Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freebsd vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2010-4210
The pfs_getextattr function in FreeBSD 7.x prior to 7.3-RELEASE and 8.x prior to 8.0-RC1 unlocks a mutex that was not previously locked, which allows local users to cause a denial of service (kernel panic), overwrite arbitrary memory locations, and possibly execute arbitrary code...
Freebsd Freebsd
Freebsd Freebsd 8.0
1 EDB exploit
7.8
CVSSv3
CVE-2005-1036
FreeBSD 5.x to 5.4 on AMD64 does not properly initialize the IO permission bitmap used to allow user access to certain hardware, which allows local users to bypass intended access restrictions to cause a denial of service, obtain sensitive information, and possibly gain privilege...
Freebsd Freebsd
7.6
CVSSv3
CVE-2020-7467
In FreeBSD 12.2-STABLE before r365767, 11.4-STABLE before r365769, 12.1-RELEASE before p10, 11.4-RELEASE before p4 and 11.3-RELEASE before p14 a number of AMD virtualization instructions operate on host physical addresses, are not subject to nested page table translation, and gue...
Freebsd Freebsd 11.3
Freebsd Freebsd 11.4
Freebsd Freebsd 12.1
Freebsd Freebsd 12.2
7.5
CVSSv3
CVE-2023-6534
In versions of FreeBSD 14.0-RELEASE prior to 14-RELEASE-p2, FreeBSD 13.2-RELEASE prior to 13.2-RELEASE-p7 and FreeBSD 12.4-RELEASE prior to 12.4-RELEASE-p9, the pf(4) packet filter incorrectly validates TCP sequence numbers. This could allow a malicious actor to execute a denial-...
Freebsd Freebsd 12.4
Freebsd Freebsd 13.2
Freebsd Freebsd 14.0
7.5
CVSSv3
CVE-2023-5978
In versions of FreeBSD 13-RELEASE prior to 13-RELEASE-p5, under certain circumstances the cap_net libcasper(3) service incorrectly validates that updated constraints are strictly subsets of the active constraints. When only a list of resolvable domain names was specified without ...
Freebsd Freebsd 13.2
Freebsd Freebsd
7.5
CVSSv3
CVE-2023-4809
In pf packet processing with a 'scrub fragment reassemble' rule, a packet containing multiple IPv6 fragment headers would be reassembled, and then immediately processed. That is, a packet with multiple fragment extension headers would not be recognized as the correct ul...
Freebsd Freebsd 12.4
Freebsd Freebsd
Freebsd Freebsd 13.2
7.5
CVSSv3
CVE-2023-3107
A set of carefully crafted ipv6 packets can trigger an integer overflow in the calculation of a fragment reassembled packet's payload length field. This allows an malicious user to trigger a kernel panic, resulting in a denial of service.
Freebsd Freebsd 12.4
Freebsd Freebsd 13.1
Freebsd Freebsd 13.2
Netapp Clustered Data Ontap 9.0
7.5
CVSSv3
CVE-2022-32264
sys/netinet/tcp_timer.h in FreeBSD prior to 7.0 contains a denial-of-service (DoS) vulnerability due to improper handling of TSopt on TCP connections. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Freebsd Freebsd
7.5
CVSSv3
CVE-2021-29632
In FreeBSD 13.0-STABLE before n247428-9352de39c3dc, 12.2-STABLE before r370674, 13.0-RELEASE before p6, and 12.2-RELEASE before p12, certain conditions involving use of the highlight buffer while text is scrolling on the console, console data may overwrite data structures associa...
Freebsd Freebsd 12.2
Freebsd Freebsd 13.0
7.5
CVSSv3
CVE-2010-4816
It was found in FreeBSD 8.0, 6.3 and 4.9, and OpenBSD 4.6 that a null pointer dereference in ftpd/popen.c may lead to remote denial of service of the ftpd service.
Openbsd Openbsd 4.6
Openbsd Openbsd 4.9
Openbsd Openbsd 6.3
Openbsd Openbsd 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »