Total
176 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-2482 | 1 Netbsd | 1 Netbsd | 2026-04-23 | 6.9 MEDIUM | N/A |
| The pam_unix module in OpenPAM in NetBSD 4.0 before 4.0.2 and 5.0 before 5.0.1 allows local users to change the current root password if it is already known, even when they are not in the wheel group. | |||||
| CVE-2006-6654 | 1 Netbsd | 1 Netbsd | 2026-04-23 | 4.3 MEDIUM | N/A |
| The sendmsg function in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029, when run on a 64-bit architecture, allows attackers to cause a denial of service (kernel panic) via an invalid msg_controllen parameter to the sendit function. | |||||
| CVE-2006-6165 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2026-04-23 | 7.2 HIGH | 7.8 HIGH |
| ld.so in FreeBSD, NetBSD, and possibly other BSD distributions does not remove certain harmful environment variables, which allows local users to gain privileges by passing certain environment variables to loading processes. NOTE: this issue has been disputed by a third party, stating that it is the responsibility of the application to properly sanitize the environment | |||||
| CVE-2008-1391 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and 7.x, and probably other BSD and Apple Mac OS platforms allow context-dependent attackers to execute arbitrary code via large values of certain integer fields in the format argument to (1) the strfmon function in lib/libc/stdlib/strfmon.c, related to the GET_NUMBER macro; and (2) the printf function, related to left_prec and right_prec. | |||||
| CVE-2006-6014 | 1 Netbsd | 1 Netbsd | 2026-04-23 | 7.2 HIGH | N/A |
| The NetBSD-current kernel before 20061028 does not properly perform bounds checking of an unspecified userspace parameter in the ptrace system call during a PT_DUMPCORE request, which allows local users to have an unknown impact. | |||||
| CVE-2009-2483 | 1 Netbsd | 1 Netbsd | 2026-04-23 | 4.9 MEDIUM | N/A |
| libprop/prop_object.c in proplib in NetBSD 4.0 and 4.0.1 allows local users to cause a denial of service (NULL pointer dereference and kernel panic) via a malformed externalized plist (XML form) containing an undefined element. | |||||
| CVE-2006-6013 | 5 Dragonflybsd, Freebsd, Midnightbsd and 2 more | 5 Dragonflybsd, Freebsd, Midnightbsd and 2 more | 2026-04-23 | 2.1 LOW | N/A |
| Integer signedness error in the fw_ioctl (FW_IOCTL) function in the FireWire (IEEE-1394) drivers (dev/firewire/fwdev.c) in various BSD kernels, including DragonFlyBSD, FreeBSD 5.5, MidnightBSD 0.1-CURRENT before 20061115, NetBSD-current before 20061116, NetBSD-4 before 20061203, and TrustedBSD, allows local users to read arbitrary memory contents via certain negative values of crom_buf->len in an FW_GCROM command. NOTE: this issue has been labeled as an integer overflow, but it is more like an integer signedness error. | |||||
| CVE-2007-1273 | 2 Navision, Netbsd | 2 Financials Server, Netbsd | 2026-04-23 | 6.9 MEDIUM | N/A |
| Integer overflow in the ktruser function in NetBSD-current before 20061022, NetBSD 3 and 3-0 before 20061024, and NetBSD 2 before 20070209, when the kernel is built with the COMPAT_FREEBSD or COMPAT_DARWIN option, allows local users to cause a denial of service and possibly gain privileges. | |||||
| CVE-2008-4247 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2026-04-23 | 7.5 HIGH | N/A |
| ftpd in OpenBSD 4.3, FreeBSD 7.0, NetBSD 4.0, Solaris, and possibly other operating systems interprets long commands from an FTP client as multiple commands, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and execute arbitrary FTP commands via a long ftp:// URI that leverages an existing session from the FTP client implementation in a web browser. | |||||
| CVE-2009-2793 | 1 Netbsd | 1 Netbsd | 2026-04-23 | 4.6 MEDIUM | N/A |
| The kernel in NetBSD, probably 5.0.1 and earlier, on x86 platforms does not properly handle a pre-commit failure of the iret instruction, which might allow local users to gain privileges via vectors related to a tempEIP pseudocode variable that is outside of the code-segment limits. | |||||
