Known Vulnerabilities for products from Netbsd
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Netbsd".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2020-26139 | An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though ... | 5.3 - MEDIUM | 2021-05-11 | 2022-09-30 |
| CVE-2017-1000378 | The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N eleme... | 9.8 - CRITICAL | 2017-06-19 | 2019-10-03 |
| CVE-2017-1000375 | NetBSD maps the run-time link-editor ld.so directly below the stack region, even if ASLR is enabled, this allows attackers to... | 9.8 - CRITICAL | 2017-06-19 | 2017-08-12 |
| CVE-2017-1000374 | A flaw exists in NetBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary co... | 9.8 - CRITICAL | 2017-06-19 | 2019-10-03 |
| CVE-2016-6253 | mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows local users to change ownership of or appe... | 7.8 - HIGH | 2017-01-20 | 2017-01-20 |
| CVE-2015-8212 | CGI handling flaw in bozohttpd in NetBSD 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows remote attackers to execute arb... | 9.8 - CRITICAL | 2017-01-19 | 2017-01-20 |
| CVE-2015-5917 | The glob implementation in tnftpd (formerly lukemftpd), as used in Apple OS X before 10.11, allows remote attackers to cause ... | 5 - MEDIUM | 2015-10-09 | 2016-12-08 |
| CVE-2014-8517 | The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 through 5.2.2, 6.0 through 6... | 7.5 - HIGH | 2014-11-17 | 2017-11-06 |
| CVE-2014-7250 | The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly imple... | 5 - MEDIUM | 2014-12-12 | 2014-12-12 |
| CVE-2014-5384 | The VIQR module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause ... | 5 - MEDIUM | 2014-08-21 | 2014-08-21 |
| CVE-2014-5015 | bozotic HTTP server (aka bozohttpd) before 20140708, as used in NetBSD, truncates paths when checking .htpasswd restrictions,... | 5 - MEDIUM | 2014-07-24 | 2017-08-29 |
| CVE-2014-3951 | The HZ module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a ... | 5 - MEDIUM | 2014-08-21 | 2014-08-21 |
| CVE-2014-3566 | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it... | 3.4 - LOW | 2014-10-15 | 2023-09-12 |
| CVE-2012-5365 | The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a de... | 7.5 - HIGH | 2020-02-20 | 2020-02-25 |
| CVE-2012-5363 | The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a de... | 7.5 - HIGH | 2020-02-20 | 2020-02-28 |
| CVE-2012-0217 | The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other... | 7.2 - HIGH | 2012-06-12 | 2020-09-28 |
| CVE-2011-2895 | The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) co... | 9.3 - HIGH | 2011-08-19 | 2017-08-29 |
| CVE-2011-2480 | Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86... | 7.5 - HIGH | 2019-11-27 | 2019-12-10 |
| CVE-2011-2393 | The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in FreeBSD, NetBSD, and possibly other BSD-based operat... | 7.8 - HIGH | 2012-02-02 | 2012-02-03 |
| CVE-2011-1920 | The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and other products, allow local users to overwrite arbi... | 3.3 - LOW | 2011-05-23 | 2017-08-17 |