Filtered by vendor Freebsd
Subscriptions
Total
558 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1471 | 6 Cvs, Freebsd, Gentoo and 3 more | 6 Cvs, Freebsd, Linux and 3 more | 2025-04-03 | N/A |
| Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line. | ||||
| CVE-2005-0109 | 5 Freebsd, Redhat, Sco and 2 more | 9 Freebsd, Enterprise Linux, Enterprise Linux Desktop and 6 more | 2025-04-03 | N/A |
| Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses. | ||||
| CVE-2005-0610 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| Multiple symlink vulnerabilities in portupgrade before 20041226_2 in FreeBSD allow local users to (1) overwrite arbitrary files and possibly replace packages to execute arbitrary code via pkg_fetch, (2) overwrite arbitrary files via temporary files when portupgrade upgrades a port or package, or (3) create arbitrary zero-byte files via the pkgdb.fixme temporary file. | ||||
| CVE-2005-1126 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| The SIOCGIFCONF ioctl (ifconf function) in FreeBSD 4.x through 4.11 and 5.x through 5.4 does not properly clear a buffer before using it, which allows local users to obtain portions of sensitive kernel memory. | ||||
| CVE-2005-1399 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| FreeBSD 4.6 to 4.11 and 5.x to 5.4 uses insecure default permissions for the /dev/iir device, which allows local users to execute restricted ioctl calls to read or modify data on hardware that is controlled by the iir driver. | ||||
| CVE-2005-1400 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| The i386_get_ldt system call in FreeBSD 4.7 to 4.11 and 5.x to 5.4 allows local users to access sensitive kernel memory via arguments with negative or very large values. | ||||
| CVE-2005-2068 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| FreeBSD 4.x through 4.11 and 5.x through 5.4 allows remote attackers to modify certain TCP options via a TCP packet with the SYN flag set for an already established session. | ||||
| CVE-2005-2218 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| The device file system (devfs) in FreeBSD 5.x does not properly check parameters of the node type when creating a device node, which makes hidden devices available to attackers, who can then bypass restrictions on a jailed process. | ||||
| CVE-2005-2359 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| The AES-XCBC-MAC algorithm in IPsec in FreeBSD 5.3 and 5.4, when used for authentication without other encryption, uses a constant key instead of the one that was assigned by the system administrator, which can allow remote attackers to spoof packets to establish an IPsec session. | ||||
| CVE-2006-0054 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 5.3 Medium |
| The ipfw firewall in FreeBSD 6.0-RELEASE allows remote attackers to cause a denial of service (firewall crash) via ICMP IP fragments that match a reset, reject or unreach action, which leads to an access of an uninitialized pointer. | ||||
| CVE-2006-0379 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| FreeBSD kernel 5.4-STABLE and 6.0 does not completely initialize a buffer before making it available to userland, which could allow local users to read portions of kernel memory. | ||||
| CVE-2006-0380 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| A logic error in FreeBSD kernel 5.4-STABLE and 6.0 causes the kernel to calculate an incorrect buffer length, which causes more data to be copied to userland than intended, which could allow local users to read portions of kernel memory. | ||||
| CVE-2006-0381 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| A logic error in the IP fragment cache functionality in pf in FreeBSD 5.3, 5.4, and 6.0, and OpenBSD, when a 'scrub fragment crop' or 'scrub fragment drop-ovl' rule is being used, allows remote attackers to cause a denial of service (crash) via crafted packets that cause a packet fragment to be inserted twice. | ||||
| CVE-2006-0433 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| Selective Acknowledgement (SACK) in FreeBSD 5.3 and 5.4 does not properly handle an incoming selective acknowledgement when there is insufficient memory, which might allow remote attackers to cause a denial of service (infinite loop). | ||||
| CVE-2006-0883 | 2 Freebsd, Openbsd | 2 Freebsd, Openssh | 2025-04-03 | N/A |
| OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not properly handle when a forked child process terminates during PAM authentication, which allows remote attackers to cause a denial of service (client connection refusal) by connecting multiple times to the SSH server, waiting for the password prompt, then disconnecting. | ||||
| CVE-2006-0900 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| nfsd in FreeBSD 6.0 kernel allows remote attackers to cause a denial of service via a crafted NFS mount request, as demonstrated by the ProtoVer NFS test suite. | ||||
| CVE-2006-1283 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| opiepasswd in One-Time Passwords in Everything (OPIE) in FreeBSD 4.10-RELEASE-p22 through 6.1-STABLE before 20060322 uses the getlogin function to determine the invoking user account, which might allow local users to configure OPIE access to the root account and possibly gain root privileges if a root shell is permitted by the configuration of the wheel group or sshd. | ||||
| CVE-2006-2654 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| Directory traversal vulnerability in smbfs smbfs on FreeBSD 4.10 up to 6.1 allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences. NOTE: this is similar to CVE-2006-1864, but this is a different implementation of smbfs, so it has a different CVE identifier. | ||||
| CVE-2006-2655 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| The build process for ypserv in FreeBSD 5.3 up to 6.1 accidentally disables access restrictions when using the /var/yp/securenets file, which allows remote attackers to bypass intended access restrictions. | ||||
| CVE-2006-4178 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| Integer signedness error in the i386_set_ldt call in FreeBSD 5.5, and possibly earlier versions down to 5.2, allows local users to cause a denial of service (crash) via unspecified arguments that use negative signed integers to cause the bzero function to be called with a large length parameter, a different vulnerability than CVE-2006-4172. | ||||