Filtered by vendor Freebsd
Subscriptions
Total
602 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0126 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| The jail_attach system call in FreeBSD 5.1 and 5.2 changes the directory of a calling process even if the process doesn't have permission to change directory, which allows local users to gain read/write privileges to files and directories within another jail. | ||||
| CVE-2002-0824 | 1 Freebsd | 1 Point-to-point Protocol Daemon | 2026-04-16 | N/A |
| BSD pppd allows local users to change the permissions of arbitrary files via a symlink attack on a file that is specified as a tty device. | ||||
| CVE-2003-0466 | 7 Apple, Freebsd, Netbsd and 4 more | 10 Mac Os X, Mac Os X Server, Freebsd and 7 more | 2026-04-16 | 9.8 Critical |
| Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO. | ||||
| CVE-2003-1234 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| Integer overflow in the f_count counter in FreeBSD before 4.2 through 5.0 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via multiple calls to (1) fpathconf and (2) lseek, which do not properly decrement f_count through a call to fdrop. | ||||
| CVE-2002-1219 | 3 Freebsd, Isc, Openbsd | 3 Freebsd, Bind, Openbsd | 2026-04-16 | N/A |
| Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR). | ||||
| CVE-2002-0830 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| Network File System (NFS) in FreeBSD 4.6.1 RELEASE-p7 and earlier, NetBSD 1.5.3 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service (hang) via an RPC message with a zero length payload, which causes NFS to reference a previous payload and enter an infinite loop. | ||||
| CVE-1999-0130 | 7 Bsdi, Caldera, Eric Allman and 4 more | 7 Bsd Os, Network Desktop, Sendmail and 4 more | 2026-04-16 | N/A |
| Local users can start Sendmail in daemon mode and gain root privileges. | ||||
| CVE-2001-0424 | 2 Freebsd, Timecop | 2 Freebsd, Bubblemon | 2026-04-16 | N/A |
| BubbleMon 1.31 does not properly drop group privileges before executing programs, which allows local users to execute arbitrary commands with the kmem group id. | ||||
| CVE-2001-1034 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| Format string vulnerability in Hylafax on FreeBSD allows local users to execute arbitrary code via format specifiers in the -h hostname argument for (1) faxrm or (2) faxalter. | ||||
| CVE-1999-0322 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| The open() function in FreeBSD allows local attackers to write to arbitrary files. | ||||
| CVE-2002-0572 | 3 Freebsd, Openbsd, Sun | 4 Freebsd, Openbsd, Solaris and 1 more | 2026-04-16 | N/A |
| FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which may then be reused by a called setuid process that intended to perform I/O on normal files. | ||||
| CVE-2002-2199 | 1 Freebsd | 1 Advanced Intrusion Detection Environment | 2026-04-16 | N/A |
| The default aide.conf file in Advanced Intrusion Detection Environment (AIDE) before 0.7_1 on FreeBSD before 2002-08-28 does not properly check subdirectories, which could allow local users to bypass detection. | ||||
| CVE-1999-0074 | 4 Freebsd, Linux, Microsoft and 1 more | 4 Freebsd, Linux Kernel, Windows Nt and 1 more | 2026-04-16 | N/A |
| Listening TCP ports are sequentially allocated, allowing spoofing attacks. | ||||
| CVE-2003-0078 | 4 Freebsd, Openbsd, Openssl and 1 more | 6 Freebsd, Openbsd, Openssl and 3 more | 2026-04-16 | N/A |
| ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the "Vaudenay timing attack." | ||||
| CVE-1999-0037 | 2 Freebsd, Redhat | 2 Freebsd, Linux | 2026-04-16 | N/A |
| Arbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail. | ||||
| CVE-2005-1399 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| FreeBSD 4.6 to 4.11 and 5.x to 5.4 uses insecure default permissions for the /dev/iir device, which allows local users to execute restricted ioctl calls to read or modify data on hardware that is controlled by the iir driver. | ||||
| CVE-1999-0855 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| Buffer overflow in FreeBSD gdc program. | ||||
| CVE-1999-1385 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| Buffer overflow in ppp program in FreeBSD 2.1 and earlier allows local users to gain privileges via a long HOME environment variable. | ||||
| CVE-1999-1402 | 2 Freebsd, Sun | 3 Freebsd, Solaris, Sunos | 2026-04-16 | N/A |
| The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket. | ||||
| CVE-2002-1915 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2026-04-16 | 5.5 Medium |
| tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file. | ||||