Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Freebsd
(Freebsd)Repositories |
• https://github.com/file/file
• https://github.com/torvalds/linux • https://github.com/php/php-src • https://github.com/libarchive/libarchive |
#Vulnerabilities | 478 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2019-08-30 | CVE-2019-5611 | In FreeBSD 12.0-STABLE before r350828, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r350829, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, a missing check in the function to arrange data in a chain of mbufs could cause data returned not to be contiguous. Extra checks in the IPv6 stack could catch the error condition and trigger a kernel panic, leading to a remote denial of service. | Freebsd, Clustered_data_ontap | 7.5 | ||
2019-08-30 | CVE-2019-5610 | In FreeBSD 12.0-STABLE before r350637, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350638, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the bsnmp library is not properly validating the submitted length from a type-length-value encoding. A remote user could cause an out-of-bounds read or trigger a crash of the software such as bsnmpd resulting in a denial of service. | Freebsd, Clustered_data_ontap | 7.5 | ||
2019-08-30 | CVE-2019-5612 | In FreeBSD 12.0-STABLE before r351264, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r351265, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, the kernel driver for /dev/midistat implements a read handler that is not thread-safe. A multi-threaded program can exploit races in the handler to copy out kernel memory outside the boundaries of midistat's data buffer. | Freebsd, Clustered_data_ontap | 7.5 | ||
2021-03-26 | CVE-2020-7463 | In FreeBSD 12.1-STABLE before r364644, 11.4-STABLE before r364651, 12.1-RELEASE before p9, 11.4-RELEASE before p3, and 11.3-RELEASE before p13, improper handling in the kernel causes a use-after-free bug by sending large user messages from multiple threads on the same SCTP socket. The use-after-free situation may result in unintended kernel behaviour including a kernel panic. | Icloud, Ipados, Iphone_os, Itunes, Macos, Safari, Tvos, Watchos, Freebsd | 5.5 | ||
2008-10-20 | CVE-2008-4609 | The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. | Bsd, Bsd_os, Catalyst_blade_switch_3020_firmware, Catalyst_blade_switch_3120_firmware, Catalyst_blade_switch_3120x_firmware, Ios, Dragonflybsd, Freebsd, Linux_kernel, Windows_2000, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp, Midnightbsd, Netbsd, Openbsd, Solaris, Trustedbsd | N/A | ||
1996-04-18 | CVE-1999-0078 | pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call. | Bsd_os, Freebsd, Hp\-Ux, Aix, Mp\-Ras, Up\-Ux_v, Nextstep, Openserver, Unixware, Irix, Sunos | N/A | ||
1996-06-26 | CVE-1999-0138 | The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access. | A_ux, Osf_1, Freebsd, Hp\-Ux, Aix, Linux_kernel, Asl_ux_4800, Ews\-Ux_v, Up\-Ux_v | N/A | ||
1996-07-24 | CVE-1999-0023 | Local user gains root privileges via buffer overflow in rdist, via lookup() function. | Bsd_os, Freebsd, Aix, Inet, Internet_faststart, Open_desktop, Openserver, Tcp_ip, Unixware, Sunos | N/A | ||
1996-12-03 | CVE-1999-0129 | Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. | Bsd_os, Sendmail, Freebsd, Hp\-Ux, Aix, Internet_faststart, Openserver, Solaris, Sunos | N/A | ||
1996-12-12 | CVE-1999-0297 | Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable. | Bsd_os, Freebsd, Netbsd, Vixie_cron, Linux | N/A |