Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freebsd freebsd 13.2 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-5941
In versions of FreeBSD 12.4-RELEASE before 12.4-RELEASE-p7 and FreeBSD 13.2-RELEASE before 13.2-RELEASE-p5 the __sflush() stdio function in libc does not correctly update FILE objects' write space members for write-buffered streams when the write(2) system call returns an er...
Freebsd Freebsd 12.4
Freebsd Freebsd
Freebsd Freebsd 13.2
9.8
CVSSv3
CVE-2023-3326
pam_krb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket (tgt) from the Kerberos KDC (Key Distribution Center) over the network, as a way to verify the password. However, if a keytab is not provisioned on the system, pam_krb5 ...
Freebsd Freebsd 12.4
Freebsd Freebsd 13.1
Freebsd Freebsd
Freebsd Freebsd 13.2
8.8
CVSSv3
CVE-2023-3494
The fwctl driver implements a state machine which is executed when a bhyve guest accesses certain x86 I/O ports. The interface lets the guest copy a string into a buffer resident in the bhyve process' memory. A bug in the state machine implementation can result in a buffer o...
Freebsd Freebsd 13.1
Freebsd Freebsd 13.2
7.5
CVSSv3
CVE-2023-6534
In versions of FreeBSD 14.0-RELEASE prior to 14-RELEASE-p2, FreeBSD 13.2-RELEASE prior to 13.2-RELEASE-p7 and FreeBSD 12.4-RELEASE prior to 12.4-RELEASE-p9, the pf(4) packet filter incorrectly validates TCP sequence numbers. This could allow a malicious actor to execute a denial-...
Freebsd Freebsd 12.4
Freebsd Freebsd 13.2
Freebsd Freebsd 14.0
7.5
CVSSv3
CVE-2023-5978
In versions of FreeBSD 13-RELEASE prior to 13-RELEASE-p5, under certain circumstances the cap_net libcasper(3) service incorrectly validates that updated constraints are strictly subsets of the active constraints. When only a list of resolvable domain names was specified without ...
Freebsd Freebsd 13.2
Freebsd Freebsd
7.5
CVSSv3
CVE-2023-4809
In pf packet processing with a 'scrub fragment reassemble' rule, a packet containing multiple IPv6 fragment headers would be reassembled, and then immediately processed. That is, a packet with multiple fragment extension headers would not be recognized as the correct ul...
Freebsd Freebsd 12.4
Freebsd Freebsd
Freebsd Freebsd 13.2
7.5
CVSSv3
CVE-2023-3107
A set of carefully crafted ipv6 packets can trigger an integer overflow in the calculation of a fragment reassembled packet's payload length field. This allows an malicious user to trigger a kernel panic, resulting in a denial of service.
Freebsd Freebsd 12.4
Freebsd Freebsd 13.1
Freebsd Freebsd 13.2
Netapp Clustered Data Ontap 9.0
7.1
CVSSv3
CVE-2023-5369
Before correction, the copy_file_range system call checked only for the CAP_READ and CAP_WRITE capabilities on the input and output file descriptors, respectively. Using an offset is logically equivalent to seeking, and the system call must additionally require the CAP_SEEK capab...
Freebsd Freebsd 13.2
6.5
CVSSv3
CVE-2023-6660
When a program running on an affected system appends data to a file via an NFS client mount, the bug can cause the NFS client to fail to copy in the data to be written but proceed as though the copy operation had succeeded. This means that the data to be written is instead replac...
Freebsd Freebsd 13.2
Freebsd Freebsd 14.0
6.5
CVSSv3
CVE-2023-5368
On an msdosfs filesystem, the 'truncate' or 'ftruncate' system calls under certain circumstances populate the additional space in the file with unallocated data from the underlying disk device, rather than zero bytes. This may permit a user with write access t...
Freebsd Freebsd 12.4
Freebsd Freebsd
Freebsd Freebsd 13.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »