Filtered by vendor Freebsd
Subscriptions
Total
568 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-7252 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2025-04-11 | N/A |
| Integer overflow in the calloc function in libc/stdlib/malloc.c in jemalloc in libc for FreeBSD 6.4 and NetBSD makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which triggers a memory allocation of one byte. | ||||
| CVE-2014-1452 | 1 Freebsd | 1 Freebsd | 2025-04-11 | N/A |
| Stack-based buffer overflow in lib/snmpagent.c in bsnmpd, as used in FreeBSD 8.3 through 10.0, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a crafted GETBULK PDU request. | ||||
| CVE-2013-6833 | 1 Freebsd | 1 Freebsd | 2025-04-11 | N/A |
| The qls_eioctl function in sys/dev/qlxge/qls_ioctl.c in the kernel in FreeBSD 10 and earlier does not validate a certain size parameter, which allows local users to obtain sensitive information from kernel memory via a crafted ioctl call. | ||||
| CVE-2013-5710 | 1 Freebsd | 1 Freebsd | 2025-04-11 | N/A |
| The nullfs implementation in sys/fs/nullfs/null_vnops.c in the kernel in FreeBSD 8.3 through 9.2 allows local users with certain permissions to bypass access restrictions via a hardlink in a nullfs instance to a file in a different instance. | ||||
| CVE-2013-6832 | 1 Freebsd | 1 Freebsd | 2025-04-11 | N/A |
| The nand_ioctl function in sys/dev/nand/nand_geom.c in the nand driver in the kernel in FreeBSD 10 and earlier does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via a crafted ioctl call. | ||||
| CVE-2013-6834 | 1 Freebsd | 1 Freebsd | 2025-04-11 | N/A |
| The ql_eioctl function in sys/dev/qlxgbe/ql_ioctl.c in the kernel in FreeBSD 10 and earlier does not validate a certain size parameter, which allows local users to obtain sensitive information from kernel memory via a crafted ioctl call. | ||||
| CVE-2013-3266 | 1 Freebsd | 1 Freebsd | 2025-04-11 | N/A |
| The nfsrvd_readdir function in sys/fs/nfsserver/nfs_nfsdport.c in the new NFS server in FreeBSD 8.0 through 9.1-RELEASE-p3 does not verify that a READDIR request is for a directory node, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by specifying a plain file instead of a directory. | ||||
| CVE-2010-4666 | 1 Freebsd | 1 Libarchive | 2025-04-11 | N/A |
| Buffer overflow in libarchive 3.0 pre-release code allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted CAB file, which is not properly handled during the reading of Huffman code data within LZX compressed data. | ||||
| CVE-2013-3077 | 1 Freebsd | 1 Freebsd | 2025-04-11 | N/A |
| Multiple integer overflows in the IP_MSFILTER and IPV6_MSFILTER features in (1) sys/netinet/in_mcast.c and (2) sys/netinet6/in6_mcast.c in the multicast implementation in the kernel in FreeBSD 8.3 through 9.2-PRERELEASE allow local users to bypass intended restrictions on kernel-memory read and write operations, and consequently gain privileges, via vectors involving a large number of source-filter entries. | ||||
| CVE-2013-4851 | 1 Freebsd | 1 Freebsd | 2025-04-11 | N/A |
| The vfs_hang_addrlist function in sys/kern/vfs_export.c in the NFS server implementation in the kernel in FreeBSD 8.3 and 9.x through 9.1-RELEASE-p5 controls authorization for host/subnet export entries on the basis of group information sent by the client, which allows remote attackers to bypass file permissions on NFS filesystems via crafted requests. | ||||
| CVE-2010-2693 | 1 Freebsd | 1 Freebsd | 2025-04-11 | N/A |
| FreeBSD 7.1 through 8.1-PRERELEASE does not copy the read-only flag when creating a duplicate mbuf buffer reference, which allows local users to cause a denial of service (system file corruption) and gain privileges via the sendfile system call. | ||||
| CVE-2010-2022 | 1 Freebsd | 1 Freebsd | 2025-04-11 | N/A |
| jail.c in jail in FreeBSD 8.0 and 8.1-PRERELEASE, when the "-l -U root" options are omitted, does not properly restrict access to the current working directory, which might allow local users to read, modify, or create arbitrary files via standard filesystem operations. | ||||
| CVE-2011-0343 | 3 Freebsd, Hp, Oneidentity | 3 Freebsd, Hp-ux, Syslog-ng | 2025-04-11 | N/A |
| Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeBSD or HP-UX, does not properly perform cast operations, which causes syslog-ng to use a default value of -1 to create log files with insecure permissions (07777), which allows local users to read and write to these log files. | ||||
| CVE-2010-2020 | 1 Freebsd | 1 Freebsd | 2025-04-11 | N/A |
| sys/nfsclient/nfs_vfsops.c in the NFS client in the kernel in FreeBSD 7.2 through 8.1-PRERELEASE, when vfs.usermount is enabled, does not validate the length of a certain fhsize parameter, which allows local users to gain privileges via a crafted mount request. | ||||
| CVE-2012-4578 | 2 Freebsd, Pawel Jakub Dawidek | 2 Freebsd, Geli | 2025-04-11 | N/A |
| The geli encryption provider 7 before r239184 on FreeBSD 10 uses a weak Master Key, which makes it easier for local users to defeat a cryptographic protection mechanism via a brute-force attack. | ||||
| CVE-2011-1739 | 1 Freebsd | 1 Freebsd | 2025-04-11 | N/A |
| The makemask function in mountd.c in mountd in FreeBSD 7.4 through 8.2 does not properly handle a -network field specifying a CIDR block with a prefix length that is not an integer multiple of 8, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances via an NFS mount request. | ||||
| CVE-2011-1777 | 2 Freebsd, Redhat | 2 Libarchive, Enterprise Linux | 2025-04-11 | N/A |
| Multiple buffer overflows in the (1) heap_add_entry and (2) relocate_dir functions in archive_read_support_format_iso9660.c in libarchive through 2.8.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ISO9660 image. | ||||
| CVE-2011-1779 | 1 Freebsd | 1 Libarchive | 2025-04-11 | N/A |
| Multiple use-after-free vulnerabilities in libarchive 2.8.4 and 2.8.5 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted (1) TAR archive or (2) ISO9660 image. | ||||
| CVE-2013-5666 | 1 Freebsd | 1 Freebsd | 2025-04-11 | N/A |
| The sendfile system-call implementation in sys/kern/uipc_syscalls.c in the kernel in FreeBSD 9.2-RC1 and 9.2-RC2 does not properly pad transmissions, which allows local users to obtain sensitive information (kernel memory) via a length greater than the length of the file. | ||||
| CVE-2010-0318 | 1 Freebsd | 1 Freebsd | 2025-04-09 | N/A |
| The replay functionality for ZFS Intent Log (ZIL) in FreeBSD 7.1, 7.2, and 8.0, when creating files during replay of a setattr transaction, uses 7777 permissions instead of the original permissions, which might allow local users to read or modify unauthorized files in opportunistic circumstances after a system crash or power failure. | ||||