Filtered by vendor Freebsd
Subscriptions
Total
530 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-1436 | 1 Freebsd | 1 Freebsd | 2016-11-28 | N/A |
| The db interface in libc in FreeBSD 6.3, 6.4, 7.0, 7.1, and 7.2-PRERELEASE does not properly initialize memory for Berkeley DB 1.85 database structures, which allows local users to obtain sensitive information by reading a database file. | ||||
| CVE-2002-1125 | 1 Freebsd | 1 Freebsd | 2016-10-18 | N/A |
| FreeBSD port programs that use libkvm for FreeBSD 4.6.2-RELEASE and earlier, including (1) asmon, (2) ascpu, (3) bubblemon, (4) wmmon, and (5) wmnet2, leave open file descriptors for /dev/mem and /dev/kmem, which allows local users to read kernel memory. | ||||
| CVE-2002-0973 | 1 Freebsd | 1 Freebsd | 2016-10-18 | N/A |
| Integer signedness error in several system calls for FreeBSD 4.6.1 RELEASE-p10 and earlier may allow attackers to access sensitive kernel memory via large negative values to the (1) accept, (2) getsockname, and (3) getpeername system calls, and the (4) vesa FBIO_GETPALETTE ioctl. | ||||
| CVE-2002-0831 | 1 Freebsd | 1 Freebsd | 2016-10-18 | N/A |
| The kqueue mechanism in FreeBSD 4.3 through 4.6 STABLE allows local users to cause a denial of service (kernel panic) via a pipe call in which one end is terminated and an EVFILT_WRITE filter is registered for the other end. | ||||
| CVE-2002-0829 | 1 Freebsd | 1 Freebsd | 2016-10-18 | N/A |
| Integer overflow in the Berkeley Fast File System (FFS) in FreeBSD 4.6.1 RELEASE-p4 and earlier allows local users to access arbitrary file contents within FFS to gain privileges by creating a file that is larger than allowed by the virtual memory system. | ||||
| CVE-2002-0820 | 1 Freebsd | 1 Freebsd | 2016-10-18 | N/A |
| FreeBSD kernel 4.6 and earlier closes the file descriptors 0, 1, and 2 after they have already been assigned to /dev/null when the descriptors reference procfs or linprocfs, which could allow local users to reuse the file descriptors in a setuid or setgid program to modify critical data and gain privileges. | ||||
| CVE-2002-0701 | 2 Freebsd, Openbsd | 2 Freebsd, Openbsd | 2016-10-18 | N/A |
| ktrace in BSD-based operating systems allows the owner of a process with special privileges to trace the process after its privileges have been lowered, which may allow the owner to obtain sensitive information that the process obtained while it was running with the extra privileges. | ||||
| CVE-2001-0424 | 2 Freebsd, Timecop | 2 Freebsd, Bubblemon | 2016-10-18 | N/A |
| BubbleMon 1.31 does not properly drop group privileges before executing programs, which allows local users to execute arbitrary commands with the kmem group id. | ||||
| CVE-1999-1517 | 1 Freebsd | 1 Freebsd | 2016-10-18 | N/A |
| runtar in the Amanda backup system used in various UNIX operating systems executes tar with root privileges, which allows a user to overwrite or read arbitrary files by providing the target files to runtar. | ||||
| CVE-1999-1385 | 1 Freebsd | 1 Freebsd | 2016-10-18 | N/A |
| Buffer overflow in ppp program in FreeBSD 2.1 and earlier allows local users to gain privileges via a long HOME environment variable. | ||||
| CVE-1999-1339 | 2 Freebsd, Linux | 2 Freebsd, Linux Kernel | 2016-10-18 | N/A |
| Vulnerability when Network Address Translation (NAT) is enabled in Linux 2.2.10 and earlier with ipchains, or FreeBSD 3.2 with ipfw, allows remote attackers to cause a denial of service (kernel panic) via a ping -R (record route) command. | ||||
| CVE-1999-1008 | 2 Freebsd, Mandrakesoft | 2 Freebsd, Mandrake Linux | 2016-10-18 | N/A |
| xsoldier program allows local users to gain root access via a long argument. | ||||
| CVE-1999-0798 | 5 Bsdi, Freebsd, Openbsd and 2 more | 7 Bsd Os, Freebsd, Openbsd and 4 more | 2016-10-18 | N/A |
| Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type. | ||||
| CVE-1999-0782 | 3 Freebsd, Kde, Linux | 3 Freebsd, Kde, Linux Kernel | 2016-10-18 | N/A |
| KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable. | ||||
| CVE-1999-0781 | 3 Freebsd, Kde, Linux | 3 Freebsd, Kde, Linux Kernel | 2016-10-18 | N/A |
| KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables. | ||||
| CVE-1999-0780 | 3 Freebsd, Kde, Linux | 3 Freebsd, Kde, Linux Kernel | 2016-10-18 | N/A |
| KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file. | ||||
| CVE-2016-1887 | 1 Freebsd | 1 Freebsd | 2016-05-26 | N/A |
| Integer signedness error in the sockargs function in sys/kern/uipc_syscalls.c in FreeBSD 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to cause a denial of service (memory overwrite and kernel panic) or gain privileges via a negative buflen argument, which triggers a heap-based buffer overflow. | ||||
| CVE-2014-8611 | 2 Apple, Freebsd | 3 Iphone Os, Mac Os X, Freebsd | 2016-04-06 | N/A |
| The __sflush function in fflush.c in stdio in libc in FreeBSD 10.1 and the kernel in Apple iOS before 9 mishandles failures of the write system call, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted application. | ||||
| CVE-2016-1882 | 1 Freebsd | 1 Freebsd | 2016-03-02 | N/A |
| FreeBSD 9.3 before p33, 10.1 before p26, and 10.2 before p9 allow remote attackers to cause a denial of service (kernel crash) via vectors related to creating a TCP connection with the TCP_MD5SIG and TCP_NOOPT socket options. | ||||
| CVE-2014-8613 | 1 Freebsd | 1 Freebsd | 2015-02-04 | N/A |
| The sctp module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a crafted RE_CONFIG chunk. | ||||