Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netbsd vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-1587
NetBSD 1.6 up to 3.0, when a user has "set record" in .mailrc with the default umask set, creates the record file with 0644 permissions, which allows local users to read the record file.
Netbsd Netbsd 1.6.2
Netbsd Netbsd 1.6
Netbsd Netbsd 2.0.2
Netbsd Netbsd 2.0.3
Netbsd Netbsd 1.6.1
Netbsd Netbsd 2.1
Netbsd Netbsd 3.0
Netbsd Netbsd 2.0
Netbsd Netbsd 2.0.1
NA
CVE-2006-1588
The bridge ioctl (if_bridge code) in NetBSD 1.6 up to and including 3.0 does not clear sensitive memory before copying ioctl results to the requesting process, which allows local users to obtain portions of kernel memory.
Netbsd Netbsd 1.6
Netbsd Netbsd 2.1
Netbsd Netbsd 3.0
Netbsd Netbsd 2.0
Netbsd Netbsd 2.0.1
Netbsd Netbsd 2.0.2
Netbsd Netbsd 2.0.3
Netbsd Netbsd 1.6.1
Netbsd Netbsd 1.6.2
NA
CVE-2006-1797
The kernel in NetBSD-current before September 28, 2005 allows local users to cause a denial of service (system crash) by using the SIOCGIFALIAS ioctl to gather information on a non-existent alias of a network interface, which causes a NULL pointer dereference.
Netbsd Netbsd 2.0.1
Netbsd Netbsd 2.0.2
Netbsd Netbsd 1.6
Netbsd Netbsd 2.0.3
Netbsd Netbsd 2.1
Netbsd Netbsd 2.0
Netbsd Netbsd 1.6.1
Netbsd Netbsd 1.6.2
Netbsd Netbsd 3.0
NA
CVE-2006-1814
NetBSD 1.6, 2.0, 2.1 and 3.0 allows local users to cause a denial of service (memory exhaustion) by using the sysctl system call to lock a large buffer into physical memory.
Netbsd Netbsd 1.6.2
Netbsd Netbsd 1.6
Netbsd Netbsd 1.6.1
Netbsd Netbsd 2.1
Netbsd Netbsd 3.0
Netbsd Netbsd 2.0.2
Netbsd Netbsd 2.0.3
Netbsd Netbsd 2.0
Netbsd Netbsd 2.0.1
NA
CVE-2002-1500
Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x up to and including 1.6 allows local users to gain privileges by executing the programs after filling the file descriptor tables, which produces file descriptors larger than FD_SETSIZE, which are not checked ...
Netbsd Netbsd 1.4.1
Netbsd Netbsd 1.5.3
Netbsd Netbsd 1.5
Netbsd Netbsd 1.4
Netbsd Netbsd 1.4.2
Netbsd Netbsd 1.5.1
Netbsd Netbsd 1.4.3
Netbsd Netbsd 1.5.2
NA
CVE-2006-0145
The kernfs_xread function in kernfs in NetBSD 1.6 up to and including 2.1, and OpenBSD 3.8, does not properly validate file offsets against negative 32-bit values that occur as a result of truncation, which allows local users to read arbitrary kernel memory and gain privileges vi...
Netbsd Netbsd 2.0.2
Netbsd Netbsd 2.0.3
Netbsd Netbsd 1.6
Netbsd Netbsd 1.6.1
Netbsd Netbsd 2.1
Netbsd Netbsd 2.0
Netbsd Netbsd 2.0.1
Netbsd Netbsd 1.6.2
NA
CVE-2005-4741
NetBSD 1.6, NetBSD 2.0 up to and including 2.1, and NetBSD-current prior to 20051031 allows local users to gain privileges by attaching a debugger to a setuid/setgid (P_SUGID) process that performs an exec without a reset of real credentials.
Netbsd Netbsd 2.0
Netbsd Netbsd 2.0.1
Netbsd Netbsd 2.0.2
Netbsd Netbsd 2.0.3
Netbsd Netbsd 1.6
Netbsd Netbsd 1.6.2
Netbsd Netbsd 2.1
Netbsd Netbsd 1.6.1
NA
CVE-2014-8517
The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 up to and including 5.1.4, 5.2 up to and including 5.2.2, 6.0 up to and including 6.0.6, and 6.1 up to and including 6.1.5 allows remote malicious users to execute arbitrary commands via a | (pipe) char...
Apple Mac Os X 10.10.1
Apple Mac Os X 10.10.0
Apple Mac Os X 10.9.5
Apple Mac Os X 10.8.5
Netbsd Netbsd 5.1.3
Netbsd Netbsd 5.1.4
Netbsd Netbsd 5.2
Netbsd Netbsd 6.0.4
Netbsd Netbsd 6.0.5
Netbsd Netbsd 6.1.5
Netbsd Netbsd 5.1
Netbsd Netbsd 6.0
Netbsd Netbsd 6.0.1
Netbsd Netbsd 6.1.1
Netbsd Netbsd 6.1.2
Netbsd Netbsd 5.2.1
Netbsd Netbsd 5.2.2
Netbsd Netbsd 6.0.6
Netbsd Netbsd 6.1
Netbsd Netbsd 5.1.1
Netbsd Netbsd 5.1.2
Netbsd Netbsd 6.0.2
2 EDB exploits
1 Github repository
1 Article
NA
CVE-2004-1323
Multiple syscalls in the compat subsystem for NetBSD prior to 2.0 allow local users to cause a denial of service (kernel crash) via a large signal number to (1) xxx_sys_kill, (2) xxx_sys_sigaction, and possibly other translation functions.
Netbsd Netbsd 1.5.3
Netbsd Netbsd 1.6
Netbsd Netbsd 1.5.1
Netbsd Netbsd 1.5.2
Netbsd Netbsd 1.5
Netbsd Netbsd 1.6.1
Netbsd Netbsd 1.6.2
NA
CVE-2001-1091
The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x up to and including 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMD_CMD environment variable.
Netbsd Netbsd 1.4
Netbsd Netbsd 1.4.1
Netbsd Netbsd 1.5
Netbsd Netbsd 1.5.1
Netbsd Netbsd 1.4.2
Netbsd Netbsd 1.4.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »