Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freebsd freebsd vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2002-1125
FreeBSD port programs that use libkvm for FreeBSD 4.6.2-RELEASE and previous versions, including (1) asmon, (2) ascpu, (3) bubblemon, (4) wmmon, and (5) wmnet2, leave open file descriptors for /dev/mem and /dev/kmem, which allows local users to read kernel memory.
Freebsd Freebsd 4.5
Freebsd Freebsd 4.6
Freebsd Freebsd 4.2
Freebsd Freebsd 4.3
Freebsd Freebsd 4.4
4 EDB exploits
7.2
CVSSv2
CVE-2000-0998
Format string vulnerability in top program allows local malicious users to gain root privileges via the "kill" or "renice" function.
Freebsd Freebsd 4.0
Freebsd Freebsd 4.1
Freebsd Freebsd 4.1.1
Freebsd Freebsd 3.5.1
Freebsd Freebsd 3.5
2 EDB exploits
1 Github repository
2.1
CVSSv2
CVE-2008-0216
The ptsname function in FreeBSD 6.0 up to and including 7.0-PRERELEASE does not properly verify that a certain portion of a device name is associated with a pty of a user who is calling the pt_chown function, which might allow local users to read data from the pty from another us...
Freebsd Freebsd 6.1
Freebsd Freebsd 7.0
Freebsd Freebsd 6.0
Freebsd Freebsd 6.2
Freebsd Freebsd 6.3
7.2
CVSSv2
CVE-2010-2693
FreeBSD 7.1 up to and including 8.1-PRERELEASE does not copy the read-only flag when creating a duplicate mbuf buffer reference, which allows local users to cause a denial of service (system file corruption) and gain privileges via the sendfile system call.
Freebsd Freebsd 7.1
Freebsd Freebsd 7.2
Freebsd Freebsd 7.3
Freebsd Freebsd 8.0
Freebsd Freebsd 8.1
1 EDB exploit
5
CVSSv2
CVE-2016-1888
The telnetd service in FreeBSD 9.3, 10.1, 10.2, 10.3, and 11.0 allows remote malicious users to inject arguments to login and bypass authentication via vectors involving a "sequence of memory allocation failures."
Freebsd Freebsd 10.2
Freebsd Freebsd 9.3
Freebsd Freebsd 11.0
Freebsd Freebsd 10.1
Freebsd Freebsd 10.3
5
CVSSv2
CVE-2014-3711
namei in FreeBSD 9.1 up to and including 10.1-RC2 allows remote malicious users to cause a denial of service (memory exhaustion) via vectors that trigger a sandboxed process to look up a large number of nonexistent path names.
Freebsd Freebsd 9.2
Freebsd Freebsd 10.1
Freebsd Freebsd 9.1
Freebsd Freebsd 9.3
Freebsd Freebsd 10.0
10
CVSSv2
CVE-2014-3954
Stack-based buffer overflow in rtsold in FreeBSD 9.1 up to and including 10.1-RC2 allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via crafted DNS parameters in a router advertisement message.
Freebsd Freebsd 9.2
Freebsd Freebsd 10.1
Freebsd Freebsd 9.1
Freebsd Freebsd 9.3
Freebsd Freebsd 10.0
4.7
CVSSv2
CVE-2009-4358
freebsd-update in FreeBSD 8.0, 7.2, 7.1, 6.4, and 6.3 uses insecure permissions in its working directory (/var/db/freebsd-update by default), which allows local users to read copies of sensitive files after a (1) freebsd-update fetch (fetch) or (2) freebsd-update upgrade (upgrade...
Freebsd Freebsd 8.0
Freebsd Freebsd 7.2
Freebsd Freebsd 7.1
Freebsd Freebsd 6.4
Freebsd Freebsd 6.3
4.9
CVSSv2
CVE-2009-1436
The db interface in libc in FreeBSD 6.3, 6.4, 7.0, 7.1, and 7.2-PRERELEASE does not properly initialize memory for Berkeley DB 1.85 database structures, which allows local users to obtain sensitive information by reading a database file.
Freebsd Freebsd 7.2
Freebsd Freebsd 7.1
Freebsd Freebsd 7.0
Freebsd Freebsd 6.3
Freebsd Freebsd 6.4
1 EDB exploit
1 Article
4.9
CVSSv2
CVE-2009-1935
Integer overflow in the pipe_build_write_buffer function (sys/kern/sys_pipe.c) in the direct write optimization feature in the pipe implementation in FreeBSD 7.1 up to and including 7.2 and 6.3 up to and including 6.4 allows local users to bypass virtual-to-physical address looku...
Freebsd Freebsd 7.1
Freebsd Freebsd 7.2
Freebsd Freebsd 6.4
Freebsd Freebsd 6.3
Freebsd Freebsd 6.3 Releng
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »