Total
528 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0823 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in FreeBSD xmindpath allows local users to gain privileges via -f argument. | |||||
| CVE-2003-1234 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 3.6 LOW | N/A |
| Integer overflow in the f_count counter in FreeBSD before 4.2 through 5.0 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via multiple calls to (1) fpathconf and (2) lseek, which do not properly decrement f_count through a call to fdrop. | |||||
| CVE-2000-0092 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2025-04-03 | 6.2 MEDIUM | N/A |
| The BSD make program allows local users to modify files via a symlink attack when the -j option is being used. | |||||
| CVE-1999-0963 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 7.2 HIGH | N/A |
| FreeBSD mount_union command allows local users to gain root privileges via a symlink attack. | |||||
| CVE-2005-0109 | 5 Freebsd, Redhat, Sco and 2 more | 8 Freebsd, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2025-04-03 | 4.7 MEDIUM | 5.6 MEDIUM |
| Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses. | |||||
| CVE-2000-1167 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 7.5 HIGH | N/A |
| ppp utility in FreeBSD 4.1.1 and earlier does not properly restrict access as specified by the "nat deny_incoming" command, which allows remote attackers to connect to the target system. | |||||
| CVE-2004-0435 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 3.6 LOW | N/A |
| Certain "programming errors" in the msync system call for FreeBSD 5.2.1 and earlier, and 4.10 and earlier, do not properly handle the MS_INVALIDATE operation, which leads to cache consistency problems that allow a local user to prevent certain changes to files from being committed to disk. | |||||
| CVE-2001-0371 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 6.2 MEDIUM | N/A |
| Race condition in the UFS and EXT2FS file systems in FreeBSD 4.2 and earlier, and possibly other operating systems, makes deleted data available to user processes before it is zeroed out, which allows a local user to access otherwise restricted information. | |||||
| CVE-2000-0749 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in the Linux binary compatibility module in FreeBSD 3.x through 5.x allows local users to gain root privileges via long filenames in the linux shadow file system. | |||||
| CVE-2003-0466 | 7 Apple, Freebsd, Netbsd and 4 more | 8 Mac Os X, Mac Os X Server, Freebsd and 5 more | 2025-04-03 | 10.0 HIGH | 9.8 CRITICAL |
| Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO. | |||||
| CVE-2002-1674 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 1.2 LOW | N/A |
| procfs on FreeBSD before 4.5 allows local users to cause a denial of service (kernel panic) by removing a file that the fstatfs function refers to. | |||||
| CVE-2002-0794 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 5.0 MEDIUM | N/A |
| The accept_filter mechanism in FreeBSD 4 through 4.5 does not properly remove entries from the incomplete listen queue when adding a syncache, which allows remote attackers to cause a denial of service (network service availability) via a large number of connection attempts, which fills the queue. | |||||
| CVE-2003-0688 | 6 Compaq, Freebsd, Openbsd and 3 more | 6 Tru64, Freebsd, Openbsd and 3 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service (process crash) via an invalid DNS response that causes Sendmail to free incorrect data. | |||||
| CVE-2006-1056 | 2 Freebsd, Linux | 2 Freebsd, Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
| The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one process to determine portions of the state of floating point instructions of other processes, which can be leveraged to obtain sensitive information such as cryptographic keys. NOTE: this is the documented behavior of AMD64 processors, but it is inconsistent with Intel processors in a security-relevant fashion that was not addressed by the kernels. | |||||
| CVE-2004-0081 | 23 4d, Apple, Avaya and 20 more | 66 Webstar, Mac Os X, Mac Os X Server and 63 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. | |||||
| CVE-2002-0973 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 4.6 MEDIUM | N/A |
| Integer signedness error in several system calls for FreeBSD 4.6.1 RELEASE-p10 and earlier may allow attackers to access sensitive kernel memory via large negative values to the (1) accept, (2) getsockname, and (3) getpeername system calls, and the (4) vesa FBIO_GETPALETTE ioctl. | |||||
| CVE-2002-0666 | 6 Apple, Freebsd, Frees Wan and 3 more | 12 Mac Os X, Mac Os X Server, Freebsd and 9 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors. | |||||
| CVE-2000-1066 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 5.0 MEDIUM | N/A |
| The getnameinfo function in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows a remote attacker to cause a denial of service via a long DNS hostname. | |||||
| CVE-2002-0574 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 5.0 MEDIUM | N/A |
| Memory leak in FreeBSD 4.5 and earlier allows remote attackers to cause a denial of service (memory exhaustion) via ICMP echo packets that trigger a bug in ip_output() in which the reference count for a routing table entry is not decremented, which prevents the entry from being removed. | |||||
| CVE-2002-0829 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 4.6 MEDIUM | N/A |
| Integer overflow in the Berkeley Fast File System (FFS) in FreeBSD 4.6.1 RELEASE-p4 and earlier allows local users to access arbitrary file contents within FFS to gain privileges by creating a file that is larger than allowed by the virtual memory system. | |||||