Total
497 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-1417 | 1 Freebsd | 1 Freebsd | 2019-03-20 | 5.0 MEDIUM | 7.5 HIGH |
The inet module in FreeBSD 10.2x before 10.2-PRERELEASE, 10.2-BETA2-p2, 10.2-RC1-p1, 10.1x before 10.1-RELEASE-p16, 9.x before 9.3-STABLE, 9.3-RELEASE-p21, and 8.x before 8.4-STABLE, 8.4-RELEASE-p35 on systems with VNET enabled and at least 16 VNET instances allows remote attackers to cause a denial of service (mbuf consumption) via multiple concurrent TCP connections. | |||||
CVE-2014-3954 | 1 Freebsd | 1 Freebsd | 2019-03-18 | 10.0 HIGH | N/A |
Stack-based buffer overflow in rtsold in FreeBSD 9.1 through 10.1-RC2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted DNS parameters in a router advertisement message. | |||||
CVE-2013-2171 | 1 Freebsd | 1 Freebsd | 2019-03-18 | 6.9 MEDIUM | N/A |
The vm_map_lookup function in sys/vm/vm_map.c in the mmap implementation in the kernel in FreeBSD 9.0 through 9.1-RELEASE-p4 does not properly determine whether a task should have write access to a memory location, which allows local users to bypass filesystem write permissions and consequently gain privileges via a crafted application that leverages read permissions, and makes mmap and ptrace system calls. | |||||
CVE-2014-1453 | 1 Freebsd | 1 Freebsd | 2019-03-18 | 4.0 MEDIUM | N/A |
The NFS server (nfsserver) in FreeBSD 8.3 through 10.0 does not acquire locks in the proper order when converting a directory file handle to a vnode, which allows remote authenticated users to cause a denial of service (deadlock) via vectors involving a thread that uses the correct locking order. | |||||
CVE-2014-3711 | 1 Freebsd | 1 Freebsd | 2019-03-18 | 5.0 MEDIUM | N/A |
namei in FreeBSD 9.1 through 10.1-RC2 allows remote attackers to cause a denial of service (memory exhaustion) via vectors that trigger a sandboxed process to look up a large number of nonexistent path names. | |||||
CVE-2013-4851 | 1 Freebsd | 1 Freebsd | 2019-03-18 | 6.4 MEDIUM | N/A |
The vfs_hang_addrlist function in sys/kern/vfs_export.c in the NFS server implementation in the kernel in FreeBSD 8.3 and 9.x through 9.1-RELEASE-p5 controls authorization for host/subnet export entries on the basis of group information sent by the client, which allows remote attackers to bypass file permissions on NFS filesystems via crafted requests. | |||||
CVE-2013-3077 | 1 Freebsd | 1 Freebsd | 2019-03-18 | 7.2 HIGH | N/A |
Multiple integer overflows in the IP_MSFILTER and IPV6_MSFILTER features in (1) sys/netinet/in_mcast.c and (2) sys/netinet6/in6_mcast.c in the multicast implementation in the kernel in FreeBSD 8.3 through 9.2-PRERELEASE allow local users to bypass intended restrictions on kernel-memory read and write operations, and consequently gain privileges, via vectors involving a large number of source-filter entries. | |||||
CVE-2013-5209 | 1 Freebsd | 1 Freebsd | 2019-03-18 | 7.8 HIGH | N/A |
The sctp_send_initiate_ack function in sys/netinet/sctp_output.c in the SCTP implementation in the kernel in FreeBSD 8.3 through 9.2-PRERELEASE does not properly initialize the state-cookie data structure, which allows remote attackers to obtain sensitive information from kernel stack memory by reading packet data in INIT-ACK chunks. | |||||
CVE-2014-3955 | 1 Freebsd | 1 Freebsd | 2019-03-18 | 5.0 MEDIUM | N/A |
routed in FreeBSD 8.4 through 10.1-RC2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RIP request from a source not on a directly connected network. | |||||
CVE-2014-1452 | 1 Freebsd | 1 Freebsd | 2019-03-18 | 5.8 MEDIUM | N/A |
