Filtered by vendor Netbsd
Subscriptions
Total
180 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-6165 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2025-04-09 | 7.8 High |
| ld.so in FreeBSD, NetBSD, and possibly other BSD distributions does not remove certain harmful environment variables, which allows local users to gain privileges by passing certain environment variables to loading processes. NOTE: this issue has been disputed by a third party, stating that it is the responsibility of the application to properly sanitize the environment | ||||
| CVE-2008-1335 | 1 Netbsd | 2 Netbsd, Netbsd Current | 2025-04-09 | N/A |
| The ipsec4_get_ulp function in the kernel in NetBSD 2.0 through 3.1 and NetBSD-current before 20071028, when the fast_ipsec subsystem is enabled, allows remote attackers to bypass the IPsec policy by sending packets from a source machine with a different endianness than the destination machine, a different vulnerability than CVE-2006-0905. | ||||
| CVE-2006-6014 | 1 Netbsd | 1 Netbsd | 2025-04-09 | N/A |
| The NetBSD-current kernel before 20061028 does not properly perform bounds checking of an unspecified userspace parameter in the ptrace system call during a PT_DUMPCORE request, which allows local users to have an unknown impact. | ||||
| CVE-2006-5214 | 2 Netbsd, Sun | 3 Netbsd, Solaris, Sunos | 2025-04-09 | N/A |
| Race condition in the Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user's Xsession errors file to have weak permissions before a chmod is performed, which allows local users to read Xsession errors files of other users. | ||||
| CVE-2006-6656 | 1 Netbsd | 1 Netbsd | 2025-04-09 | N/A |
| Unspecified vulnerability in ptrace in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, and NetBSD 2.x before 20061119 allows local users to read kernel memory and obtain sensitive information via certain manipulations of a PT_LWPINFO request, which leads to a memory leak and information leak. | ||||
| CVE-2008-3584 | 1 Netbsd | 1 Netbsd | 2025-04-09 | N/A |
| NetBSD 3.0, 3.1, and 4.0, when a pppoe instance exists, does not properly check the length of a PPPoE packet tag, which allows remote attackers to cause a denial of service (system crash) via a crafted PPPoE packet. | ||||
| CVE-2003-0466 | 7 Apple, Freebsd, Netbsd and 4 more | 10 Mac Os X, Mac Os X Server, Freebsd and 7 more | 2025-04-03 | 9.8 Critical |
| Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO. | ||||
| CVE-1999-1518 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2025-04-03 | N/A |
| Operating systems with shared memory implementations based on BSD 4.4 code allow a user to conduct a denial of service and bypass memory limits (e.g., as specified with rlimits) using mmap or shmget to allocate memory and cause page faults. | ||||
| CVE-1999-0010 | 8 Data General, Ibm, Isc and 5 more | 11 Dg Ux, Aix, Bind and 8 more | 2025-04-03 | N/A |
| Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages. | ||||
| CVE-2000-0462 | 1 Netbsd | 1 Netbsd | 2025-04-03 | N/A |
| ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those users to access other files outside of their home directory. | ||||
| CVE-2005-4783 | 1 Netbsd | 1 Netbsd | 2025-04-03 | N/A |
| kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does not check for a negative offset when reading the message buffer, which allows local users to read arbitrary kernel memory. | ||||
| CVE-1999-0015 | 4 Hp, Microsoft, Netbsd and 1 more | 5 Hp-ux, Windows 95, Windows Nt and 2 more | 2025-04-03 | N/A |
| Teardrop IP denial of service. | ||||
| CVE-2000-1208 | 4 Immunix, Netbsd, Openbsd and 1 more | 4 Immunix, Netbsd, Openbsd and 1 more | 2025-04-03 | N/A |
| Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call. | ||||
| CVE-2004-1374 | 1 Netbsd | 1 Netbsd | 2025-04-03 | N/A |
| Multiple buffer overflows in NetBSD kernel may allow local users to execute arbitrary code and gain privileges. | ||||
| CVE-2002-1500 | 1 Netbsd | 1 Netbsd | 2025-04-03 | N/A |
| Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x through 1.6 allows local users to gain privileges by executing the programs after filling the file descriptor tables, which produces file descriptors larger than FD_SETSIZE, which are not checked by FD_SET(). | ||||
| CVE-2003-0681 | 9 Apple, Gentoo, Hp and 6 more | 15 Mac Os X, Mac Os X Server, Linux and 12 more | 2025-04-03 | N/A |
| A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences. | ||||
| CVE-1999-0046 | 10 Bsdi, Debian, Digital and 7 more | 10 Bsd Os, Debian Linux, Ultrix and 7 more | 2025-04-03 | N/A |
| Buffer overflow of rlogin program using TERM environmental variable. | ||||
| CVE-1999-1409 | 2 Netbsd, Sgi | 2 Netbsd, Irix | 2025-04-03 | N/A |
| The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail. | ||||
| CVE-2002-1165 | 3 Netbsd, Redhat, Sendmail | 4 Netbsd, Enterprise Linux, Linux and 1 more | 2025-04-03 | N/A |
| Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequences or (2) "/" characters, which are not properly filtered or verified. | ||||
| CVE-2002-1543 | 1 Netbsd | 1 Netbsd | 2025-04-03 | N/A |
| Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local users to gain privileges via long keyboard input. | ||||