Total
537 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0890 | 1 Freebsd | 1 Freebsd | 2018-05-03 | 1.2 LOW | N/A |
| periodic in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2015-1418 | 1 Freebsd | 1 Freebsd | 2018-04-07 | 9.3 HIGH | 7.8 HIGH |
| The do_ed_script function in pch.c in GNU patch through 2.7.6, and patch in FreeBSD 10.1 before 10.1-RELEASE-p17, 10.2 before 10.2-BETA2-p3, 10.2-RC1 before 10.2-RC1-p2, and 0.2-RC2 before 10.2-RC2-p1, allows remote attackers to execute arbitrary commands via a crafted patch file, because a '!' character can be passed to the ed program. | |||||
| CVE-2018-6916 | 1 Freebsd | 1 Freebsd | 2018-03-29 | 9.0 HIGH | 9.8 CRITICAL |
| In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p7, 10.4-STABLE, 10.4-RELEASE-p7, and 10.3-RELEASE-p28, the kernel does not properly validate IPsec packets coming from a trusted host. Additionally, a use-after-free vulnerability exists in the IPsec AH handling code. This issue could cause a system crash or other unpredictable results. | |||||
| CVE-2015-5674 | 1 Freebsd | 1 Freebsd | 2018-03-14 | 4.0 MEDIUM | 6.5 MEDIUM |
| The routed daemon in FreeBSD 9.3 before 9.3-RELEASE-p22, 10.2-RC2 before 10.2-RC2-p1, 10.2-RC1 before 10.2-RC1-p2, 10.2 before 10.2-BETA2-p3, and 10.1 before 10.1-RELEASE-p17 allows remote authenticated users to cause a denial of service (assertion failure and daemon exit) via a query from a network that is not directly connected. | |||||
| CVE-2015-1416 | 1 Freebsd | 1 Freebsd | 2018-03-13 | 9.3 HIGH | 7.8 HIGH |
| Larry Wall's patch; patch in FreeBSD 10.2-RC1 before 10.2-RC1-p1, 10.2 before 10.2-BETA2-p2, and 10.1 before 10.1-RELEASE-p16; Bitrig; GNU patch before 2.2.5; and possibly other patch variants allow remote attackers to execute arbitrary shell commands via a crafted patch file. | |||||
| CVE-2016-1881 | 1 Freebsd | 1 Freebsd | 2018-01-30 | 7.2 HIGH | 7.8 HIGH |
| The kernel in FreeBSD 9.3, 10.1, and 10.2 allows local users to cause a denial of service (crash) or potentially gain privilege via a crafted Linux compatibility layer setgroups system call. | |||||
| CVE-2014-8117 | 4 Canonical, File Project, Freebsd and 1 more | 4 Ubuntu Linux, File, Freebsd and 1 more | 2018-01-05 | 5.0 MEDIUM | N/A |
| softmagic.c in file before 5.21 does not properly limit recursion, which allows remote attackers to cause a denial of service (CPU consumption or crash) via unspecified vectors. | |||||
| CVE-2014-8116 | 4 Canonical, File Project, Freebsd and 1 more | 4 Ubuntu Linux, File, Freebsd and 1 more | 2018-01-05 | 5.0 MEDIUM | N/A |
| The ELF parser (readelf.c) in file before 5.21 allows remote attackers to cause a denial of service (CPU consumption or crash) via a large number of (1) program or (2) section headers or (3) invalid capabilities. | |||||
| CVE-2014-3956 | 4 Fedoraproject, Freebsd, Hp and 1 more | 4 Fedora, Freebsd, Hpux and 1 more | 2017-12-29 | 1.9 LOW | N/A |
| The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program. | |||||
| CVE-1999-1313 | 1 Freebsd | 1 Freebsd | 2017-12-19 | 4.6 MEDIUM | N/A |
| Manual page reader (man) in FreeBSD 2.2 and earlier allows local users to gain privileges via a sequence of commands. | |||||
| CVE-1999-1187 | 3 Freebsd, Slackware, University Of Washington | 3 Freebsd, Slackware Linux, Pine | 2017-12-19 | 4.6 MEDIUM | N/A |
| Pine before version 3.94 allows local users to gain privileges via a symlink attack on a lockfile that is created when a user receives new mail. | |||||
| CVE-2001-1034 | 1 Freebsd | 1 Freebsd | 2017-12-19 | 7.2 HIGH | N/A |
| Format string vulnerability in Hylafax on FreeBSD allows local users to execute arbitrary code via format specifiers in the -h hostname argument for (1) faxrm or (2) faxalter. | |||||
| CVE-1999-1518 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2017-12-19 | 5.0 MEDIUM | N/A |
| Operating systems with shared memory implementations based on BSD 4.4 code allow a user to conduct a denial of service and bypass memory limits (e.g., as specified with rlimits) using mmap or shmget to allocate memory and cause page faults. | |||||
| CVE-2002-2092 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2017-12-19 | 3.7 LOW | N/A |
| Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid. | |||||
| CVE-2017-1088 | 1 Freebsd | 1 Freebsd | 2017-12-02 | 2.1 LOW | 3.3 LOW |
| In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p4, 11.0-RELEASE-p15, 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24, the kernel does not properly clear the memory of the kld_file_stat structure before filling the data. Since the structure filled by the kernel is allocated on the kernel stack and copied to userspace, a leak of information from the kernel stack is possible. As a result, some bytes from the kernel stack can be observed in userspace. | |||||
| CVE-2017-1086 | 1 Freebsd | 1 Freebsd | 2017-12-02 | 2.1 LOW | 3.3 LOW |
| In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p4, 11.0-RELEASE-p15, 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24, not all information in the struct ptrace_lwpinfo is relevant for the state of any thread, and the kernel does not fill the irrelevant bytes or short strings. Since the structure filled by the kernel is allocated on the kernel stack and copied to userspace, a leak of information of the kernel stack of the thread is possible from the debugger. As a result, some bytes from the kernel stack of the thread using ptrace (PT_LWPINFO) call can be observed in userspace. | |||||
| CVE-2009-2649 | 1 Freebsd | 1 Freebsd | 2017-10-19 | 4.7 MEDIUM | N/A |
| The IATA (ata) driver in FreeBSD 6.0 and 8.0, when read access to /dev is available, allows local users to cause a denial of service (kernel panic) via a certain IOCTL request with a large count, which triggers a malloc call with a large value. | |||||
| CVE-1999-1572 | 5 Debian, Freebsd, Mandrakesoft and 2 more | 6 Debian Linux, Freebsd, Mandrake Linux and 3 more | 2017-10-19 | 2.1 LOW | N/A |
| cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files. | |||||
| CVE-2017-15037 | 1 Freebsd | 1 Freebsd | 2017-10-13 | 6.8 MEDIUM | 8.1 HIGH |
| In FreeBSD through 11.1, the smb_strdupin function in sys/netsmb/smb_subr.c has a race condition with a resultant out-of-bounds read, because it can cause t2p->t_name strings to lack a final '\0' character. | |||||
| CVE-2005-0708 | 2 Dragonflybsd, Freebsd | 2 Dragonflybsd, Freebsd | 2017-10-12 | 10.0 HIGH | N/A |
| The sendfile system call in FreeBSD 4.8 through 4.11 and 5 through 5.4 can transfer portions of kernel memory if a file is truncated while it is being sent, which could allow remote attackers to obtain sensitive information. | |||||