Vulnerabilities > Netbsd

DATE CVE VULNERABILITY TITLE RISK
2021-12-25 CVE-2021-45484 Inadequate Encryption Strength vulnerability in Netbsd
In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG.
network
low complexity
netbsd CWE-326
5.0
2021-12-25 CVE-2021-45487 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Netbsd
In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures.
network
low complexity
netbsd CWE-327
5.0
2021-12-25 CVE-2021-45488 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Netbsd
In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm.
network
low complexity
netbsd CWE-327
5.0
2021-12-25 CVE-2021-45489 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Netbsd
In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG.
network
low complexity
netbsd CWE-338
5.0
2021-05-11 CVE-2020-26139 Improper Authentication vulnerability in Netbsd 7.1
An issue was discovered in the kernel in NetBSD 7.1.
2.9
2020-02-20 CVE-2012-5365 Resource Exhaustion vulnerability in Freebsd
The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries.
network
low complexity
freebsd netbsd CWE-400
7.8
2020-02-20 CVE-2012-5363 Resource Exhaustion vulnerability in Freebsd
The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2011-2393.
network
low complexity
freebsd netbsd CWE-400
7.8
2019-11-27 CVE-2011-2480 Information Exposure vulnerability in Freebsd
Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures.
network
low complexity
freebsd netbsd CWE-200
5.0
2017-06-19 CVE-2017-1000378 Resource Exhaustion vulnerability in Netbsd
The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times.
network
low complexity
netbsd CWE-400
7.5
2017-06-19 CVE-2017-1000375 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Netbsd
NetBSD maps the run-time link-editor ld.so directly below the stack region, even if ASLR is enabled, this allows attackers to more easily manipulate memory leading to arbitrary code execution.
network
low complexity
netbsd CWE-119
7.5