Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freebsd freebsd 12.1 vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2020-24718
bhyve, as used in FreeBSD up to and including 12.1 and illumos (e.g., OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04), does not properly restrict VMCS and VMCB read/write operations, as demonstrated by a root user in a container on an Intel system, who can gain...
Freebsd Freebsd
Freebsd Freebsd 11.3
Freebsd Freebsd 11.4
Freebsd Freebsd 12.0
Freebsd Freebsd 12.1
Omniosce Omnios
Openindiana Openindiana
Netapp Clustered Data Ontap -
4.6
CVSSv2
CVE-2020-7459
In FreeBSD 12.1-STABLE before r362166, 12.1-RELEASE before p8, 11.4-STABLE before r362167, 11.4-RELEASE before p2, and 11.3-RELEASE before p12, missing length validation code common to mulitple USB network drivers allows a malicious USB device to write beyond the end of an alloca...
Freebsd Freebsd 11.3
Freebsd Freebsd 12.1
Freebsd Freebsd 11.4
4.4
CVSSv2
CVE-2020-7460
In FreeBSD 12.1-STABLE before r363918, 12.1-RELEASE before p8, 11.4-STABLE before r363919, 11.4-RELEASE before p2, and 11.3-RELEASE before p12, the sendmsg system call in the compat32 subsystem on 64-bit platforms has a time-of-check to time-of-use vulnerability allowing a mailci...
Freebsd Freebsd 11.3
Freebsd Freebsd 12.1
Freebsd Freebsd 11.4
2 Github repositories
6.8
CVSSv2
CVE-2020-7457
In FreeBSD 12.1-STABLE before r359565, 12.1-RELEASE before p7, 11.4-STABLE before r362975, 11.4-RELEASE before p1, and 11.3-RELEASE before p11, missing synchronization in the IPV6_2292PKTOPTIONS socket option set handler contained a race condition allowing a malicious application...
Freebsd Freebsd 11.3
Freebsd Freebsd 11.4
Freebsd Freebsd 12.1
7.5
CVSSv2
CVE-2020-7458
In FreeBSD 12.1-STABLE before r362281, 11.4-STABLE before r362281, and 11.4-RELEASE before p1, long values in the user-controlled PATH environment variable cause posix_spawnp to write beyond the end of the heap allocated stack possibly leading to arbitrary code execution.
Freebsd Freebsd 11.4
Freebsd Freebsd 12.1
7.2
CVSSv2
CVE-2020-7456
In FreeBSD 12.1-STABLE before r361918, 12.1-RELEASE before p6, 11.4-STABLE before r361919, 11.3-RELEASE before p10, and 11.4-RC2 before p1, an invalid memory location may be used for HID items if the push/pop level is not restored within the processing of that HID item allowing a...
Freebsd Freebsd 11.3
Freebsd Freebsd 11.4
Freebsd Freebsd 12.1
Netapp Clustered Data Ontap -
2.1
CVSSv2
CVE-2020-13434
SQLite up to and including 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.
Sqlite Sqlite
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Freebsd Freebsd 12.0
Freebsd Freebsd 12.1
Freebsd Freebsd 11.4
Freebsd Freebsd
Oracle Outside In Technology 8.5.5
Oracle Communications Network Charging And Control 6.0.1
Oracle Communications Network Charging And Control
Oracle Communications Cloud Native Core Policy 1.14.0
Apple Iphone Os
Apple Watchos
Apple Tvos
Apple Ipados
Apple Icloud
Apple Itunes
2 Github repositories
7.5
CVSSv2
CVE-2020-7454
In FreeBSD 12.1-STABLE before r360971, 12.1-RELEASE before p5, 11.4-STABLE before r360971, 11.4-BETA1 before p1 and 11.3-RELEASE before p9, libalias does not properly validate packet length resulting in modules causing an out of bounds read/write condition if no checking was buil...
Freebsd Freebsd 11.3
Freebsd Freebsd 12.1
Freebsd Freebsd 11.4
2.1
CVSSv2
CVE-2020-7455
In FreeBSD 12.1-STABLE before r360973, 12.1-RELEASE before p5, 11.4-STABLE before r360973, 11.4-BETA1 before p1 and 11.3-RELEASE before p9, the FTP packet handler in libalias incorrectly calculates some packet length allowing disclosure of small amounts of kernel (for kernel NAT)...
Freebsd Freebsd 11.3
Freebsd Freebsd 12.1
Freebsd Freebsd 11.4
4.6
CVSSv2
CVE-2019-15878
In FreeBSD 12.1-STABLE before r352509, 11.3-STABLE before r352509, and 11.3-RELEASE before p9, an unprivileged local user can trigger a use-after-free situation due to improper checking in SCTP when an application tries to update an SCTP-AUTH shared key.
Freebsd Freebsd 11.3
Freebsd Freebsd 12.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »