Total
537 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0028 | 10 Cray, Freebsd, Gnu and 7 more | 13 Unicos, Freebsd, Glibc and 10 more | 2025-04-03 | 7.5 HIGH | N/A |
|
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.
|
|||||
| CVE-1999-1187 | 3 Freebsd, Slackware, University Of Washington | 3 Freebsd, Slackware Linux, Pine | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Pine before version 3.94 allows local users to gain privileges via a symlink attack on a lockfile that is created when a user receives new mail.
|
|||||
| CVE-1999-0704 | 3 Bsdi, Freebsd, Redhat | 3 Bsd Os, Freebsd, Linux | 2025-04-03 | 9.3 HIGH | N/A |
|
Buffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others.
|
|||||
| CVE-2001-0388 | 3 Freebsd, Mandrakesoft, Suse | 3 Freebsd, Mandrake Linux, Suse Linux | 2025-04-03 | 10.0 HIGH | N/A |
|
time server daemon timed allows remote attackers to cause a denial of service via malformed packets.
|
|||||
| CVE-2000-0235 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in the huh program in the orville-write package allows local users to gain root privileges.
|
|||||
| CVE-2000-0440 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2025-04-03 | 5.0 MEDIUM | N/A |
|
NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of service by sending a packet with an unaligned IP timestamp option.
|
|||||
| CVE-1999-0823 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Buffer overflow in FreeBSD xmindpath allows local users to gain privileges via -f argument.
|
|||||
| CVE-2000-0092 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2025-04-03 | 6.2 MEDIUM | N/A |
|
The BSD make program allows local users to modify files via a symlink attack when the -j option is being used.
|
|||||
| CVE-1999-0299 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 9.3 HIGH | N/A |
|
Buffer overflow in FreeBSD lpd through long DNS hostnames.
|
|||||
| CVE-1999-0138 | 7 Apple, Digital, Freebsd and 4 more | 9 A Ux, Osf 1, Freebsd and 6 more | 2025-04-03 | 7.2 HIGH | N/A |
|
The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access.
|
|||||
| CVE-2002-0794 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The accept_filter mechanism in FreeBSD 4 through 4.5 does not properly remove entries from the incomplete listen queue when adding a syncache, which allows remote attackers to cause a denial of service (network service availability) via a large number of connection attempts, which fills the queue.
|
|||||
| CVE-2006-1056 | 2 Freebsd, Linux | 2 Freebsd, Linux Kernel | 2025-04-03 | 2.1 LOW | N/A |
|
The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one process to determine portions of the state of floating point instructions of other processes, which can be leveraged to obtain sensitive information such as cryptographic keys. NOTE: this is the documented behavior of AMD64 processors, but it i ...
Show More |
|||||
| CVE-2000-0535 | 2 Freebsd, Openssl | 2 Freebsd, Openssl | 2025-04-03 | 5.0 MEDIUM | N/A |
|
OpenSSL 0.9.4 and OpenSSH for FreeBSD do not properly check for the existence of the /dev/random or /dev/urandom devices, which are absent on FreeBSD Alpha systems, which causes them to produce weak keys which may be more easily broken.
|
|||||
| CVE-2005-1399 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 4.6 MEDIUM | N/A |
|
FreeBSD 4.6 to 4.11 and 5.x to 5.4 uses insecure default permissions for the /dev/iir device, which allows local users to execute restricted ioctl calls to read or modify data on hardware that is controlled by the iir driver.
|
|||||
| CVE-2002-0701 | 2 Freebsd, Openbsd | 2 Freebsd, Openbsd | 2025-04-03 | 2.1 LOW | N/A |
|
ktrace in BSD-based operating systems allows the owner of a process with special privileges to trace the process after its privileges have been lowered, which may allow the owner to obtain sensitive information that the process obtained while it was running with the extra privileges.
|
|||||
| CVE-2001-0670 | 4 Bsd, Freebsd, Netbsd and 1 more | 4 Bsd, Freebsd, Netbsd and 1 more | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue.
|
|||||
| CVE-1999-0057 | 5 Eric Allman, Freebsd, Hp and 2 more | 7 Vacation, Freebsd, Hp-ux and 4 more | 2025-04-03 | 7.5 HIGH | N/A |
|
Vacation program allows command execution by remote users through a sendmail command.
|
|||||
| CVE-2006-4304 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0 through 4.0 beta before 20060823, and OpenBSD 3.8 and 3.9 before 20060902 allows remote attackers to cause a denial of service (panic), obtain sensitive information, and possibly execute arbitrary code via crafted Link Control Protocol (LCP) packets with an option length that exceeds the overall length, which triggers the overflow in (1) pppoe and (2) ippp. NOTE: this issue was originally incorrectly reported for the ppp ...