| CVE-2008-2464 | 3 Freebsd, Kame, Netbsd | 3 Freebsd, Kame, Netbsd | 2026-04-23 | 7.1 HIGH | N/A |
| The mld_input function in sys/netinet6/mld6.c in the kernel in NetBSD 4.0, FreeBSD, and KAME, when INET6 is enabled, allows remote attackers to cause a denial of service (divide-by-zero error and panic) via a malformed ICMPv6 Multicast Listener Discovery (MLD) query with a certain Maximum Response Delay value. | |||||
| CVE-2007-1523 | 1 Netbsd | 1 Netbsd | 2026-04-23 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the kernel in NetBSD 3.0, certain versions of FreeBSD and OpenBSD, and possibly other BSD derived operating systems allows local users to have an unknown impact. NOTE: this information is based upon a vague pre-advisory with no actionable information. Details will be updated after 20070329. | |||||
| CVE-2008-1148 | 8 Apple, Cosmicperl, Darwin and 5 more | 9 Mac Os X, Mac Os X Server, Directory Pro and 6 more | 2026-04-23 | 6.8 MEDIUM | N/A |
| A certain pseudo-random number generator (PRNG) algorithm that uses ADD with 0 random hops (aka "Algorithm A0"), as used in OpenBSD 3.5 through 4.2 and NetBSD 1.6.2 through 4.0, allows remote attackers to guess sensitive values such as (1) DNS transaction IDs or (2) IP fragmentation IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as DNS cache poisoning, injection into TCP packets, and OS fingerprinting. | |||||
| CVE-2007-2242 | 4 Freebsd, Ietf, Netbsd and 1 more | 4 Freebsd, Ipv6, Netbsd and 1 more | 2026-04-23 | 7.8 HIGH | N/A |
| The IPv6 protocol allows remote attackers to cause a denial of service via crafted IPv6 type 0 route headers (IPV6_RTHDR_TYPE_0) that create network amplification between two routers. | |||||
| CVE-2008-1335 | 1 Netbsd | 2 Netbsd, Netbsd Current | 2026-04-23 | 9.3 HIGH | N/A |
| The ipsec4_get_ulp function in the kernel in NetBSD 2.0 through 3.1 and NetBSD-current before 20071028, when the fast_ipsec subsystem is enabled, allows remote attackers to bypass the IPsec policy by sending packets from a source machine with a different endianness than the destination machine, a different vulnerability than CVE-2006-0905. | |||||
| CVE-2006-5215 | 3 Netbsd, Sun, X.org | 4 Netbsd, Solaris, Sunos and 1 more | 2026-04-23 | 2.6 LOW | N/A |
| The Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user's Xsession errors file, via a symlink attack on a /tmp/xses-$USER file. | |||||
| CVE-2006-6653 | 1 Netbsd | 1 Netbsd | 2026-04-23 | 1.7 LOW | N/A |
| The accept function in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029 allows local users to cause a denial of service (socket consumption) via an invalid (1) name or (2) namelen parameter, which may result in the socket never being closed (aka "a dangling socket"). | |||||
| CVE-2007-3654 | 1 Netbsd | 1 Netbsd | 2026-04-23 | 2.1 LOW | N/A |
| The display driver allocattr functions in NetBSD 3.0 through 4.0_BETA2, and NetBSD-current before 20070728, allow local users to cause a denial of service (panic) via a (1) negative or (2) large value in an ioctl call, as demonstrated by the vga_allocattr function. | |||||
| CVE-2006-6397 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2026-04-23 | 4.4 MEDIUM | N/A |
| Integer overflow in banner/banner.c in FreeBSD, NetBSD, and OpenBSD might allow local users to modify memory via a long banner. NOTE: CVE and multiple third parties dispute this issue. Since banner is not setuid, an exploit would not cross privilege boundaries in normal operations. This issue is not a vulnerability | |||||
| CVE-2009-0601 | 6 Apple, Freebsd, Linux and 3 more | 6 Mac Os X, Freebsd, Linux Kernel and 3 more | 2026-04-23 | 2.1 LOW | N/A |
| Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service (application crash) via format string specifiers in the HOME environment variable. | |||||