Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freebsd vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2001-0061
procfs in FreeBSD and possibly other operating systems does not properly restrict access to per-process mem and ctl files, which allows local users to gain root privileges by forking a child process and executing a privileged process from the child, while the parent retains acces...
Freebsd Freebsd 3.5.1
Freebsd Freebsd 4.1
Freebsd Freebsd 4.1.1
Freebsd Freebsd 4.2
2.1
CVSSv2
CVE-2014-3873
The ktrace utility in the FreeBSD kernel 8.4 before p11, 9.1 before p14, 9.2 before p7, and 9.3-BETA1 before p1 uses an incorrect page fault kernel trace entry size, which allows local users to obtain sensitive information from kernel memory via a kernel process trace.
Freebsd Freebsd 9.3
Freebsd Freebsd 9.2
Freebsd Freebsd 9.1
Freebsd Freebsd 8.4
4.9
CVSSv2
CVE-2008-0777
The sendfile system call in FreeBSD 5.5 up to and including 7.0 does not check the access flags of the file descriptor used for sending a file, which allows local users to read the contents of write-only files.
Freebsd Freebsd 7.0
Freebsd Freebsd 6.2
Freebsd Freebsd 5.5
Freebsd Freebsd 6.3
4.9
CVSSv2
CVE-2014-3952
FreeBSD 8.4 before p14, 9.1 before p17, 9.2 before p10, and 10.0 before p7 does not properly initialize the buffer between the header and data of a control message, which allows local users to obtain sensitive information from kernel memory via unspecified vectors.
Freebsd Freebsd 9.1
Freebsd Freebsd 8.4
Freebsd Freebsd 10.0
Freebsd Freebsd 9.2
4.9
CVSSv2
CVE-2014-3953
FreeBSD 8.4 before p14, 9.1 before p17, 9.2 before p10, and 10.0 before p7 does not properly initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via a (1) SCTP_SNDRCV, (2) SCTP_EXTRCV, or (3) SCTP_RCVINFO SCTP cmsg or a ...
Freebsd Freebsd 9.2
Freebsd Freebsd 9.1
Freebsd Freebsd 10.0
Freebsd Freebsd 8.4
7.2
CVSSv2
CVE-2020-7467
In FreeBSD 12.2-STABLE before r365767, 11.4-STABLE before r365769, 12.1-RELEASE before p10, 11.4-RELEASE before p4 and 11.3-RELEASE before p14 a number of AMD virtualization instructions operate on host physical addresses, are not subject to nested page table translation, and gue...
Freebsd Freebsd 11.3
Freebsd Freebsd 11.4
Freebsd Freebsd 12.1
Freebsd Freebsd 12.2
7.2
CVSSv2
CVE-2001-1180
FreeBSD 4.3 does not properly clear shared signal handlers when executing a process, which allows local users to gain privileges by calling rfork with a shared signal handler, having the child process execute a setuid program, and sending a signal to the child.
Freebsd Freebsd 4.0
Freebsd Freebsd 4.1
Freebsd Freebsd 4.2
Freebsd Freebsd 4.3
4.3
CVSSv2
CVE-2011-1739
The makemask function in mountd.c in mountd in FreeBSD 7.4 up to and including 8.2 does not properly handle a -network field specifying a CIDR block with a prefix length that is not an integer multiple of 8, which allows remote malicious users to bypass intended access restrictio...
Freebsd Freebsd 7.4
Freebsd Freebsd 8.0
Freebsd Freebsd 8.1
Freebsd Freebsd 8.2
2.1
CVSSv2
CVE-2002-0831
The kqueue mechanism in FreeBSD 4.3 up to and including 4.6 STABLE allows local users to cause a denial of service (kernel panic) via a pipe call in which one end is terminated and an EVFILT_WRITE filter is registered for the other end.
Freebsd Freebsd 4.6
Freebsd Freebsd 4.4
Freebsd Freebsd 4.5
Freebsd Freebsd 4.3
7.2
CVSSv2
CVE-2019-5603
In FreeBSD 12.0-STABLE before r350261, 12.0-RELEASE prior to 12.0-RELEASE-p8, 11.3-STABLE before r350263, 11.3-RELEASE prior to 11.3-RELEASE-p1, and 11.2-RELEASE prior to 11.2-RELEASE-p12, system calls operating on file descriptors as part of mqueuefs did not properly release the...
Freebsd Freebsd 11.2
Freebsd Freebsd 12.0
Freebsd Freebsd 11.0
Freebsd Freebsd 11.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »