Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freebsd vulnerabilities and exploits
(subscribe to this query)
418
VMScore
CVE-2009-4358
freebsd-update in FreeBSD 8.0, 7.2, 7.1, 6.4, and 6.3 uses insecure permissions in its working directory (/var/db/freebsd-update by default), which allows local users to read copies of sensitive files after a (1) freebsd-update fetch (fetch) or (2) freebsd-update upgrade (upgrade...
Freebsd Freebsd 8.0
Freebsd Freebsd 7.2
Freebsd Freebsd 7.1
Freebsd Freebsd 6.4
Freebsd Freebsd 6.3
668
VMScore
CVE-2016-6559
Improper bounds checking of the obuf variable in the link_ntoa() function in linkaddr.c of the BSD libc library may allow an malicious user to read or write from memory. The full impact and severity depends on the method of exploit and how the library is used by applications. Acc...
Freebsd Freebsd 10.1
Freebsd Freebsd 10.3
Freebsd Freebsd 11.0
Freebsd Freebsd 9.3
Freebsd Freebsd 10.2
445
VMScore
CVE-2016-1888
The telnetd service in FreeBSD 9.3, 10.1, 10.2, 10.3, and 11.0 allows remote malicious users to inject arguments to login and bypass authentication via vectors involving a "sequence of memory allocation failures."
Freebsd Freebsd 10.2
Freebsd Freebsd 9.3
Freebsd Freebsd 11.0
Freebsd Freebsd 10.1
Freebsd Freebsd 10.3
641
VMScore
CVE-2000-0235
Buffer overflow in the huh program in the orville-write package allows local users to gain root privileges.
Freebsd Freebsd 3.0
Freebsd Freebsd 3.3
Freebsd Freebsd 3.4
Freebsd Freebsd 3.1
Freebsd Freebsd 3.2
495
VMScore
CVE-2009-1436
The db interface in libc in FreeBSD 6.3, 6.4, 7.0, 7.1, and 7.2-PRERELEASE does not properly initialize memory for Berkeley DB 1.85 database structures, which allows local users to obtain sensitive information by reading a database file.
Freebsd Freebsd 7.2
Freebsd Freebsd 7.1
Freebsd Freebsd 7.0
Freebsd Freebsd 6.3
Freebsd Freebsd 6.4
1 EDB exploit
1 Article
725
VMScore
CVE-2011-4062
Buffer overflow in the kernel in FreeBSD 7.3 up to and including 9.0-RC1 allows local users to cause a denial of service (panic) or possibly gain privileges via a bind system call with a long pathname for a UNIX socket.
Freebsd Freebsd 9.0
Freebsd Freebsd 8.1
Freebsd Freebsd 8.2
Freebsd Freebsd 7.3
Freebsd Freebsd 7.4
1 EDB exploit
694
VMScore
CVE-2014-3000
The TCP reassembly function in the inet module in FreeBSD 8.3 before p16, 8.4 before p9, 9.1 before p12, 9.2 before p5, and 10.0 before p2 allows remote malicious users to cause a denial of service (undefined memory access and system crash) or possibly read system memory via mult...
Freebsd Freebsd 9.1
Freebsd Freebsd 8.3
Freebsd Freebsd 9.2
Freebsd Freebsd 10.0
Freebsd Freebsd 8.4
436
VMScore
CVE-2009-1935
Integer overflow in the pipe_build_write_buffer function (sys/kern/sys_pipe.c) in the direct write optimization feature in the pipe implementation in FreeBSD 7.1 up to and including 7.2 and 6.3 up to and including 6.4 allows local users to bypass virtual-to-physical address looku...
Freebsd Freebsd 7.1
Freebsd Freebsd 7.2
Freebsd Freebsd 6.4
Freebsd Freebsd 6.3
Freebsd Freebsd 6.3 Releng
445
VMScore
CVE-2014-3711
namei in FreeBSD 9.1 up to and including 10.1-RC2 allows remote malicious users to cause a denial of service (memory exhaustion) via vectors that trigger a sandboxed process to look up a large number of nonexistent path names.
Freebsd Freebsd 9.2
Freebsd Freebsd 10.1
Freebsd Freebsd 9.1
Freebsd Freebsd 9.3
Freebsd Freebsd 10.0
725
VMScore
CVE-2008-5736
Multiple unspecified vulnerabilities in FreeBSD 6 prior to 6.4-STABLE, 6.3 prior to 6.3-RELEASE-p7, 6.4 prior to 6.4-RELEASE-p1, 7.0 prior to 7.0-RELEASE-p7, 7.1 prior to 7.1-RC2, and 7 prior to 7.1-PRERELEASE allow local users to gain privileges via unknown attack vectors relate...
Freebsd Freebsd 6.0
Freebsd Freebsd 6.3
Freebsd Freebsd 7.0
Freebsd Freebsd 7.1
Freebsd Freebsd 6.4
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »