Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freebsd vulnerabilities and exploits
(subscribe to this query)
9.6
CVSSv3
CVE-2019-5604
In FreeBSD 12.0-STABLE before r350246, 12.0-RELEASE prior to 12.0-RELEASE-p8, 11.3-STABLE before r350247, 11.3-RELEASE prior to 11.3-RELEASE-p1, and 11.2-RELEASE prior to 11.2-RELEASE-p12, the emulated XHCI device included with the bhyve hypervisor did not properly validate data ...
Freebsd Freebsd 11.2
Freebsd Freebsd 12.0
Freebsd Freebsd 11.0
Freebsd Freebsd 11.3
9.1
CVSSv3
CVE-2022-40895
In certain Nedi products, a vulnerability in the web UI of NeDi login & Community login could allow an unauthenticated, remote malicious user to affect the integrity of a device via a User Enumeration vulnerability. The vulnerability is due to insecure design, where a differe...
Nedi Nedi
Nedi Nedi 1.0.7
9.1
CVSSv3
CVE-2021-36159
libfetch prior to 2021-07-26, as used in apk-tools, xbps, and other products, mishandles numeric strings for the FTP and HTTP protocols. The FTP passive mode implementation allows an out-of-bounds read because strtol is used to parse the relevant numbers into address bytes. It do...
Freebsd Libfetch
4 Github repositories
9.1
CVSSv3
CVE-2020-7452
In FreeBSD 12.1-STABLE before r357490, 12.1-RELEASE prior to 12.1-RELEASE-p3, 11.3-STABLE before r357489, and 11.3-RELEASE prior to 11.3-RELEASE-p7, incorrect use of a user-controlled pointer in the epair virtual network module allowed vnet jailed privileged users to panic the ho...
Freebsd Freebsd 11.3
Freebsd Freebsd 12.1
9.1
CVSSv3
CVE-2019-5597
In FreeBSD 11.3-PRERELEASE and 12.0-STABLE before r347591, 11.2-RELEASE prior to 11.2-RELEASE-p10, and 12.0-RELEASE prior to 12.0-RELEASE-p4, a bug in the pf IPv6 fragment reassembly logic incorrectly uses the last extension header offset from the last received packet instead of ...
Freebsd Freebsd 11.2
Freebsd Freebsd 12.0
9.1
CVSSv3
CVE-2019-0040
On Junos OS, rpcbind should only be listening to port 111 on the internal routing instance (IRI). External packets destined to port 111 should be dropped. Due to an information leak vulnerability, responses were being generated from the source address of the management interface ...
Juniper Junos 15.1
Juniper Junos 15.1x53
Juniper Junos 16.1
Juniper Junos 16.2
Juniper Junos 17.1
Juniper Junos 17.2
Juniper Junos 17.3
Juniper Junos 17.4
8.8
CVSSv3
CVE-2023-3494
The fwctl driver implements a state machine which is executed when a bhyve guest accesses certain x86 I/O ports. The interface lets the guest copy a string into a buffer resident in the bhyve process' memory. A bug in the state machine implementation can result in a buffer o...
Freebsd Freebsd 13.1
Freebsd Freebsd 13.2
8.8
CVSSv3
CVE-2020-7468
In FreeBSD 12.2-STABLE before r365772, 11.4-STABLE before r365773, 12.1-RELEASE before p10, 11.4-RELEASE before p4 and 11.3-RELEASE before p14 a ftpd(8) bug in the implementation of the file system sandbox, combined with capabilities available to an authenticated FTP user, can be...
Freebsd Freebsd 11.3
Freebsd Freebsd 12.1
Freebsd Freebsd 11.4
Freebsd Freebsd 12.2
8.8
CVSSv3
CVE-2020-29569
An issue exists in the Linux kernel up to and including 5.10.1, as used with Xen up to and including 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to reset ring->xenblkd to NULL when stopped. However, the handler may not have time to run if the fr...
Xen Xen
Linux Linux Kernel
Netapp Hci Compute Node Bios -
Netapp Solidfire \\& Hci Management Node -
Netapp Solidfire \\& Hci Storage Node -
Debian Debian Linux 9.0
Debian Debian Linux 10.0
8.8
CVSSv3
CVE-2019-5602
In FreeBSD 12.0-STABLE before r349628, 12.0-RELEASE prior to 12.0-RELEASE-p7, 11.3-PRERELEASE before r349629, 11.3-RC3 prior to 11.3-RC3-p1, and 11.2-RELEASE prior to 11.2-RELEASE-p11, a bug in the cdrom driver allows users with read access to the cdrom device to arbitrarily over...
Freebsd Freebsd 11.2
Freebsd Freebsd 11.3
Freebsd Freebsd 12.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »