Filtered by vendor Freebsd
Subscriptions
Total
567 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2476 | 6 Force10, Freebsd, Juniper and 3 more | 6 Ftos, Freebsd, Jnos and 3 more | 2025-04-09 | N/A |
| The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB). | ||||
| CVE-2009-2208 | 1 Freebsd | 1 Freebsd | 2025-04-09 | N/A |
| FreeBSD 6.3, 6.4, 7.1, and 7.2 does not enforce permissions on the SIOCSIFINFO_IN6 IOCTL, which allows local users to modify or disable IPv6 network interfaces, as demonstrated by modifying the MTU. | ||||
| CVE-2008-2427 | 4 Freebsd, Microsoft, Pagesperso-orange and 1 more | 6 Freebsd, Windows Nt, Gfl Sdk and 3 more | 2025-04-09 | N/A |
| Stack-based buffer overflow in NConvert 4.92, GFL SDK 2.82, and XnView 1.93.6 on Windows and 1.70 on Linux and FreeBSD allows user-assisted remote attackers to execute arbitrary code via a crafted format keyword in a Sun TAAC file. | ||||
| CVE-2007-3798 | 7 Apple, Canonical, Debian and 4 more | 8 Mac Os X, Mac Os X Server, Ubuntu Linux and 5 more | 2025-04-09 | 9.8 Critical |
| Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value. | ||||
| CVE-2008-0217 | 1 Freebsd | 1 Freebsd | 2025-04-09 | N/A |
| The script program in FreeBSD 5.0 through 7.0-PRERELEASE invokes openpty, which creates a pseudo-terminal with world-readable and world-writable permissions when it is not run as root, which allows local users to read data from the terminal of the user running script. | ||||
| CVE-2019-5598 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| In FreeBSD 11.3-PRERELEASE before r345378, 12.0-STABLE before r345377, 11.2-RELEASE before 11.2-RELEASE-p10, and 12.0-RELEASE before 12.0-RELEASE-p4, a bug in pf does not check if the outer ICMP or ICMP6 packet has the same destination IP as the source IP of the inner protocol packet allowing a maliciously crafted ICMP/ICMP6 packet could bypass the packet filter rules and be passed to a host that would otherwise be unavailable. | ||||
| CVE-2001-0063 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| procfs in FreeBSD and possibly other operating systems allows local users to bypass access control restrictions for a jail environment and gain additional privileges. | ||||
| CVE-2002-0795 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| The rc system startup script for FreeBSD 4 through 4.5 allows local users to delete arbitrary files via a symlink attack on X Windows lock files. | ||||
| CVE-2001-0062 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| procfs in FreeBSD and possibly other operating systems allows local users to cause a denial of service by calling mmap on the process' own mem file, which causes the kernel to hang. | ||||
| CVE-1999-0863 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| Buffer overflow in FreeBSD seyon via HOME environmental variable, -emulator argument, -modems argument, or the GUI. | ||||
| CVE-2002-0794 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| The accept_filter mechanism in FreeBSD 4 through 4.5 does not properly remove entries from the incomplete listen queue when adding a syncache, which allows remote attackers to cause a denial of service (network service availability) via a large number of connection attempts, which fills the queue. | ||||
| CVE-2005-2359 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| The AES-XCBC-MAC algorithm in IPsec in FreeBSD 5.3 and 5.4, when used for authentication without other encryption, uses a constant key instead of the one that was assigned by the system administrator, which can allow remote attackers to spoof packets to establish an IPsec session. | ||||
| CVE-2001-0061 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| procfs in FreeBSD and possibly other operating systems does not properly restrict access to per-process mem and ctl files, which allows local users to gain root privileges by forking a child process and executing a privileged process from the child, while the parent retains access to the child's address space. | ||||
| CVE-2005-2218 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| The device file system (devfs) in FreeBSD 5.x does not properly check parameters of the node type when creating a device node, which makes hidden devices available to attackers, who can then bypass restrictions on a jailed process. | ||||
| CVE-2005-2068 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| FreeBSD 4.x through 4.11 and 5.x through 5.4 allows remote attackers to modify certain TCP options via a TCP packet with the SYN flag set for an already established session. | ||||
| CVE-2000-1184 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| telnetd in FreeBSD 4.2 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service by specifying an arbitrary large file in the TERMCAP environmental variable, which consumes resources as the server processes the file. | ||||
| CVE-1999-0857 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| FreeBSD gdc program allows local users to modify files via a symlink attack. | ||||
| CVE-1999-0304 | 4 Bsdi, Freebsd, Netbsd and 1 more | 4 Bsd Os, Freebsd, Netbsd and 1 more | 2025-04-03 | N/A |
| mmap function in BSD allows local attackers in the kmem group to modify memory through devices. | ||||
| CVE-2005-2019 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| ipfw in FreeBSD 5.4, when running on Symmetric Multi-Processor (SMP) or Uni Processor (UP) systems with the PREEMPTION kernel option enabled, does not sufficiently lock certain resources while performing table lookups, which can cause the cache results to be corrupted during multiple concurrent lookups, allowing remote attackers to bypass intended access restrictions. | ||||
| CVE-2005-1406 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| The kernel in FreeBSD 4.x to 4.11 and 5.x to 5.4 does not properly clear certain fixed-length buffers when copying variable-length data for use by applications, which could allow those applications to read previously used sensitive memory. | ||||