Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netbsd netbsd vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2017-1000374
A flaw exists in NetBSD's implementation of the stack guard page that allows malicious users to bypass it resulting in arbitrary code execution using certain setuid binaries. This affects NetBSD 7.1 and possibly earlier versions.
Netbsd Netbsd
7.5
CVSSv2
CVE-2017-1000375
NetBSD maps the run-time link-editor ld.so directly below the stack region, even if ASLR is enabled, this allows malicious users to more easily manipulate memory leading to arbitrary code execution. This affects NetBSD 7.1 and possibly earlier versions.
Netbsd Netbsd
1 EDB exploit
7.5
CVSSv2
CVE-2017-1000378
The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows malicious users to consume arbitrary amounts of stack memory and manipulate sta...
Netbsd Netbsd
4.6
CVSSv2
CVE-2016-4973
Binaries compiled against targets that use the libssp library in GCC for stack smashing protection (SSP) might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature.
Gnu Libssp -
7.5
CVSSv2
CVE-2017-8283
dpkg-source in dpkg 1.3.0 up to and including 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote malicious users to conduct directory traversal attacks via a crafted Debian source package, as...
Debian Dpkg 1.18.19
Debian Dpkg 1.18.17
Debian Dpkg 1.18.12
Debian Dpkg 1.18.10
Debian Dpkg 1.18.3
Debian Dpkg 1.18.1
Debian Dpkg 1.17.18
Debian Dpkg 1.17.16
Debian Dpkg 1.17.11
Debian Dpkg 1.17.9
Debian Dpkg 1.17.2
Debian Dpkg 1.17.0
Debian Dpkg 1.16.4.3
Debian Dpkg 1.16.4.1
Debian Dpkg 1.16.1.1
Debian Dpkg 1.16.0.3
Debian Dpkg 1.15.8.7
Debian Dpkg 1.15.8.5
Debian Dpkg 1.15.7.1
Debian Dpkg 1.15.6.1
Debian Dpkg 1.15.5.3
Debian Dpkg 1.15.5.1
7.2
CVSSv2
CVE-2016-6253
mail.local in NetBSD versions 6.0 up to and including 6.0.6, 6.1 up to and including 6.1.5, and 7.0 allows local users to change ownership of or append data to arbitrary files on the target system via a symlink attack on the user mailbox.
Netbsd Netbsd 6.1.3
Netbsd Netbsd 6.1.1
Netbsd Netbsd 6.1.2
Netbsd Netbsd 6.0.2
Netbsd Netbsd 6.0.3
Netbsd Netbsd 6.0.4
Netbsd Netbsd 6.0.5
Netbsd Netbsd 6.0
Netbsd Netbsd 6.0.6
Netbsd Netbsd 6.1.4
Netbsd Netbsd 7.0
Netbsd Netbsd 6.0.1
Netbsd Netbsd 6.1
Netbsd Netbsd 6.1.5
2 EDB exploits
7.5
CVSSv2
CVE-2015-8212
CGI handling flaw in bozohttpd in NetBSD 6.0 up to and including 6.0.6, 6.1 up to and including 6.1.5, and 7.0 allows remote malicious users to execute arbitrary code via crafted arguments, which are handled by a non-CGI aware program.
Netbsd Netbsd 6.0.6
Netbsd Netbsd 6.1
Netbsd Netbsd 6.1.1
Netbsd Netbsd 6.1.2
Netbsd Netbsd 7.0
Netbsd Netbsd 6.0
Netbsd Netbsd 6.0.1
Netbsd Netbsd 6.0.3
Netbsd Netbsd 6.0.5
Netbsd Netbsd 6.1.3
Netbsd Netbsd 6.1.5
Netbsd Netbsd 6.0.2
Netbsd Netbsd 6.0.4
Netbsd Netbsd 6.1.4
5
CVSSv2
CVE-2015-5917
The glob implementation in tnftpd (formerly lukemftpd), as used in Apple OS X prior to 10.11, allows remote malicious users to cause a denial of service (memory consumption and daemon outage) via a STAT command containing a crafted pattern, as demonstrated by multiple instances o...
Netbsd Tnftpd
7.5
CVSSv2
CVE-2015-2331
Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and previous versions, as used in the ZIP extension in PHP prior to 5.4.39, 5.5.x prior to 5.5.23, and 5.6.x prior to 5.6.7 and other products, allows remote malicious users to cause a denial of servi...
Nih Libzip
Php Php 5.6.1
Php Php 5.5.0
Php Php 5.6.0
Php Php 5.6.5
Php Php 5.5.19
Php Php 5.5.16
Php Php 5.5.1
Php Php 5.5.5
Php Php 5.6.4
Php Php 5.5.21
Php Php 5.6.6
Php Php 5.5.17
Php Php 5.5.14
Php Php 5.5.7
Php Php 5.6.2
Php Php 5.5.12
Php Php
Php Php 5.5.6
Php Php 5.5.3
Php Php 5.5.8
Php Php 5.5.15
5
CVSSv2
CVE-2014-7250
The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote malicious users to cause a denial of service (resource consumption) via crafted packets.
Openbsd Openbsd 3.6
Netbsd Netbsd 2.0
Freebsd Freebsd 5.4
Bsd Bsd 4.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »