Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Freebsd Subscribe
Total 514 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-8116 4 Canonical, File Project, Freebsd and 1 more 4 Ubuntu Linux, File, Freebsd and 1 more 2018-01-04 5.0 MEDIUM N/A
The ELF parser (readelf.c) in file before 5.21 allows remote attackers to cause a denial of service (CPU consumption or crash) via a large number of (1) program or (2) section headers or (3) invalid capabilities.
CVE-2014-8117 4 Canonical, File Project, Freebsd and 1 more 4 Ubuntu Linux, File, Freebsd and 1 more 2018-01-04 5.0 MEDIUM N/A
softmagic.c in file before 5.21 does not properly limit recursion, which allows remote attackers to cause a denial of service (CPU consumption or crash) via unspecified vectors.
CVE-2014-3956 4 Fedoraproject, Freebsd, Hp and 1 more 4 Fedora, Freebsd, Hpux and 1 more 2017-12-28 1.9 LOW N/A
The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program.
CVE-2001-1034 1 Freebsd 1 Freebsd 2017-12-18 7.2 HIGH N/A
Format string vulnerability in Hylafax on FreeBSD allows local users to execute arbitrary code via format specifiers in the -h hostname argument for (1) faxrm or (2) faxalter.
CVE-2002-2092 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2017-12-18 3.7 LOW N/A
Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid.
CVE-1999-1518 2 Freebsd, Netbsd 2 Freebsd, Netbsd 2017-12-18 5.0 MEDIUM N/A
Operating systems with shared memory implementations based on BSD 4.4 code allow a user to conduct a denial of service and bypass memory limits (e.g., as specified with rlimits) using mmap or shmget to allocate memory and cause page faults.
CVE-1999-1313 1 Freebsd 1 Freebsd 2017-12-18 4.6 MEDIUM N/A
Manual page reader (man) in FreeBSD 2.2 and earlier allows local users to gain privileges via a sequence of commands.
CVE-1999-1187 3 Freebsd, Slackware, University Of Washington 3 Freebsd, Slackware Linux, Pine 2017-12-18 4.6 MEDIUM N/A
Pine before version 3.94 allows local users to gain privileges via a symlink attack on a lockfile that is created when a user receives new mail.
CVE-2017-1088 1 Freebsd 1 Freebsd 2017-12-02 2.1 LOW 3.3 LOW
In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p4, 11.0-RELEASE-p15, 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24, the kernel does not properly clear the memory of the kld_file_stat structure before filling the data. Since the structure filled by the kernel is allocated on the kernel stack and copied to userspace, a leak of information from the kernel stack is possible. As a result, some bytes from the kernel stack can be observed in userspace.
CVE-2017-1086 1 Freebsd 1 Freebsd 2017-12-02 2.1 LOW 3.3 LOW
In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p4, 11.0-RELEASE-p15, 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24, not all information in the struct ptrace_lwpinfo is relevant for the state of any thread, and the kernel does not fill the irrelevant bytes or short strings. Since the structure filled by the kernel is allocated on the kernel stack and copied to userspace, a leak of information of the kernel stack of the thread is possible from the debugger. As a result, some bytes from the kernel stack of the thread using ptrace (PT_LWPINFO) call can be observed in userspace.
CVE-2009-2649 1 Freebsd 1 Freebsd 2017-10-18 4.7 MEDIUM N/A
The IATA (ata) driver in FreeBSD 6.0 and 8.0, when read access to /dev is available, allows local users to cause a denial of service (kernel panic) via a certain IOCTL request with a large count, which triggers a malloc call with a large value.
CVE-1999-1572 5 Debian, Freebsd, Mandrakesoft and 2 more 6 Debian Linux, Freebsd, Mandrake Linux and 3 more 2017-10-18 2.1 LOW N/A
cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files.
CVE-2017-15037 1 Freebsd 1 Freebsd 2017-10-13 6.8 MEDIUM 8.1 HIGH
In FreeBSD through 11.1, the smb_strdupin function in sys/netsmb/smb_subr.c has a race condition with a resultant out-of-bounds read, because it can cause t2p->t_name strings to lack a final '\0' character.
CVE-2005-0708 2 Dragonflybsd, Freebsd 2 Dragonflybsd, Freebsd 2017-10-11 10.0 HIGH N/A
The sendfile system call in FreeBSD 4.8 through 4.11 and 5 through 5.4 can transfer portions of kernel memory if a file is truncated while it is being sent, which could allow remote attackers to obtain sensitive information.
CVE-2007-1719 2 Freebsd, Jason W. Bacon 2 Freebsd, Mcweject 2017-10-10 7.2 HIGH N/A
Buffer overflow in eject.c in Jason W. Bacon mcweject 0.9 on FreeBSD, and possibly other versions, allows local users to execute arbitrary code via a long command line argument, possibly involving the device name.
CVE-2005-0988 7 Freebsd, Gentoo, Gnu and 4 more 13 Freebsd, Linux, Gzip and 10 more 2017-10-10 3.7 LOW N/A
Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete.
CVE-2004-0171 2 Freebsd, Openbsd 2 Freebsd, Openbsd 2017-10-09 5.0 MEDIUM N/A
FreeBSD 5.1 and earlier, and Mac OS X before 10.3.4, allows remote attackers to cause a denial of service (resource exhaustion of memory buffers and system crash) via a large number of out-of-sequence TCP packets, which prevents the operating system from creating new connections.
CVE-2004-0126 1 Freebsd 1 Freebsd 2017-10-09 4.6 MEDIUM N/A
The jail_attach system call in FreeBSD 5.1 and 5.2 changes the directory of a calling process even if the process doesn't have permission to change directory, which allows local users to gain read/write privileges to files and directories within another jail.
CVE-2004-0099 1 Freebsd 1 Freebsd 2017-10-09 4.6 MEDIUM N/A
mksnap_ffs in FreeBSD 5.1 and 5.2 only sets the snapshot flag when creating a snapshot for a file system, which causes default values for other flags to be used, possibly disabling security-critical settings and allowing a local user to bypass intended access restrictions.
CVE-2004-0114 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2017-10-09 4.6 MEDIUM N/A
The shmat system call in the System V Shared Memory interface for FreeBSD 5.2 and earlier, NetBSD 1.3 and earlier, and OpenBSD 2.6 and earlier, does not properly decrement a shared memory segment's reference count when the vm_map_find function fails, which could allow local users to gain read or write access to a portion of kernel memory and gain privileges.