Total
176 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1165 | 2 Netbsd, Sendmail | 2 Netbsd, Sendmail | 2025-04-03 | 4.6 MEDIUM | N/A |
| Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequences or (2) "/" characters, which are not properly filtered or verified. | |||||
| CVE-2001-0993 | 1 Netbsd | 1 Netbsd | 2025-04-03 | 2.1 LOW | N/A |
| sendmsg function in NetBSD 1.3 through 1.5 allows local users to cause a denial of service (kernel trap or panic) via a msghdr structure with a large msg_controllen length. | |||||
| CVE-1999-1518 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2025-04-03 | 5.0 MEDIUM | N/A |
| Operating systems with shared memory implementations based on BSD 4.4 code allow a user to conduct a denial of service and bypass memory limits (e.g., as specified with rlimits) using mmap or shmget to allocate memory and cause page faults. | |||||
| CVE-2006-1814 | 1 Netbsd | 1 Netbsd | 2025-04-03 | 2.1 LOW | N/A |
| NetBSD 1.6, 2.0, 2.1 and 3.0 allows local users to cause a denial of service (memory exhaustion) by using the sysctl system call to lock a large buffer into physical memory. | |||||
| CVE-1999-0015 | 4 Hp, Microsoft, Netbsd and 1 more | 5 Hp-ux, Windows 95, Windows Nt and 2 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Teardrop IP denial of service. | |||||
| CVE-1999-0513 | 7 Digital, Freebsd, Hp and 4 more | 8 Unix, Freebsd, Hp-ux and 5 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service. | |||||
| CVE-1999-1214 | 5 Bsd, Freebsd, Netbsd and 2 more | 5 Bsd, Freebsd, Netbsd and 2 more | 2025-04-03 | 2.1 LOW | N/A |
| The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID. | |||||
| CVE-2004-1374 | 1 Netbsd | 1 Netbsd | 2025-04-03 | 7.2 HIGH | N/A |
| Multiple buffer overflows in NetBSD kernel may allow local users to execute arbitrary code and gain privileges. | |||||
| CVE-2021-45489 | 1 Netbsd | 1 Netbsd | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG. | |||||
| CVE-2021-45488 | 1 Netbsd | 1 Netbsd | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm. | |||||
| CVE-2021-45487 | 1 Netbsd | 1 Netbsd | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures. | |||||
| CVE-2021-45484 | 1 Netbsd | 1 Netbsd | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG. | |||||
| CVE-2020-26139 | 5 Arista, Cisco, Debian and 2 more | 330 C-100, C-100 Firmware, C-110 and 327 more | 2024-11-21 | 2.9 LOW | 5.3 MEDIUM |
| An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients. | |||||
| CVE-2012-5365 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries. | |||||
| CVE-2012-5363 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2011-2393. | |||||
| CVE-2011-2480 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures. A signedness error in the IEEE80211_IOC_CHANINFO ioctl allows a local unprivileged user to cause the kernel to copy large amounts of kernel memory back to the user, disclosing potentially sensitive information. | |||||