Coda filesystem kernel module, as used in NetBSD and FreeBSD, when Coda is loaded and Venus is running with /coda mounted, allows local users to read sensitive heap memory via a large out_size value in a ViceIoctl struct to a Coda ioctl, which triggers a buffer over-read. | |||
| CVE-2010-0561 | 0.00 | — | 0.00 | Feb 8, 2010 | Integer signedness error in NetBSD 4.0, 5.0, and NetBSD-current before 2010-01-21 allows local users to cause a denial of service (kernel panic) via a negative mixer index number being passed to (1) the azalia_query_devinfo function in the azalia audio driver… | |||
| CVE-2009-2483 | 0.00 | — | 0.00 | Jul 16, 2009 | libprop/prop_object.c in proplib in NetBSD 4.0 and 4.0.1 allows local users to cause a denial of service (NULL pointer dereference and kernel panic) via a malformed externalized plist (XML form) containing an undefined element. |
- CVE-1999-0074Jul 1, 1997risk 0.01cvss —epss 0.08
Listening TCP ports are sequentially allocated, allowing spoofing attacks.
- CVE-2021-45484Dec 25, 2021risk 0.00cvss —epss 0.01
In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG.
- CVE-2021-45487Dec 25, 2021risk 0.00cvss —epss 0.01
In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures.
- CVE-2021-45488Dec 25, 2021risk 0.00cvss —epss 0.01
In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm.
- CVE-2021-45489Dec 25, 2021risk 0.00cvss —epss 0.01
In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG.
- CVE-2012-5365Feb 20, 2020risk 0.00cvss —epss 0.03
The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries.
- CVE-2011-2480Nov 27, 2019risk 0.00cvss —epss 0.02
Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures. A signedness error in the IEEE80211_IOC_CHANINFO ioctl allows a local unprivileged user to cause the kernel to copy large amounts of…
- CVE-2014-7250Dec 12, 2014risk 0.00cvss —epss 0.05
The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service (resource consumption) via crafted packets.
- CVE-2014-5384Aug 21, 2014risk 0.00cvss —epss 0.02
The VIQR module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denial of service (out-of-bounds array access) via a crafted argument to the iconv_open function. NOTE: this issue was SPLIT from CVE-2014-3951 per…
- CVE-2014-3951Aug 21, 2014risk 0.00cvss —epss 0.02
The HZ module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a crafted argument to the iconv_open function. NOTE: this issue was SPLIT per ADT2 due to different…
- CVE-2014-5015Jul 24, 2014risk 0.00cvss —epss 0.02
bozotic HTTP server (aka bozohttpd) before 20140708, as used in NetBSD, truncates paths when checking .htpasswd restrictions, which allows remote attackers to bypass the HTTP authentication scheme and access restrictions via a long path.
- CVE-2007-6754Jul 25, 2012risk 0.00cvss —epss 0.01
The ipalloc function in libc/stdlib/malloc.c in jemalloc in libc for FreeBSD 6.4 and NetBSD does not properly allocate memory, which makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, related to…
- CVE-2006-7252Jul 25, 2012risk 0.00cvss —epss 0.01
Integer overflow in the calloc function in libc/stdlib/malloc.c in jemalloc in libc for FreeBSD 6.4 and NetBSD makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which triggers a memory allocation of…
- CVE-2011-2393Feb 2, 2012risk 0.00cvss —epss 0.02
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in FreeBSD, NetBSD, and possibly other BSD-based operating systems allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with…
- CVE-2011-1920May 23, 2011risk 0.00cvss —epss 0.00
The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and other products, allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_depend##### temporary file, related to (1) bsd.lib.mk and (2) bsd.prog.mk.
- CVE-2010-4754Mar 2, 2011risk 0.00cvss —epss 0.01
The glob implementation in libc in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, and OpenBSD 4.7, and Libsystem in Apple Mac OS X before 10.6.8, allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any…
- CVE-2010-2530Sep 29, 2010risk 0.00cvss —epss 0.00
Multiple integer signedness errors in smb_subr.c in the netsmb module in the kernel in NetBSD 5.0.2 and earlier, FreeBSD, and Apple Mac OS X allow local users to cause a denial of service (panic) via a negative size value in a /dev/nsmb ioctl operation, as demonstrated by a (1)…
- CVE-2010-3014Aug 20, 2010risk 0.00cvss —epss 0.00
The Coda filesystem kernel module, as used in NetBSD and FreeBSD, when Coda is loaded and Venus is running with /coda mounted, allows local users to read sensitive heap memory via a large out_size value in a ViceIoctl struct to a Coda ioctl, which triggers a buffer over-read.
- CVE-2010-0561Feb 8, 2010risk 0.00cvss —epss 0.00
Integer signedness error in NetBSD 4.0, 5.0, and NetBSD-current before 2010-01-21 allows local users to cause a denial of service (kernel panic) via a negative mixer index number being passed to (1) the azalia_query_devinfo function in the azalia audio driver…
- CVE-2009-2483Jul 16, 2009risk 0.00cvss —epss 0.00
libprop/prop_object.c in proplib in NetBSD 4.0 and 4.0.1 allows local users to cause a denial of service (NULL pointer dereference and kernel panic) via a malformed externalized plist (XML form) containing an undefined element.
Page 4 of 9