Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Freebsd
(Freebsd)| Repositories |
• https://github.com/file/file
• https://github.com/torvalds/linux • https://github.com/php/php-src • https://github.com/libarchive/libarchive |
| #Vulnerabilities | 504 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-04-17 | CVE-2019-9495 | The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful attack. Memory access patterns are visible in a shared cache. Weak passwords may be cracked. Versions of hostapd/wpa_supplicant 2.7 and newer, are not vulnerable to the timing attack described in... | Debian_linux, Fedora, Freebsd, Backports_sle, Leap, Radius_server, Router_manager, Hostapd, Wpa_supplicant | 3.7 | ||
| 2019-04-17 | CVE-2019-9498 | The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar/element values to complete authentication, gaining session key and network access without needing or learning the password. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both... | Debian_linux, Fedora, Freebsd, Backports_sle, Leap, Radius_server, Router_manager, Hostapd, Wpa_supplicant | 8.1 | ||
| 2019-04-17 | CVE-2019-9499 | The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of the data connection with a client. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd... | Debian_linux, Fedora, Freebsd, Backports_sle, Leap, Radius_server, Router_manager, Hostapd, Wpa_supplicant | 8.1 | ||
| 2000-12-19 | CVE-2000-0963 | Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS. | Freebsd, Ncurses, Immunix, Linux | N/A | ||
| 2002-03-08 | CVE-2002-0062 | Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling." | Debian_linux, Freebsd, Ncurses, Linux, Suse_linux | N/A | ||
| 2019-07-26 | CVE-2019-5603 | In FreeBSD 12.0-STABLE before r350261, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r350263, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, system calls operating on file descriptors as part of mqueuefs did not properly release the reference allowing a malicious user to overflow the counter allowing access to files, directories, and sockets opened by processes owned by other users. | Freebsd | 7.8 | ||
| 2019-07-26 | CVE-2019-5604 | In FreeBSD 12.0-STABLE before r350246, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r350247, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, the emulated XHCI device included with the bhyve hypervisor did not properly validate data provided by the guest, allowing an out-of-bounds read. This provides a malicious guest the possibility to crash the system or access system memory. | Freebsd | 9.6 | ||
| 2019-07-26 | CVE-2019-5605 | In FreeBSD 11.3-STABLE before r350217, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, due to insufficient initialization of memory copied to userland in the freebsd32_ioctl interface, small amounts of kernel memory may be disclosed to userland processes. This may allow an attacker to leverage this information to obtain elevated privileges either directly or indirectly. | Freebsd | 6.5 | ||
| 2019-12-11 | CVE-2019-14899 | A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream. This provides everything that is needed for an attacker to hijack active connections inside the VPN tunnel. | Ipados, Iphone_os, Mac_os_x, Macos, Tvos, Freebsd, Linux_kernel, Openbsd | 7.4 | ||
| 2019-07-26 | CVE-2019-5606 | In FreeBSD 12.0-STABLE before r349805, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r349806, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, code which handles close of a descriptor created by posix_openpt fails to undo a signal configuration. This causes an incorrect signal to be raised leading to a write after free of kernel memory allowing a malicious user to gain root privileges or escape a jail. | Freebsd | 7.8 |