Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netbsd vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2017-1000375
NetBSD maps the run-time link-editor ld.so directly below the stack region, even if ASLR is enabled, this allows malicious users to more easily manipulate memory leading to arbitrary code execution. This affects NetBSD 7.1 and possibly earlier versions.
Netbsd Netbsd
1 EDB exploit
4.6
CVSSv2
CVE-2016-4973
Binaries compiled against targets that use the libssp library in GCC for stack smashing protection (SSP) might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature.
Gnu Libssp -
7.5
CVSSv2
CVE-2017-8283
dpkg-source in dpkg 1.3.0 up to and including 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote malicious users to conduct directory traversal attacks via a crafted Debian source package, as...
Debian Dpkg 1.18.19
Debian Dpkg 1.18.17
Debian Dpkg 1.18.12
Debian Dpkg 1.18.10
Debian Dpkg 1.18.3
Debian Dpkg 1.18.1
Debian Dpkg 1.17.18
Debian Dpkg 1.17.16
Debian Dpkg 1.17.11
Debian Dpkg 1.17.9
Debian Dpkg 1.17.2
Debian Dpkg 1.17.0
Debian Dpkg 1.16.4.3
Debian Dpkg 1.16.4.1
Debian Dpkg 1.16.1.1
Debian Dpkg 1.16.0.3
Debian Dpkg 1.15.8.7
Debian Dpkg 1.15.8.5
Debian Dpkg 1.15.7.1
Debian Dpkg 1.15.6.1
Debian Dpkg 1.15.5.3
Debian Dpkg 1.15.5.1
7.2
CVSSv2
CVE-2016-6253
mail.local in NetBSD versions 6.0 up to and including 6.0.6, 6.1 up to and including 6.1.5, and 7.0 allows local users to change ownership of or append data to arbitrary files on the target system via a symlink attack on the user mailbox.
Netbsd Netbsd 6.1.3
Netbsd Netbsd 6.1.1
Netbsd Netbsd 6.1.2
Netbsd Netbsd 6.0.2
Netbsd Netbsd 6.0.3
Netbsd Netbsd 6.0.4
Netbsd Netbsd 6.0.5
Netbsd Netbsd 6.0
Netbsd Netbsd 6.0.6
Netbsd Netbsd 6.1.4
Netbsd Netbsd 7.0
Netbsd Netbsd 6.0.1
Netbsd Netbsd 6.1
Netbsd Netbsd 6.1.5
2 EDB exploits
7.5
CVSSv2
CVE-2015-8212
CGI handling flaw in bozohttpd in NetBSD 6.0 up to and including 6.0.6, 6.1 up to and including 6.1.5, and 7.0 allows remote malicious users to execute arbitrary code via crafted arguments, which are handled by a non-CGI aware program.
Netbsd Netbsd 6.0.6
Netbsd Netbsd 6.1
Netbsd Netbsd 6.1.1
Netbsd Netbsd 6.1.2
Netbsd Netbsd 7.0
Netbsd Netbsd 6.0
Netbsd Netbsd 6.0.1
Netbsd Netbsd 6.0.3
Netbsd Netbsd 6.0.5
Netbsd Netbsd 6.1.3
Netbsd Netbsd 6.1.5
Netbsd Netbsd 6.0.2
Netbsd Netbsd 6.0.4
Netbsd Netbsd 6.1.4
5
CVSSv2
CVE-2015-5917
The glob implementation in tnftpd (formerly lukemftpd), as used in Apple OS X prior to 10.11, allows remote malicious users to cause a denial of service (memory consumption and daemon outage) via a STAT command containing a crafted pattern, as demonstrated by multiple instances o...
Netbsd Tnftpd
7.5
CVSSv2
CVE-2015-2331
Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and previous versions, as used in the ZIP extension in PHP prior to 5.4.39, 5.5.x prior to 5.5.23, and 5.6.x prior to 5.6.7 and other products, allows remote malicious users to cause a denial of servi...
Nih Libzip
Php Php 5.6.1
Php Php 5.5.0
Php Php 5.6.0
Php Php 5.6.5
Php Php 5.5.19
Php Php 5.5.16
Php Php 5.5.1
Php Php 5.5.5
Php Php 5.6.4
Php Php 5.5.21
Php Php 5.6.6
Php Php 5.5.17
Php Php 5.5.14
Php Php 5.5.7
Php Php 5.6.2
Php Php 5.5.12
Php Php
Php Php 5.5.6
Php Php 5.5.3
Php Php 5.5.8
Php Php 5.5.15
5
CVSSv2
CVE-2014-7250
The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote malicious users to cause a denial of service (resource consumption) via crafted packets.
Openbsd Openbsd 3.6
Netbsd Netbsd 2.0
Freebsd Freebsd 5.4
Bsd Bsd 4.3
7.5
CVSSv2
CVE-2014-8517
The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 up to and including 5.1.4, 5.2 up to and including 5.2.2, 6.0 up to and including 6.0.6, and 6.1 up to and including 6.1.5 allows remote malicious users to execute arbitrary commands via a | (pipe) char...
Apple Mac Os X 10.10.1
Apple Mac Os X 10.10.0
Apple Mac Os X 10.9.5
Apple Mac Os X 10.8.5
Netbsd Netbsd 5.1.3
Netbsd Netbsd 5.1.4
Netbsd Netbsd 5.2
Netbsd Netbsd 6.0.4
Netbsd Netbsd 6.0.5
Netbsd Netbsd 6.1.5
Netbsd Netbsd 5.1
Netbsd Netbsd 6.0
Netbsd Netbsd 6.0.1
Netbsd Netbsd 6.1.1
Netbsd Netbsd 6.1.2
Netbsd Netbsd 5.2.1
Netbsd Netbsd 5.2.2
Netbsd Netbsd 6.0.6
Netbsd Netbsd 6.1
Netbsd Netbsd 5.1.1
Netbsd Netbsd 5.1.2
Netbsd Netbsd 6.0.2
2 EDB exploits
1 Github repository
1 Article
5
CVSSv2
CVE-2014-5384
The VIQR module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent malicious users to cause a denial of service (out-of-bounds array access) via a crafted argument to the iconv_open function. NOTE: this issue was SPLIT from CVE-2014-3951 per...
Netbsd Netbsd
Freebsd Freebsd 10.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »