Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freebsd freebsd 10 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-1415
The bsdinstall installer in FreeBSD 10.x prior to 10.1 p9, when configuring full disk encrypted ZFS, uses world-readable permissions for the GELI keyfile (/boot/encryption.key), which allows local users to obtain sensitive key information by reading the file.
Freebsd Freebsd 10.0
Freebsd Freebsd
Freebsd Freebsd 10.1
NA
CVE-2015-1414
Integer overflow in FreeBSD prior to 8.4 p24, 9.x prior to 9.3 p10. 10.0 before p18, and 10.1 before p6 allows remote malicious users to cause a denial of service (crash) via a crafted IGMP packet, which triggers an incorrect size calculation and allocation of insufficient memory...
Netgate Pfsense 2.2.1
Debian Debian Linux 7.0
Freebsd Freebsd 8.4
Freebsd Freebsd 9.0
Freebsd Freebsd 9.1
Freebsd Freebsd 9.2
Freebsd Freebsd 10.1
Freebsd Freebsd 9.3
Freebsd Freebsd 10.0
NA
CVE-2014-8612
Multiple array index errors in the Stream Control Transmission Protocol (SCTP) module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allow local users to (1) gain privileges via the stream id to the setsockopt function, when setting the SCTIP_SS_VAL...
Freebsd Freebsd 8.4
Freebsd Freebsd 9.3
Freebsd Freebsd 10.0
Freebsd Freebsd 10.1
1 EDB exploit
NA
CVE-2014-0998
Integer signedness error in the vt console driver (formerly Newcons) in FreeBSD 9.3 before p10 and 10.1 before p6 allows local users to cause a denial of service (crash) and possibly gain privileges via a negative value in a VT_WAITACTIVE ioctl call, which triggers an array index...
Freebsd Freebsd 10.1
1 EDB exploit
NA
CVE-2014-8613
The sctp module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allows remote malicious users to cause a denial of service (NULL pointer dereference and kernel panic) via a crafted RE_CONFIG chunk.
Freebsd Freebsd 9.3
Freebsd Freebsd 8.4
Freebsd Freebsd 10.1
NA
CVE-2014-7250
The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote malicious users to cause a denial of service (resource consumption) via crafted packets.
Openbsd Openbsd 3.6
Netbsd Netbsd 2.0
Freebsd Freebsd 5.4
Bsd Bsd 4.3
NA
CVE-2014-8517
The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 up to and including 5.1.4, 5.2 up to and including 5.2.2, 6.0 up to and including 6.0.6, and 6.1 up to and including 6.1.5 allows remote malicious users to execute arbitrary commands via a | (pipe) char...
Apple Mac Os X 10.10.1
Apple Mac Os X 10.10.0
Apple Mac Os X 10.9.5
Apple Mac Os X 10.8.5
Netbsd Netbsd 5.1.3
Netbsd Netbsd 5.1.4
Netbsd Netbsd 5.2
Netbsd Netbsd 6.0.4
Netbsd Netbsd 6.0.5
Netbsd Netbsd 6.1.5
Netbsd Netbsd 5.1
Netbsd Netbsd 6.0
Netbsd Netbsd 6.0.1
Netbsd Netbsd 6.1.1
Netbsd Netbsd 6.1.2
Netbsd Netbsd 5.2.1
Netbsd Netbsd 5.2.2
Netbsd Netbsd 6.0.6
Netbsd Netbsd 6.1
Netbsd Netbsd 5.1.1
Netbsd Netbsd 5.1.2
Netbsd Netbsd 6.0.2
2 EDB exploits
1 Github repository
1 Article
NA
CVE-2014-8476
The setlogin function in FreeBSD 8.4 up to and including 10.1-RC4 does not initialize the buffer used to store the login name, which allows local users to obtain sensitive information from kernel memory via a call to getlogin, which returns the entire buffer.
Freebsd Freebsd 10.1
Freebsd Freebsd 10.0
Freebsd Freebsd 8.4
Freebsd Freebsd 9.0
Freebsd Freebsd 9.2
Freebsd Freebsd 9.1
Freebsd Freebsd 9.3
NA
CVE-2014-3711
namei in FreeBSD 9.1 up to and including 10.1-RC2 allows remote malicious users to cause a denial of service (memory exhaustion) via vectors that trigger a sandboxed process to look up a large number of nonexistent path names.
Freebsd Freebsd 9.2
Freebsd Freebsd 10.1
Freebsd Freebsd 9.1
Freebsd Freebsd 9.3
Freebsd Freebsd 10.0
NA
CVE-2014-3952
FreeBSD 8.4 before p14, 9.1 before p17, 9.2 before p10, and 10.0 before p7 does not properly initialize the buffer between the header and data of a control message, which allows local users to obtain sensitive information from kernel memory via unspecified vectors.
Freebsd Freebsd 9.1
Freebsd Freebsd 8.4
Freebsd Freebsd 10.0
Freebsd Freebsd 9.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »