Filtered by vendor Freebsd
Subscriptions
Filtered by product Freebsd
Subscriptions
Total
576 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2655 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| The build process for ypserv in FreeBSD 5.3 up to 6.1 accidentally disables access restrictions when using the /var/yp/securenets file, which allows remote attackers to bypass intended access restrictions. | ||||
| CVE-2006-4172 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| Integer overflow vulnerability in the i386_set_ldt call in FreeBSD 5.5, and possibly earlier versions down to 5.2, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2006-4178. | ||||
| CVE-2006-0054 | 1 Freebsd | 1 Freebsd | 2026-04-16 | 5.3 Medium |
| The ipfw firewall in FreeBSD 6.0-RELEASE allows remote attackers to cause a denial of service (firewall crash) via ICMP IP fragments that match a reset, reject or unreach action, which leads to an access of an uninitialized pointer. | ||||
| CVE-2006-1056 | 3 Freebsd, Linux, Redhat | 3 Freebsd, Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one process to determine portions of the state of floating point instructions of other processes, which can be leveraged to obtain sensitive information such as cryptographic keys. NOTE: this is the documented behavior of AMD64 processors, but it is inconsistent with Intel processors in a security-relevant fashion that was not addressed by the kernels. | ||||
| CVE-2006-0226 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| Integer overflow in IEEE 802.11 network subsystem (ieee80211_ioctl.c) in FreeBSD before 6.0-STABLE, while scanning for wireless networks, allows remote attackers to execute arbitrary code by broadcasting crafted (1) beacon or (2) probe response frames. | ||||
| CVE-2006-1283 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| opiepasswd in One-Time Passwords in Everything (OPIE) in FreeBSD 4.10-RELEASE-p22 through 6.1-STABLE before 20060322 uses the getlogin function to determine the invoking user account, which might allow local users to configure OPIE access to the root account and possibly gain root privileges if a root shell is permitted by the configuration of the wheel group or sshd. | ||||
| CVE-2006-0379 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| FreeBSD kernel 5.4-STABLE and 6.0 does not completely initialize a buffer before making it available to userland, which could allow local users to read portions of kernel memory. | ||||
| CVE-2006-0380 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| A logic error in FreeBSD kernel 5.4-STABLE and 6.0 causes the kernel to calculate an incorrect buffer length, which causes more data to be copied to userland than intended, which could allow local users to read portions of kernel memory. | ||||
| CVE-2006-0381 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| A logic error in the IP fragment cache functionality in pf in FreeBSD 5.3, 5.4, and 6.0, and OpenBSD, when a 'scrub fragment crop' or 'scrub fragment drop-ovl' rule is being used, allows remote attackers to cause a denial of service (crash) via crafted packets that cause a packet fragment to be inserted twice. | ||||
| CVE-2006-0433 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| Selective Acknowledgement (SACK) in FreeBSD 5.3 and 5.4 does not properly handle an incoming selective acknowledgement when there is insufficient memory, which might allow remote attackers to cause a denial of service (infinite loop). | ||||
| CVE-2003-0015 | 3 Cvs, Freebsd, Redhat | 4 Cvs, Freebsd, Enterprise Linux and 1 more | 2026-04-16 | N/A |
| Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Checkin-prog commands. | ||||
| CVE-2004-0171 | 2 Freebsd, Openbsd | 2 Freebsd, Openbsd | 2026-04-16 | N/A |
| FreeBSD 5.1 and earlier, and Mac OS X before 10.3.4, allows remote attackers to cause a denial of service (resource exhaustion of memory buffers and system crash) via a large number of out-of-sequence TCP packets, which prevents the operating system from creating new connections. | ||||
| CVE-2025-0662 | 1 Freebsd | 1 Freebsd | 2026-04-15 | 4.9 Medium |
| In some cases, the ktrace facility will log the contents of kernel structures to userspace. In one such case, ktrace dumps a variable-sized sockaddr to userspace. There, the full sockaddr is copied, even when it is shorter than the full size. This can result in up to 14 uninitialized bytes of kernel memory being copied out to userspace. It is possible for an unprivileged userspace program to leak 14 bytes of a kernel heap allocation to userspace. | ||||
| CVE-2024-45289 | 1 Freebsd | 1 Freebsd | 2026-04-15 | 7.5 High |
| The fetch(3) library uses environment variables for passing certain information, including the revocation file pathname. The environment variable name used by fetch(1) to pass the filename to the library was incorrect, in effect ignoring the option. Fetch would still connect to a host presenting a certificate included in the revocation file passed to the --crl option. | ||||
| CVE-2025-0373 | 2 Freebsd, Netapp | 2 Freebsd, Ontap | 2026-04-15 | 6 Medium |
| On 64-bit systems, the implementation of VOP_VPTOFH() in the cd9660, tarfs and ext2fs filesystems overflows the destination FID buffer by 4 bytes, a stack buffer overflow. A NFS server that exports a cd9660, tarfs, or ext2fs file system can be made to panic by mounting and accessing the export with an NFS client. Further exploitation (e.g., bypassing file permission checking or remote kernel code execution) is potentially possible, though this has not been demonstrated. In particular, release kernels are compiled with stack protection enabled, and some instances of the overflow are caught by this mechanism, causing a panic. | ||||
| CVE-2024-51565 | 1 Freebsd | 1 Freebsd | 2026-04-15 | 6.5 Medium |
| The hda driver is vulnerable to a buffer over-read from a guest-controlled value. | ||||
| CVE-2024-51566 | 1 Freebsd | 1 Freebsd | 2026-04-15 | 6.5 Medium |
| The NVMe driver queue processing is vulernable to guest-induced infinite loops. | ||||
| CVE-2024-51563 | 1 Freebsd | 1 Freebsd | 2026-04-15 | 6.5 Medium |
| The virtio_vq_recordon function is subject to a time-of-check to time-of-use (TOCTOU) race condition. | ||||
| CVE-2024-41721 | 1 Freebsd | 1 Freebsd | 2026-04-15 | 8.1 High |
| An insufficient boundary validation in the USB code could lead to an out-of-bounds read on the heap, which could potentially lead to an arbitrary write and remote code execution. | ||||
| CVE-2024-45288 | 1 Freebsd | 1 Freebsd | 2026-04-15 | 8.4 High |
| A missing null-termination character in the last element of an nvlist array string can lead to writing outside the allocated buffer. | ||||