Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netbsd netbsd vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2017-1000378
The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows malicious users to consume arbitrary amounts of stack memory and manipulate sta...
Netbsd Netbsd
409
VMScore
CVE-2016-4973
Binaries compiled against targets that use the libssp library in GCC for stack smashing protection (SSP) might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature.
Gnu Libssp -
668
VMScore
CVE-2017-8283
dpkg-source in dpkg 1.3.0 up to and including 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote malicious users to conduct directory traversal attacks via a crafted Debian source package, as...
Debian Dpkg 1.18.19
Debian Dpkg 1.18.17
Debian Dpkg 1.18.12
Debian Dpkg 1.18.10
Debian Dpkg 1.18.3
Debian Dpkg 1.18.1
Debian Dpkg 1.17.18
Debian Dpkg 1.17.16
Debian Dpkg 1.17.11
Debian Dpkg 1.17.9
Debian Dpkg 1.17.2
Debian Dpkg 1.17.0
Debian Dpkg 1.16.4.3
Debian Dpkg 1.16.4.1
Debian Dpkg 1.16.1.1
Debian Dpkg 1.16.0.3
Debian Dpkg 1.15.8.7
Debian Dpkg 1.15.8.5
Debian Dpkg 1.15.7.1
Debian Dpkg 1.15.6.1
Debian Dpkg 1.15.5.3
Debian Dpkg 1.15.5.1
730
VMScore
CVE-2016-6253
mail.local in NetBSD versions 6.0 up to and including 6.0.6, 6.1 up to and including 6.1.5, and 7.0 allows local users to change ownership of or append data to arbitrary files on the target system via a symlink attack on the user mailbox.
Netbsd Netbsd 6.1.3
Netbsd Netbsd 6.1.1
Netbsd Netbsd 6.1.2
Netbsd Netbsd 6.0.2
Netbsd Netbsd 6.0.3
Netbsd Netbsd 6.0.4
Netbsd Netbsd 6.0.5
Netbsd Netbsd 6.0
Netbsd Netbsd 6.0.6
Netbsd Netbsd 6.1.4
Netbsd Netbsd 7.0
Netbsd Netbsd 6.0.1
Netbsd Netbsd 6.1
Netbsd Netbsd 6.1.5
2 EDB exploits
668
VMScore
CVE-2015-8212
CGI handling flaw in bozohttpd in NetBSD 6.0 up to and including 6.0.6, 6.1 up to and including 6.1.5, and 7.0 allows remote malicious users to execute arbitrary code via crafted arguments, which are handled by a non-CGI aware program.
Netbsd Netbsd 6.0.6
Netbsd Netbsd 6.1
Netbsd Netbsd 6.1.1
Netbsd Netbsd 6.1.2
Netbsd Netbsd 7.0
Netbsd Netbsd 6.0
Netbsd Netbsd 6.0.1
Netbsd Netbsd 6.0.3
Netbsd Netbsd 6.0.5
Netbsd Netbsd 6.1.3
Netbsd Netbsd 6.1.5
Netbsd Netbsd 6.0.2
Netbsd Netbsd 6.0.4
Netbsd Netbsd 6.1.4
445
VMScore
CVE-2015-5917
The glob implementation in tnftpd (formerly lukemftpd), as used in Apple OS X prior to 10.11, allows remote malicious users to cause a denial of service (memory consumption and daemon outage) via a STAT command containing a crafted pattern, as demonstrated by multiple instances o...
Netbsd Tnftpd
668
VMScore
CVE-2015-2331
Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and previous versions, as used in the ZIP extension in PHP prior to 5.4.39, 5.5.x prior to 5.5.23, and 5.6.x prior to 5.6.7 and other products, allows remote malicious users to cause a denial of servi...
Nih Libzip
Php Php 5.6.1
Php Php 5.5.0
Php Php 5.6.0
Php Php 5.6.5
Php Php 5.5.19
Php Php 5.5.16
Php Php 5.5.1
Php Php 5.5.5
Php Php 5.6.4
Php Php 5.5.21
Php Php 5.6.6
Php Php 5.5.17
Php Php 5.5.14
Php Php 5.5.7
Php Php 5.6.2
Php Php 5.5.12
Php Php
Php Php 5.5.6
Php Php 5.5.3
Php Php 5.5.8
Php Php 5.5.15
445
VMScore
CVE-2014-7250
The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote malicious users to cause a denial of service (resource consumption) via crafted packets.
Openbsd Openbsd 3.6
Netbsd Netbsd 2.0
Freebsd Freebsd 5.4
Bsd Bsd 4.3
760
VMScore
CVE-2014-8517
The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 up to and including 5.1.4, 5.2 up to and including 5.2.2, 6.0 up to and including 6.0.6, and 6.1 up to and including 6.1.5 allows remote malicious users to execute arbitrary commands via a | (pipe) char...
Apple Mac Os X 10.10.1
Apple Mac Os X 10.10.0
Apple Mac Os X 10.9.5
Apple Mac Os X 10.8.5
Netbsd Netbsd 5.1.3
Netbsd Netbsd 5.1.4
Netbsd Netbsd 5.2
Netbsd Netbsd 6.0.4
Netbsd Netbsd 6.0.5
Netbsd Netbsd 6.1.5
Netbsd Netbsd 5.1
Netbsd Netbsd 6.0
Netbsd Netbsd 6.0.1
Netbsd Netbsd 6.1.1
Netbsd Netbsd 6.1.2
Netbsd Netbsd 5.2.1
Netbsd Netbsd 5.2.2
Netbsd Netbsd 6.0.6
Netbsd Netbsd 6.1
Netbsd Netbsd 5.1.1
Netbsd Netbsd 5.1.2
Netbsd Netbsd 6.0.2
2 EDB exploits
1 Github repository
1 Article
445
VMScore
CVE-2014-3951
The HZ module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent malicious users to cause a denial of service (NULL pointer dereference) via a crafted argument to the iconv_open function. NOTE: this issue was SPLIT per ADT2 due to different ...
Netbsd Netbsd
Freebsd Freebsd 10.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »