Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freebsd freebsd 10.0 vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2015-1415
The bsdinstall installer in FreeBSD 10.x prior to 10.1 p9, when configuring full disk encrypted ZFS, uses world-readable permissions for the GELI keyfile (/boot/encryption.key), which allows local users to obtain sensitive key information by reading the file.
Freebsd Freebsd 10.0
Freebsd Freebsd
Freebsd Freebsd 10.1
4.6
CVSSv2
CVE-2014-8612
Multiple array index errors in the Stream Control Transmission Protocol (SCTP) module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allow local users to (1) gain privileges via the stream id to the setsockopt function, when setting the SCTIP_SS_VAL...
Freebsd Freebsd 8.4
Freebsd Freebsd 9.3
Freebsd Freebsd 10.0
Freebsd Freebsd 10.1
1 EDB exploit
4.9
CVSSv2
CVE-2014-3952
FreeBSD 8.4 before p14, 9.1 before p17, 9.2 before p10, and 10.0 before p7 does not properly initialize the buffer between the header and data of a control message, which allows local users to obtain sensitive information from kernel memory via unspecified vectors.
Freebsd Freebsd 9.1
Freebsd Freebsd 8.4
Freebsd Freebsd 10.0
Freebsd Freebsd 9.2
4.9
CVSSv2
CVE-2014-3953
FreeBSD 8.4 before p14, 9.1 before p17, 9.2 before p10, and 10.0 before p7 does not properly initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via a (1) SCTP_SNDRCV, (2) SCTP_EXTRCV, or (3) SCTP_RCVINFO SCTP cmsg or a ...
Freebsd Freebsd 9.2
Freebsd Freebsd 9.1
Freebsd Freebsd 10.0
Freebsd Freebsd 8.4
4.9
CVSSv2
CVE-2014-3880
The (1) execve and (2) fexecve system calls in the FreeBSD kernel 8.4 before p11, 9.1 before p14, 9.2 before p7, and 10.0 before p4 destroys the virtual memory address space and mappings for a process before all threads have terminated, which allows local users to cause a denial ...
Freebsd Freebsd 10.0
Freebsd Freebsd 9.2
Freebsd Freebsd 9.1
Freebsd Freebsd 8.4
4.3
CVSSv2
CVE-2014-8475
FreeBSD 9.1, 9.2, and 10.0, when compiling OpenSSH with Kerberos support, uses incorrect library ordering when linking sshd, which causes symbols to be resolved incorrectly and allows remote malicious users to cause a denial of service (sshd deadlock and prevention of new connect...
Freebsd Freebsd 9.1
Freebsd Freebsd 9.2
Freebsd Freebsd 10.0
9.3
CVSSv2
CVE-2015-1416
Larry Wall's patch; patch in FreeBSD 10.2-RC1 prior to 10.2-RC1-p1, 10.2 prior to 10.2-BETA2-p2, and 10.1 prior to 10.1-RELEASE-p16; Bitrig; GNU patch prior to 2.2.5; and possibly other patch variants allow remote malicious users to execute arbitrary shell commands via a cra...
Freebsd Freebsd 10.1
Freebsd Freebsd 10.0
Freebsd Freebsd 10.2
10
CVSSv2
CVE-2014-3954
Stack-based buffer overflow in rtsold in FreeBSD 9.1 up to and including 10.1-RC2 allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via crafted DNS parameters in a router advertisement message.
Freebsd Freebsd 9.2
Freebsd Freebsd 10.1
Freebsd Freebsd 9.1
Freebsd Freebsd 9.3
Freebsd Freebsd 10.0
5
CVSSv2
CVE-2014-3711
namei in FreeBSD 9.1 up to and including 10.1-RC2 allows remote malicious users to cause a denial of service (memory exhaustion) via vectors that trigger a sandboxed process to look up a large number of nonexistent path names.
Freebsd Freebsd 9.2
Freebsd Freebsd 10.1
Freebsd Freebsd 9.1
Freebsd Freebsd 9.3
Freebsd Freebsd 10.0
7.8
CVSSv2
CVE-2014-3000
The TCP reassembly function in the inet module in FreeBSD 8.3 before p16, 8.4 before p9, 9.1 before p12, 9.2 before p5, and 10.0 before p2 allows remote malicious users to cause a denial of service (undefined memory access and system crash) or possibly read system memory via mult...
Freebsd Freebsd 9.1
Freebsd Freebsd 8.3
Freebsd Freebsd 9.2
Freebsd Freebsd 10.0
Freebsd Freebsd 8.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »