Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freebsd freebsd 11.4 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-25577
In FreeBSD 12.2-STABLE before r368250, 11.4-STABLE before r368253, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 rtsold(8) does not verify that the RDNSS option does not extend past the end of the received packet before processing its contents. While ...
Freebsd Freebsd 11.4
Freebsd Freebsd 12.1
Freebsd Freebsd 12.2
9.8
CVSSv3
CVE-2020-25583
In FreeBSD 12.2-STABLE before r368250, 11.4-STABLE before r368253, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 when processing a DNSSL option, rtsold(8) decodes domain name labels per an encoding specified in RFC 1035 in which the first octet of eac...
Freebsd Freebsd 11.3
Freebsd Freebsd 11.4
Freebsd Freebsd 12.1
Freebsd Freebsd 12.2
9.8
CVSSv3
CVE-2020-7458
In FreeBSD 12.1-STABLE before r362281, 11.4-STABLE before r362281, and 11.4-RELEASE before p1, long values in the user-controlled PATH environment variable cause posix_spawnp to write beyond the end of the heap allocated stack possibly leading to arbitrary code execution.
Freebsd Freebsd 11.4
Freebsd Freebsd 12.1
9.8
CVSSv3
CVE-2020-7454
In FreeBSD 12.1-STABLE before r360971, 12.1-RELEASE before p5, 11.4-STABLE before r360971, 11.4-BETA1 before p1 and 11.3-RELEASE before p9, libalias does not properly validate packet length resulting in modules causing an out of bounds read/write condition if no checking was buil...
Freebsd Freebsd 11.3
Freebsd Freebsd 12.1
Freebsd Freebsd 11.4
8.8
CVSSv3
CVE-2020-7468
In FreeBSD 12.2-STABLE before r365772, 11.4-STABLE before r365773, 12.1-RELEASE before p10, 11.4-RELEASE before p4 and 11.3-RELEASE before p14 a ftpd(8) bug in the implementation of the file system sandbox, combined with capabilities available to an authenticated FTP user, can be...
Freebsd Freebsd 11.3
Freebsd Freebsd 12.1
Freebsd Freebsd 11.4
Freebsd Freebsd 12.2
8.7
CVSSv3
CVE-2020-25582
In FreeBSD 12.2-STABLE before r369334, 11.4-STABLE before r369335, 12.2-RELEASE before p4 and 11.4-RELEASE before p8 when a process, such as jexec(8) or killall(1), calls jail_attach(2) to enter a jail, the jailed root can attach to it using ptrace(2) before the current working d...
Freebsd Freebsd 11.4
Freebsd Freebsd 12.2
8.2
CVSSv3
CVE-2020-24718
bhyve, as used in FreeBSD up to and including 12.1 and illumos (e.g., OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04), does not properly restrict VMCS and VMCB read/write operations, as demonstrated by a root user in a container on an Intel system, who can gain...
Freebsd Freebsd
Freebsd Freebsd 11.3
Freebsd Freebsd 11.4
Freebsd Freebsd 12.0
Freebsd Freebsd 12.1
Omniosce Omnios
Openindiana Openindiana
Netapp Clustered Data Ontap -
8.1
CVSSv3
CVE-2021-29630
In FreeBSD 13.0-STABLE before n246938-0729ba2f49c9, 12.2-STABLE before r370383, 11.4-STABLE before r370381, 13.0-RELEASE before p4, 12.2-RELEASE before p10, and 11.4-RELEASE before p13, the ggatec daemon does not validate the size of a response before writing it to a fixed-sized ...
Freebsd Freebsd 11.4
Freebsd Freebsd 12.2
Freebsd Freebsd 13.0
8.1
CVSSv3
CVE-2020-7457
In FreeBSD 12.1-STABLE before r359565, 12.1-RELEASE before p7, 11.4-STABLE before r362975, 11.4-RELEASE before p1, and 11.3-RELEASE before p11, missing synchronization in the IPV6_2292PKTOPTIONS socket option set handler contained a race condition allowing a malicious application...
Freebsd Freebsd 11.3
Freebsd Freebsd 11.4
Freebsd Freebsd 12.1
7.8
CVSSv3
CVE-2021-29631
In FreeBSD 13.0-STABLE before n246941-20f96f215562, 12.2-STABLE before r370400, 11.4-STABLE before r370399, 13.0-RELEASE before p4, 12.2-RELEASE before p10, and 11.4-RELEASE before p13, certain VirtIO-based device models in bhyve failed to handle errors when fetching I/O descript...
Freebsd Freebsd 11.4
Freebsd Freebsd 12.2
Freebsd Freebsd 13.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »