Netbsd - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Netbsd
(Netbsd)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	168

Date	Id	Summary	Products	Score	Patch	Annotated
1999-09-05	CVE-2000-0489	FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then writing large buffers.	Freebsd, Netbsd, Openbsd	N/A
2008-09-11	CVE-2008-2464	The mld_input function in sys/netinet6/mld6.c in the kernel in NetBSD 4.0, FreeBSD, and KAME, when INET6 is enabled, allows remote attackers to cause a denial of service (divide-by-zero error and panic) via a malformed ICMPv6 Multicast Listener Discovery (MLD) query with a certain Maximum Response Delay value.	Freebsd, Kame, Netbsd	N/A
2014-10-15	CVE-2014-3566	The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.	Mac_os_x, Debian_linux, Fedora, Aix, Vios, Mageia, Netbsd, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit, Openssl, Opensuse, Database, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_desktop_supplementary, Enterprise_linux_server, Enterprise_linux_server_supplementary, Enterprise_linux_workstation, Enterprise_linux_workstation_supplementary	3.4
2021-12-25	CVE-2021-45484	In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG.	Netbsd	7.5
2021-12-25	CVE-2021-45487	In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures.	Netbsd	7.5
2021-12-25	CVE-2021-45488	In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm.	Netbsd	7.5
2008-10-20	CVE-2008-4609	The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.	Bsd, Bsd_os, Catalyst_blade_switch_3020_firmware, Catalyst_blade_switch_3120_firmware, Catalyst_blade_switch_3120x_firmware, Ios, Dragonflybsd, Freebsd, Linux_kernel, Windows_2000, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp, Midnightbsd, Netbsd, Openbsd, Solaris, Trustedbsd	N/A
2021-05-11	CVE-2020-26139	An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients.	C\-100_firmware, C\-110_firmware, C\-120_firmware, C\-130_firmware, C\-200_firmware, C\-230_firmware, C\-235_firmware, C\-250_firmware, C\-260_firmware, C\-65_firmware, C\-75_firmware, O\-105_firmware, O\-90_firmware, W\-118_firmware, W\-68_firmware, 1100\-4p_firmware, 1100\-8p_firmware, 1100_firmware, 1101\-4p_firmware, 1109\-2p_firmware, 1109\-4p_firmware, Aironet_1532_firmware, Aironet_1542d_firmware, Aironet_1542i_firmware, Aironet_1552_firmware, Aironet_1552h_firmware, Aironet_1572_firmware, Aironet_1702_firmware, Aironet_1800_firmware, Aironet_1800i_firmware, Aironet_1810_firmware, Aironet_1810w_firmware, Aironet_1815_firmware, Aironet_1815i_firmware, Aironet_1832_firmware, Aironet_1842_firmware, Aironet_1852_firmware, Aironet_2702_firmware, Aironet_2800_firmware, Aironet_2800e_firmware, Aironet_2800i_firmware, Aironet_3702_firmware, Aironet_3800_firmware, Aironet_3800e_firmware, Aironet_3800i_firmware, Aironet_3800p_firmware, Aironet_4800_firmware, Aironet_ap803_firmware, Aironet_iw3702_firmware, Catalyst_9105_firmware, Catalyst_9105axi_firmware, Catalyst_9105axw_firmware, Catalyst_9115_ap_firmware, Catalyst_9115_firmware, Catalyst_9115axe_firmware, Catalyst