Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netbsd netbsd vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-1000374
A flaw exists in NetBSD's implementation of the stack guard page that allows malicious users to bypass it resulting in arbitrary code execution using certain setuid binaries. This affects NetBSD 7.1 and possibly earlier versions.
Netbsd Netbsd
9.8
CVSSv3
CVE-2017-1000375
NetBSD maps the run-time link-editor ld.so directly below the stack region, even if ASLR is enabled, this allows malicious users to more easily manipulate memory leading to arbitrary code execution. This affects NetBSD 7.1 and possibly earlier versions.
Netbsd Netbsd
1 EDB exploit
9.8
CVSSv3
CVE-2017-1000378
The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows malicious users to consume arbitrary amounts of stack memory and manipulate sta...
Netbsd Netbsd
9.8
CVSSv3
CVE-2017-8283
dpkg-source in dpkg 1.3.0 up to and including 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote malicious users to conduct directory traversal attacks via a crafted Debian source package, as...
Debian Dpkg 1.18.19
Debian Dpkg 1.18.17
Debian Dpkg 1.18.12
Debian Dpkg 1.18.10
Debian Dpkg 1.18.3
Debian Dpkg 1.18.1
Debian Dpkg 1.17.18
Debian Dpkg 1.17.16
Debian Dpkg 1.17.11
Debian Dpkg 1.17.9
Debian Dpkg 1.17.2
Debian Dpkg 1.17.0
Debian Dpkg 1.16.4.3
Debian Dpkg 1.16.4.1
Debian Dpkg 1.16.1.1
Debian Dpkg 1.16.0.3
Debian Dpkg 1.15.8.7
Debian Dpkg 1.15.8.5
Debian Dpkg 1.15.7.1
Debian Dpkg 1.15.6.1
Debian Dpkg 1.15.5.3
Debian Dpkg 1.15.5.1
9.8
CVSSv3
CVE-2015-8212
CGI handling flaw in bozohttpd in NetBSD 6.0 up to and including 6.0.6, 6.1 up to and including 6.1.5, and 7.0 allows remote malicious users to execute arbitrary code via crafted arguments, which are handled by a non-CGI aware program.
Netbsd Netbsd 6.0.6
Netbsd Netbsd 6.1
Netbsd Netbsd 6.1.1
Netbsd Netbsd 6.1.2
Netbsd Netbsd 7.0
Netbsd Netbsd 6.0
Netbsd Netbsd 6.0.1
Netbsd Netbsd 6.0.3
Netbsd Netbsd 6.0.5
Netbsd Netbsd 6.1.3
Netbsd Netbsd 6.1.5
Netbsd Netbsd 6.0.2
Netbsd Netbsd 6.0.4
Netbsd Netbsd 6.1.4
9.8
CVSSv3
CVE-2003-0466
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow malicious users to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 up to and including 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buff...
Wuftpd Wu-ftpd
Redhat Wu Ftpd 2.6.1-16
Apple Mac Os X Server 10.2.6
Apple Mac Os X 10.2.6
Sun Solaris 9.0
Freebsd Freebsd
Netbsd Netbsd
Openbsd Openbsd
5 EDB exploits
8.8
CVSSv3
CVE-2020-29569
An issue exists in the Linux kernel up to and including 5.10.1, as used with Xen up to and including 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to reset ring->xenblkd to NULL when stopped. However, the handler may not have time to run if the fr...
Xen Xen
Linux Linux Kernel
Netapp Hci Compute Node Bios -
Netapp Solidfire \\& Hci Management Node -
Netapp Solidfire \\& Hci Storage Node -
Debian Debian Linux 9.0
Debian Debian Linux 10.0
8.8
CVSSv3
CVE-2019-15901
An issue exists in slicer69 doas prior to 6.2 on certain platforms other than OpenBSD. A setusercontext(3) call with flags to change the UID, primary GID, and secondary GIDs was replaced (on certain platforms: Linux and possibly NetBSD) with a single setuid(2) call. This resulted...
Doas Project Doas
8.1
CVSSv3
CVE-2020-28374
In drivers/target/target_core_xcopy.c in the Linux kernel prior to 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by remote malicious users to read or write files via directory traversal in an XCOPY request, aka CID-2896c93811e3. For example, an ...
Linux Linux Kernel
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
7.8
CVSSv3
CVE-2020-27815
A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. The highest threat from this vulnerability is to confidentiality, int...
Linux Linux Kernel
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Netapp Aff A250 Firmware -
Netapp Fas500f Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »