Product:

Freebsd

(Freebsd)
Repositories https://github.com/file/file
https://github.com/torvalds/linux
https://github.com/php/php-src
https://github.com/libarchive/libarchive
#Vulnerabilities 478
Date Id Summary Products Score Patch Annotated
2019-08-30 CVE-2019-5611 In FreeBSD 12.0-STABLE before r350828, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r350829, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, a missing check in the function to arrange data in a chain of mbufs could cause data returned not to be contiguous. Extra checks in the IPv6 stack could catch the error condition and trigger a kernel panic, leading to a remote denial of service. Freebsd, Clustered_data_ontap 7.5
2019-08-30 CVE-2019-5610 In FreeBSD 12.0-STABLE before r350637, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350638, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the bsnmp library is not properly validating the submitted length from a type-length-value encoding. A remote user could cause an out-of-bounds read or trigger a crash of the software such as bsnmpd resulting in a denial of service. Freebsd, Clustered_data_ontap 7.5
2019-08-30 CVE-2019-5612 In FreeBSD 12.0-STABLE before r351264, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r351265, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, the kernel driver for /dev/midistat implements a read handler that is not thread-safe. A multi-threaded program can exploit races in the handler to copy out kernel memory outside the boundaries of midistat's data buffer. Freebsd, Clustered_data_ontap 7.5
2021-03-26 CVE-2020-7463 In FreeBSD 12.1-STABLE before r364644, 11.4-STABLE before r364651, 12.1-RELEASE before p9, 11.4-RELEASE before p3, and 11.3-RELEASE before p13, improper handling in the kernel causes a use-after-free bug by sending large user messages from multiple threads on the same SCTP socket. The use-after-free situation may result in unintended kernel behaviour including a kernel panic. Icloud, Ipados, Iphone_os, Itunes, Macos, Safari, Tvos, Watchos, Freebsd 5.5
2008-10-20 CVE-2008-4609 The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. Bsd, Bsd_os, Catalyst_blade_switch_3020_firmware, Catalyst_blade_switch_3120_firmware, Catalyst_blade_switch_3120x_firmware, Ios, Dragonflybsd, Freebsd, Linux_kernel, Windows_2000, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp, Midnightbsd, Netbsd, Openbsd, Solaris, Trustedbsd N/A
1996-04-18 CVE-1999-0078 pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call. Bsd_os, Freebsd, Hp\-Ux, Aix, Mp\-Ras, Up\-Ux_v, Nextstep, Openserver, Unixware, Irix, Sunos N/A
1996-06-26 CVE-1999-0138 The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access. A_ux, Osf_1, Freebsd, Hp\-Ux, Aix, Linux_kernel, Asl_ux_4800, Ews\-Ux_v, Up\-Ux_v N/A
1996-07-24 CVE-1999-0023 Local user gains root privileges via buffer overflow in rdist, via lookup() function. Bsd_os, Freebsd, Aix, Inet, Internet_faststart, Open_desktop, Openserver, Tcp_ip, Unixware, Sunos N/A
1996-12-03 CVE-1999-0129 Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. Bsd_os, Sendmail, Freebsd, Hp\-Ux, Aix, Internet_faststart, Openserver, Solaris, Sunos N/A
1996-12-12 CVE-1999-0297 Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable. Bsd_os, Freebsd, Netbsd, Vixie_cron, Linux N/A