Freebsd

Freebsd

503 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2015-1414

  • EPSS 0.89%
  • Veröffentlicht 27.02.2015 15:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Integer overflow in FreeBSD before 8.4 p24, 9.x before 9.3 p10. 10.0 before p18, and 10.1 before p6 allows remote attackers to cause a denial of service (crash) via a crafted IGMP packet, which triggers an incorrect size calculation and allocation of...

7.8

CVE-2014-8613

  • EPSS 0.69%
  • Veröffentlicht 02.02.2015 16:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The sctp module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a crafted RE_CONFIG chunk.

4.6

CVE-2014-8612

Exploit
  • EPSS 0.36%
  • Veröffentlicht 02.02.2015 16:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple array index errors in the Stream Control Transmission Protocol (SCTP) module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allow local users to (1) gain privileges via the stream id to the setsockopt function,...

7.2

CVE-2014-0998

Exploit
  • EPSS 0.85%
  • Veröffentlicht 02.02.2015 16:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Integer signedness error in the vt console driver (formerly Newcons) in FreeBSD 9.3 before p10 and 10.1 before p6 allows local users to cause a denial of service (crash) and possibly gain privileges via a negative value in a VT_WAITACTIVE ioctl call,...

5

CVE-2014-8117

  • EPSS 14.62%
  • Veröffentlicht 17.12.2014 19:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

softmagic.c in file before 5.21 does not properly limit recursion, which allows remote attackers to cause a denial of service (CPU consumption or crash) via unspecified vectors.

5

CVE-2014-8116

  • EPSS 14.09%
  • Veröffentlicht 17.12.2014 19:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The ELF parser (readelf.c) in file before 5.21 allows remote attackers to cause a denial of service (CPU consumption or crash) via a large number of (1) program or (2) section headers or (3) invalid capabilities.

5

CVE-2014-7250

  • EPSS 3.73%
  • Veröffentlicht 12.12.2014 03:03:47
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of service (resource consumption) via crafted packets...

4.3

CVE-2014-8475

  • EPSS 1.68%
  • Veröffentlicht 18.11.2014 15:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

FreeBSD 9.1, 9.2, and 10.0, when compiling OpenSSH with Kerberos support, uses incorrect library ordering when linking sshd, which causes symbols to be resolved incorrectly and allows remote attackers to cause a denial of service (sshd deadlock and p...

2.1

CVE-2014-8476

  • EPSS 0.07%
  • Veröffentlicht 13.11.2014 21:32:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The setlogin function in FreeBSD 8.4 through 10.1-RC4 does not initialize the buffer used to store the login name, which allows local users to obtain sensitive information from kernel memory via a call to getlogin, which returns the entire buffer.

5

CVE-2014-3711

  • EPSS 0.6%
  • Veröffentlicht 27.10.2014 15:55:24
  • Zuletzt bearbeitet 12.04.2025 10:46:40

namei in FreeBSD 9.1 through 10.1-RC2 allows remote attackers to cause a denial of service (memory exhaustion) via vectors that trigger a sandboxed process to look up a large number of nonexistent path names.