Show More |
|||||
| CVE-1999-1313 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Manual page reader (man) in FreeBSD 2.2 and earlier allows local users to gain privileges via a sequence of commands.
|
|||||
| CVE-2005-0356 | 9 Alaxala, Cisco, F5 and 6 more | 76 Alaxala Networks, Agent Desktop, Aironet Ap1200 and 73 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old.
|
|||||
| CVE-2003-0001 | 4 Freebsd, Linux, Microsoft and 1 more | 5 Freebsd, Linux Kernel, Windows 2000 and 2 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.
|
|||||
| CVE-1999-1008 | 2 Freebsd, Mandrakesoft | 2 Freebsd, Mandrake Linux | 2025-04-03 | 7.2 HIGH | N/A |
|
xsoldier program allows local users to gain root access via a long argument.
|
|||||
| CVE-2000-0186 | 4 Freebsd, Mandrakesoft, Redhat and 1 more | 4 Freebsd, Mandrake Linux, Linux and 1 more | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument.
|
|||||
| CVE-2002-0820 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 7.2 HIGH | N/A |
|
FreeBSD kernel 4.6 and earlier closes the file descriptors 0, 1, and 2 after they have already been assigned to /dev/null when the descriptors reference procfs or linprocfs, which could allow local users to reuse the file descriptors in a setuid or setgid program to modify critical data and gain privileges.
|
|||||
| CVE-2005-1406 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 4.6 MEDIUM | N/A |
|
The kernel in FreeBSD 4.x to 4.11 and 5.x to 5.4 does not properly clear certain fixed-length buffers when copying variable-length data for use by applications, which could allow those applications to read previously used sensitive memory.
|
|||||
| CVE-1999-0046 | 10 Bsdi, Debian, Digital and 7 more | 10 Bsd Os, Debian Linux, Ultrix and 7 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow of rlogin program using TERM environmental variable.
|
|||||
| CVE-2001-0183 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 7.5 HIGH | N/A |
|
ipfw and ip6fw in FreeBSD 4.2 and earlier allows remote attackers to bypass access restrictions by setting the ECE flag in a TCP packet, which makes the packet appear to be part of an established connection.
|
|||||
| CVE-1999-0820 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 4.6 MEDIUM | N/A |
|
FreeBSD seyon allows users to gain privileges via a modified PATH variable for finding the xterm and seyon-emu commands.
|
|||||
| CVE-2006-2655 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 6.4 MEDIUM | N/A |
|
The build process for ypserv in FreeBSD 5.3 up to 6.1 accidentally disables access restrictions when using the /var/yp/securenets file, which allows remote attackers to bypass intended access restrictions.
|
|||||
| CVE-2000-0375 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 2.1 LOW | N/A |
|
The kernel in FreeBSD 3.2 follows symbolic links when it creates core dump files, which allows local attackers to modify arbitrary files.
|
|||||
| CVE-2005-1400 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 4.6 MEDIUM | N/A |
|
The i386_get_ldt system call in FreeBSD 4.7 to 4.11 and 5.x to 5.4 allows local users to access sensitive kernel memory via arguments with negative or very large values.
|
|||||
| CVE-2000-0461 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2025-04-03 | 2.1 LOW | N/A |
|
The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of service of the semaphore system by using the semconfig call.
|
|||||
| CVE-2002-0795 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 2.1 LOW | N/A |
|
The rc system startup script for FreeBSD 4 through 4.5 allows local users to delete arbitrary files via a symlink attack on X Windows lock files.
|
|||||
| CVE-2002-0973 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Integer signedness error in several system calls for FreeBSD 4.6.1 RELEASE-p10 and earlier may allow attackers to access sensitive kernel memory via large negative values to the (1) accept, (2) getsockname, and (3) getpeername system calls, and the (4) vesa FBIO_GETPALETTE ioctl.
|
|||||
| CVE-1999-0040 | 7 Bsdi, Freebsd, Hp and 4 more | 10 Bsd Os, Freebsd, Hp-ux and 7 more | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.
|
|||||
| CVE-2006-0905 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2025-04-03 | 7.5 HIGH | N/A |
|
A "programming error" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks.
|
|||||
| CVE-1999-0912 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 2.1 LOW | N/A |
|
FreeBSD VFS cache (vfs_cache) allows local users to cause a denial of service by opening a large number of files.
|
|||||
| CVE-2002-1915 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2025-04-03 | 2.1 LOW | 5.5 MEDIUM |
|
tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file.
|
|||||
| CVE-2005-0109 | 5 Freebsd, Redhat, Sco and 2 more | 8 Freebsd, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2025-04-03 | 4.7 MEDIUM | 5.6 MEDIUM |
|
Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.
|
|||||
| CVE-2000-1012 | 1 Freebsd | 1 Freebsd | 2025-04-03 | 7.2 HIGH | N/A |
|
The catopen function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to read arbitrary files via the LANG environmental variable.
|
|||||