_9115axi_firmware, Catalyst_9117_ap_firmware, Catalyst_9117_firmware, Catalyst_9117axi_firmware, Catalyst_9120_ap_firmware, Catalyst_9120_firmware, Catalyst_9120axe_firmware, Catalyst_9120axi_firmware, Catalyst_9120axp_firmware, Catalyst_9124_firmware, Catalyst_9124axd_firmware, Catalyst_9124axi_firmware, Catalyst_9130_ap_firmware, Catalyst_9130_firmware, Catalyst_9130axe_firmware, Catalyst_9130axi_firmware, Catalyst_iw6300_ac_firmware, Catalyst_iw6300_dc_firmware, Catalyst_iw6300_dcw_firmware, Catalyst_iw6300_firmware, Esw6300_firmware, Ip_phone_6861_firmware, Ip_phone_8821_firmware, Ip_phone_8832_firmware, Ip_phone_8861_firmware, Ip_phone_8865_firmware, Ir829\-2lte\-Ea\-Ak9_firmware, Ir829\-2lte\-Ea\-Bk9_firmware, Ir829\-2lte\-Ea\-Ek9_firmware, Ir829gw\-Lte\-Ga\-Ck9_firmware, Ir829gw\-Lte\-Ga\-Ek9_firmware, Ir829gw\-Lte\-Ga\-Sk9_firmware, Ir829gw\-Lte\-Ga\-Zk9_firmware, Ir829gw\-Lte\-Na\-Ak9_firmware, Ir829gw\-Lte\-Vz\-Ak9_firmware, Meraki_gr10_firmware, Meraki_gr60_firmware, Meraki_mr12_firmware, Meraki_mr20_firmware, Meraki_mr26_firmware, Meraki_mr30h_firmware, Meraki_mr32_firmware, Meraki_mr33_firmware, Meraki_mr34_firmware, Meraki_mr36_firmware, Meraki_mr42_firmware, Meraki_mr42e_firmware, Meraki_mr44_firmware, Meraki_mr45_firmware, Meraki_mr46_firmware, Meraki_mr46e_firmware, Meraki_mr52_firmware, Meraki_mr53_firmware, Meraki_mr53e_firmware, Meraki_mr55_firmware, Meraki_mr56_firmware, Meraki_mr62_firmware, Meraki_mr66_firmware, Meraki_mr70_firmware, Meraki_mr72_firmware, Meraki_mr74_firmware, Meraki_mr76_firmware, Meraki_mr84_firmware, Meraki_mr86_firmware, Meraki_mx64w_firmware, Meraki_mx65w_firmware, Meraki_mx67cw_firmware, Meraki_mx67w_firmware, Meraki_mx68cw_firmware, Meraki_mx68w_firmware, Meraki_z3_firmware, Meraki_z3c_firmware, Webex_board_55_firmware, Webex_board_55s_firmware, Webex_board_70_firmware, Webex_board_70s_firmware, Webex_board_85s_firmware, Webex_dx70_firmware, Webex_dx80_firmware, Webex_room_55_dual_firmware, Webex_room_55_firmware, Webex_room_70_dual_firmware, Webex_room_70_dual_g2_firmware, Webex_room_70_firmware, Webex_room_70_single_firmware, Webex_room_70_single_g2_firmware, Webex_room_kit_firmware, Webex_room_kit_mini_firmware, Debian_linux, Ac_8260_firmware, Ac_8265_firmware, Ac_9260_firmware, Ac_9560_firmware, Killer_ac_1550_firmware, Killer_wi\-Fi_6_ax1650_firmware, Killer_wi\-Fi_6e_ax1675_firmware, Proset_ac_3165_firmware, Proset_ac_3168_firmware, Proset_ac_8260_firmware, Proset_ac_8265_firmware, Proset_ac_9260_firmware, Proset_ac_9461_firmware, Proset_ac_9462_firmware, Proset_ac_9560_firmware, Proset_wi\-Fi_6_ax200_firmware, Proset_wi\-Fi_6_ax201_firmware, Proset_wi\-Fi_6e_ax210_firmware, Proset_wireless_7265_\(Rev_d\)_firmware, Wi\-Fi_6_ax200_firmware, Wi\-Fi_6_ax201_firmware, Netbsd	5.3
1996-12-12	CVE-1999-0297	Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable.	Bsd_os, Freebsd, Netbsd, Vixie_cron, Linux	N/A
1997-07-01	CVE-1999-0628	The rwho/rwhod service is running, which exposes machine status and user information.	Freebsd, Aix, Linux_kernel, Netbsd	N/A