Vulnerabilities > Netbsd

DATE CVE VULNERABILITY TITLE RISK
2024-07-01 CVE-2024-6387 Race Condition vulnerability in multiple products
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd).
8.1
2023-10-05 CVE-2023-45198 Unspecified vulnerability in Netbsd Ftpd and Tnftpd
ftpd before "NetBSD-ftpd 20230930" can leak information about the host filesystem before authentication via an MLSD or MLST command.
network
low complexity
netbsd
7.5
2021-12-25 CVE-2021-45484 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Netbsd
In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG.
network
low complexity
netbsd CWE-338
7.5
2021-12-25 CVE-2021-45487 Use of Insufficiently Random Values vulnerability in Netbsd
In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures.
network
low complexity
netbsd CWE-330
7.5
2021-12-25 CVE-2021-45488 Use of Insufficiently Random Values vulnerability in Netbsd
In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm.
network
low complexity
netbsd CWE-330
7.5
2021-12-25 CVE-2021-45489 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Netbsd
In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG.
network
low complexity
netbsd CWE-338
7.5
2021-05-11 CVE-2020-26139 Improper Authentication vulnerability in multiple products
An issue was discovered in the kernel in NetBSD 7.1.
5.3
2020-02-20 CVE-2012-5365 Resource Exhaustion vulnerability in multiple products
The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries.
network
low complexity
freebsd netbsd CWE-400
7.5
2020-02-20 CVE-2012-5363 Resource Exhaustion vulnerability in multiple products
The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2011-2393.
network
low complexity
freebsd netbsd CWE-400
7.5
2019-11-27 CVE-2011-2480 Information Exposure vulnerability in multiple products
Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures.
network
low complexity
freebsd netbsd CWE-200
7.5