Filtered by vendor Freebsd
Subscriptions
Filtered by product Freebsd
Subscriptions
Total
551 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1036 | 2 Amd, Freebsd | 2 Amd64, Freebsd | 2025-04-03 | 7.8 High |
| FreeBSD 5.x to 5.4 on AMD64 does not properly initialize the IO permission bitmap used to allow user access to certain hardware, which allows local users to bypass intended access restrictions to cause a denial of service, obtain sensitive information, and possibly gain privileges. | ||||
| CVE-2006-4304 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2025-04-03 | N/A |
| Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0 through 4.0 beta before 20060823, and OpenBSD 3.8 and 3.9 before 20060902 allows remote attackers to cause a denial of service (panic), obtain sensitive information, and possibly execute arbitrary code via crafted Link Control Protocol (LCP) packets with an option length that exceeds the overall length, which triggers the overflow in (1) pppoe and (2) ippp. NOTE: this issue was originally incorrectly reported for the ppp driver. | ||||
| CVE-2002-0381 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2025-04-03 | N/A |
| The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address. | ||||
| CVE-2003-1230 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| The implementation of SYN cookies (syncookies) in FreeBSD 4.5 through 5.0-RELEASE-p3 uses only 32-bit internal keys when generating syncookies, which makes it easier for remote attackers to conduct brute force ISN guessing attacks and spoof legitimate traffic. | ||||
| CVE-2005-1399 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| FreeBSD 4.6 to 4.11 and 5.x to 5.4 uses insecure default permissions for the /dev/iir device, which allows local users to execute restricted ioctl calls to read or modify data on hardware that is controlled by the iir driver. | ||||
| CVE-2003-1234 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| Integer overflow in the f_count counter in FreeBSD before 4.2 through 5.0 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via multiple calls to (1) fpathconf and (2) lseek, which do not properly decrement f_count through a call to fdrop. | ||||
| CVE-2003-1289 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2025-04-03 | N/A |
| The iBCS2 system call translator for statfs in NetBSD 1.5 through 1.5.3 and FreeBSD 4 up to 4.8-RELEASE-p2 and 5 up to 5.1-RELEASE-p1 allows local users to read portions of kernel memory (memory disclosure) via a large length parameter, which copies additional kernel memory into userland memory. | ||||
| CVE-2002-0830 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| Network File System (NFS) in FreeBSD 4.6.1 RELEASE-p7 and earlier, NetBSD 1.5.3 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service (hang) via an RPC message with a zero length payload, which causes NFS to reference a previous payload and enter an infinite loop. | ||||
| CVE-1999-0040 | 7 Bsdi, Freebsd, Hp and 4 more | 10 Bsd Os, Freebsd, Hp-ux and 7 more | 2025-04-03 | N/A |
| Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges. | ||||
| CVE-1999-0074 | 4 Freebsd, Linux, Microsoft and 1 more | 4 Freebsd, Linux Kernel, Windows Nt and 1 more | 2025-04-03 | N/A |
| Listening TCP ports are sequentially allocated, allowing spoofing attacks. | ||||
| CVE-1999-0078 | 10 Bsdi, Freebsd, Hp and 7 more | 11 Bsd Os, Freebsd, Hp-ux and 8 more | 2025-04-03 | N/A |
| pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call. | ||||
| CVE-1999-0129 | 7 Bsdi, Eric Allman, Freebsd and 4 more | 9 Bsd Os, Sendmail, Freebsd and 6 more | 2025-04-03 | N/A |
| Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. | ||||
| CVE-2003-0688 | 6 Compaq, Freebsd, Openbsd and 3 more | 7 Tru64, Freebsd, Openbsd and 4 more | 2025-04-03 | N/A |
| The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service (process crash) via an invalid DNS response that causes Sendmail to free incorrect data. | ||||
| CVE-1999-0513 | 7 Digital, Freebsd, Hp and 4 more | 8 Unix, Freebsd, Hp-ux and 5 more | 2025-04-03 | N/A |
| ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service. | ||||
| CVE-1999-0780 | 3 Freebsd, Kde, Linux | 3 Freebsd, Kde, Linux Kernel | 2025-04-03 | N/A |
| KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file. | ||||
| CVE-1999-0798 | 5 Bsdi, Freebsd, Openbsd and 2 more | 7 Bsd Os, Freebsd, Openbsd and 4 more | 2025-04-03 | N/A |
| Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type. | ||||
| CVE-1999-0912 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| FreeBSD VFS cache (vfs_cache) allows local users to cause a denial of service by opening a large number of files. | ||||
| CVE-1999-0963 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| FreeBSD mount_union command allows local users to gain root privileges via a symlink attack. | ||||
| CVE-2005-2019 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| ipfw in FreeBSD 5.4, when running on Symmetric Multi-Processor (SMP) or Uni Processor (UP) systems with the PREEMPTION kernel option enabled, does not sufficiently lock certain resources while performing table lookups, which can cause the cache results to be corrupted during multiple concurrent lookups, allowing remote attackers to bypass intended access restrictions. | ||||
| CVE-2002-1674 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| procfs on FreeBSD before 4.5 allows local users to cause a denial of service (kernel panic) by removing a file that the fstatfs function refers to. | ||||