NetBSD 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
一般的な弱点パターンには バッファオーバーフロー、vendor risk input validation、パス処理の欠陥, and vendor risk csrf があり、vendor surface production workloads and vendor surface software deployment の利用場面で vendor impact memory corruption、vendor impact unexpected behavior, and ファイル上書き などのリスクが生じる可能性があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2024-6387 | A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period. | [email protected] | 8.1 | 63.83% | 2024-07-01 | 2026-05-12 |
| CVE-2023-45198 | ftpd before "NetBSD-ftpd 20230930" can leak information about the host filesystem before authentication via an MLSD or MLST command. tnftpd (the portable version of NetBSD ftpd) before 20231001 is also vulnerable. | [email protected] | 7.5 | 0.21% | 2023-10-05 | 2024-11-21 |
| CVE-2021-45489 | In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG. | [email protected] | 7.5 | 0.32% | 2021-12-25 | 2024-11-21 |
| CVE-2021-45488 | In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm. | [email protected] | 7.5 | 0.32% | 2021-12-25 | 2024-11-21 |
| CVE-2021-45487 | In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures. | [email protected] | 7.5 | 0.32% | 2021-12-25 | 2024-11-21 |
| CVE-2021-45484 | In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG. | [email protected] | 7.5 | 0.32% | 2021-12-25 | 2024-11-21 |
| CVE-2020-26139 | An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients. | [email protected] | 5.3 | 2.25% | 2021-05-11 | 2026-04-14 |
| CVE-2012-5365 | The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries. | [email protected] | 7.5 | 0.94% | 2020-02-20 | 2024-11-21 |
| CVE-2012-5363 | The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2011-2393. | [email protected] | 7.5 | 0.94% | 2020-02-20 | 2024-11-21 |
| CVE-2011-2480 | Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures. A signedness error in the IEEE80211_IOC_CHANINFO ioctl allows a local unprivileged user to cause the kernel to copy large amounts of kernel memory back to the user, disclosing potentially sensitive information. | [email protected] | 7.5 | 0.42% | 2019-11-27 | 2024-11-21 |
| CVE-2017-1000378 | The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in arbitrary code execution attacks. This affects NetBSD 7.1 and possibly earlier versions. | [email protected] | 9.8 | 3.73% | 2017-06-19 | 2026-05-13 |
| CVE-2017-1000375 | NetBSD maps the run-time link-editor ld.so directly below the stack region, even if ASLR is enabled, this allows attackers to more easily manipulate memory leading to arbitrary code execution. This affects NetBSD 7.1 and possibly earlier versions. | [email protected] | 9.8 | 38.41% | 2017-06-19 | 2026-05-13 |
| CVE-2017-1000374 | A flaw exists in NetBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using certain setuid binaries. This affects NetBSD 7.1 and possibly earlier versions. | [email protected] | 9.8 | 2.55% | 2017-06-19 | 2026-05-13 |
| CVE-2016-6253 | mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows local users to change ownership of or append data to arbitrary files on the target system via a symlink attack on the user mailbox. | [email protected] | 7.8 | 7.27% | 2017-01-20 | 2026-05-13 |
| CVE-2015-8212 | CGI handling flaw in bozohttpd in NetBSD 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows remote attackers to execute arbitrary code via crafted arguments, which are handled by a non-CGI aware program. | [email protected] | 9.8 | 2.15% | 2017-01-19 | 2026-05-13 |
| CVE-2015-5917 | The glob implementation in tnftpd (formerly lukemftpd), as used in Apple OS X before 10.11, allows remote attackers to cause a denial of service (memory consumption and daemon outage) via a STAT command containing a crafted pattern, as demonstrated by multiple instances of the {..,..,..}/* substring. | [email protected] | 5.0 | 1.44% | 2015-10-09 | 2026-05-06 |
| CVE-2014-7250 | The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service (resource consumption) via crafted packets. | [email protected] | 5.0 | 3.73% | 2014-12-12 | 2026-05-06 |
| CVE-2014-8517 | The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 through 5.2.2, 6.0 through 6.0.6, and 6.1 through 6.1.5 allows remote attackers to execute arbitrary commands via a | (pipe) character at the end of an HTTP redirect. | [email protected] | 7.5 | 84.98% | 2014-11-17 | 2026-05-06 |
| CVE-2014-3566 | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. | [email protected] | 3.4 | 93.54% | 2014-10-15 | 2026-05-28 |
| CVE-2014-5384 | The VIQR module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denial of service (out-of-bounds array access) via a crafted argument to the iconv_open function. NOTE: this issue was SPLIT from CVE-2014-3951 per ADT2 due to different vulnerability types. | [email protected] | 5.0 | 0.41% | 2014-08-21 | 2026-05-06 |