Vulnerabilities (CVE)

Filtered by vendor Freebsd Subscribe
Total 553 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-4516 1 Freebsd 1 Freebsd 2025-04-09 4.9 MEDIUM N/A
Integer signedness error in FreeBSD 6.0-RELEASE allows local users to cause a denial of service (memory corruption and kernel panic) via a PT_LWPINFO ptrace command with a large negative data value that satisfies a signed maximum value check but is used in an unsigned copyout function call.
CVE-2019-5598 1 Freebsd 1 Freebsd 2025-04-03 5.0 MEDIUM 7.5 HIGH
In FreeBSD 11.3-PRERELEASE before r345378, 12.0-STABLE before r345377, 11.2-RELEASE before 11.2-RELEASE-p10, and 12.0-RELEASE before 12.0-RELEASE-p4, a bug in pf does not check if the outer ICMP or ICMP6 packet has the same destination IP as the source IP of the inner protocol packet allowing a maliciously crafted ICMP/ICMP6 packet could bypass the packet filter rules and be passed to a host that would otherwise be unavailable.
CVE-2002-2222 2 Freebsd, Openbsd 2 Ports Collection, Openbsd 2025-04-03 5.1 MEDIUM N/A
isakmpd/message.c in isakmpd in FreeBSD before isakmpd-20020403_1, and in OpenBSD 3.1, allows remote attackers to cause a denial of service (crash) by sending Internet Key Exchange (IKE) payloads out of sequence.
CVE-2002-0701 2 Freebsd, Openbsd 2 Freebsd, Openbsd 2025-04-03 2.1 LOW N/A
ktrace in BSD-based operating systems allows the owner of a process with special privileges to trace the process after its privileges have been lowered, which may allow the owner to obtain sensitive information that the process obtained while it was running with the extra privileges.
CVE-1999-0299 1 Freebsd 1 Freebsd 2025-04-03 9.3 HIGH N/A
Buffer overflow in FreeBSD lpd through long DNS hostnames.
CVE-2006-4172 1 Freebsd 1 Freebsd 2025-04-03 7.2 HIGH N/A
Integer overflow vulnerability in the i386_set_ldt call in FreeBSD 5.5, and possibly earlier versions down to 5.2, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2006-4178.
CVE-2004-1066 1 Freebsd 1 Freebsd 2025-04-03 3.6 LOW N/A
The cmdline pseudofiles in (1) procfs on FreeBSD 4.8 through 5.3, and (2) linprocfs on FreeBSD 5.x through 5.3, do not properly validate a process argument vector, which allows local users to cause a denial of service (panic) or read portions of kernel memory. NOTE: this candidate might be SPLIT into 2 separate items in the future.
CVE-2001-0063 1 Freebsd 1 Freebsd 2025-04-03 7.2 HIGH N/A
procfs in FreeBSD and possibly other operating systems allows local users to bypass access control restrictions for a jail environment and gain additional privileges.
CVE-1999-0821 1 Freebsd 1 Freebsd 2025-04-03 4.6 MEDIUM N/A
FreeBSD seyon allows local users to gain privileges by providing a malicious program in the -emulator argument.
CVE-2000-0163 1 Freebsd 1 Freebsd 2025-04-03 4.6 MEDIUM N/A
asmon and ascpu in FreeBSD allow local users to gain root privileges via a configuration file.
CVE-2006-0905 2 Freebsd, Netbsd 2 Freebsd, Netbsd 2025-04-03 7.5 HIGH N/A
A "programming error" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks.
CVE-2002-0391 4 Freebsd, Microsoft, Openbsd and 1 more 7 Freebsd, Windows 2000, Windows Nt and 4 more 2025-04-03 10.0 HIGH 9.8 CRITICAL
Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd.
CVE-2002-0820 1 Freebsd 1 Freebsd 2025-04-03 7.2 HIGH N/A
FreeBSD kernel 4.6 and earlier closes the file descriptors 0, 1, and 2 after they have already been assigned to /dev/null when the descriptors reference procfs or linprocfs, which could allow local users to reuse the file descriptors in a setuid or setgid program to modify critical data and gain privileges.
CVE-2006-0054 1 Freebsd 1 Freebsd 2025-04-03 5.0 MEDIUM 5.3 MEDIUM
The ipfw firewall in FreeBSD 6.0-RELEASE allows remote attackers to cause a denial of service (firewall crash) via ICMP IP fragments that match a reset, reject or unreach action, which leads to an access of an uninitialized pointer.
CVE-2004-1471 6 Cvs, Freebsd, Gentoo and 3 more 6 Cvs, Freebsd, Linux and 3 more 2025-04-03 7.1 HIGH N/A
Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line.
CVE-2002-1219 3 Freebsd, Isc, Openbsd 3 Freebsd, Bind, Openbsd 2025-04-03 7.5 HIGH N/A
Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR).
CVE-2000-0993 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2025-04-03 7.2 HIGH N/A
Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd.
CVE-2000-0595 1 Freebsd 1 Freebsd 2025-04-03 4.6 MEDIUM N/A
libedit searches for the .editrc file in the current directory instead of the user's home directory, which may allow local users to execute arbitrary commands by installing a modified .editrc in another directory.
CVE-2003-1289 2 Freebsd, Netbsd 2 Freebsd, Netbsd 2025-04-03 2.1 LOW N/A
The iBCS2 system call translator for statfs in NetBSD 1.5 through 1.5.3 and FreeBSD 4 up to 4.8-RELEASE-p2 and 5 up to 5.1-RELEASE-p1 allows local users to read portions of kernel memory (memory disclosure) via a large length parameter, which copies additional kernel memory into userland memory.
CVE-2002-0518 1 Freebsd 1 Freebsd 2025-04-03 5.0 MEDIUM N/A
The SYN cache (syncache) and SYN cookie (syncookie) mechanism in FreeBSD 4.5 and earlier allows remote attackers to cause a denial of service (crash) (1) via a SYN packet that is accepted using syncookies that causes a null pointer to be referenced for the socket's TCP options, or (2) by killing and restarting a process that listens on the same socket, which does not properly clear the old inpcb pointer on restart.