Stack-based buffer overflow in lib/snmpagent.c in bsnmpd, as used in FreeBSD 8.3 through 10.0, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a crafted GETBULK PDU request. | |||||
CVE-2018-17157 | 1 Freebsd | 1 Freebsd | 2019-01-24 | 10.0 HIGH | 9.8 CRITICAL |
In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer overflow error when handling opcodes can cause memory corruption by sending a specially crafted NFSv4 request. Unprivileged remote users with access to the NFS server may be able to execute arbitrary code. | |||||
CVE-2018-17159 | 1 Freebsd | 1 Freebsd | 2018-12-31 | 7.8 HIGH | 7.5 HIGH |
In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, the NFS server lacks a bounds check in the READDIRPLUS NFS request. Unprivileged remote users with access to the NFS server can cause a resource exhaustion by forcing the server to allocate an arbitrarily large memory allocation. | |||||
CVE-2018-17158 | 1 Freebsd | 1 Freebsd | 2018-12-31 | 7.8 HIGH | 7.5 HIGH |
In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer overflow error can occur when handling the client address length field in an NFSv4 request. Unprivileged remote users with access to the NFS server can crash the system by sending a specially crafted NFSv4 request. | |||||
CVE-2018-6925 | 1 Freebsd | 1 Freebsd | 2018-11-30 | 4.9 MEDIUM | 5.5 MEDIUM |
In FreeBSD before 11.2-STABLE(r338986), 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLE(r338985), and 10.4-RELEASE-p13, due to improper maintenance of IPv6 protocol control block flags through various failure paths, an unprivileged authenticated local user may be able to cause a NULL pointer dereference causing the kernel to crash. | |||||
CVE-2017-1082 | 1 Freebsd | 1 Freebsd | 2018-11-27 | 5.0 MEDIUM | 7.5 HIGH |
In FreeBSD 11.x before 11.1-RELEASE and 10.x before 10.4-RELEASE, the qsort algorithm has a deterministic recursion pattern. Feeding a pathological input to the algorithm can lead to excessive stack usage and potential overflow. Applications that use qsort to handle large data set may crash if the input follows the pathological pattern. | |||||
CVE-2018-6924 | 1 Freebsd | 1 Freebsd | 2018-11-26 | 5.6 MEDIUM | 7.1 HIGH |
In FreeBSD before 11.1-STABLE, 11.2-RELEASE-p3, 11.1-RELEASE-p14, 10.4-STABLE, and 10.4-RELEASE-p12, insufficient validation in the ELF header parser could allow a malicious ELF binary to cause a kernel crash or disclose kernel memory. | |||||
CVE-2017-1083 | 1 Freebsd | 1 Freebsd | 2018-11-23 | 7.8 HIGH | 7.5 HIGH |
In FreeBSD before 11.2-RELEASE, a stack guard-page is available but is disabled by default. This results in the possibility a poorly written process could be cause a stack overflow. | |||||
CVE-2017-1084 | 1 Freebsd | 1 Freebsd | 2018-11-23 | 7.8 HIGH | 7.5 HIGH |
In FreeBSD before 11.2-RELEASE, multiple issues with the implementation of the stack guard-page reduce the protections afforded by the guard-page. This results in the possibility a poorly written process could be cause a stack overflow. | |||||
CVE-2017-1085 | 1 Freebsd | 1 Freebsd | 2018-11-23 | 7.2 HIGH | 7.8 HIGH |
In FreeBSD before 11.2-RELEASE, an application which calls setrlimit() to increase RLIMIT_STACK may turn a read-only memory region below the stack into a read-write region. A specially crafted executable could be exploited to execute arbitrary code in the user context. | |||||
CVE-2018-17154 | 1 Freebsd | 1 Freebsd | 2018-11-23 | 4.9 MEDIUM | 5.5 MEDIUM |
In FreeBSD before 11.2-STABLE(r338987), 11.2-RELEASE-p4, and 11.1-RELEASE-p15, due to insufficient memory checking in the freebsd4_getfsstat system call, a NULL pointer dereference can occur. Unprivileged authenticated local users may be able to cause a denial of service. |