Freebsd

Freebsd

503 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2014-3954

  • EPSS 8.93%
  • Published 27.10.2014 15:55:24
  • Last modified 12.04.2025 10:46:40

Stack-based buffer overflow in rtsold in FreeBSD 9.1 through 10.1-RC2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted DNS parameters in a router advertisement message.

5

CVE-2014-3955

  • EPSS 0.54%
  • Published 27.10.2014 15:55:24
  • Last modified 12.04.2025 10:46:40

routed in FreeBSD 8.4 through 10.1-RC2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RIP request from a source not on a directly connected network.

5

CVE-2014-3951

  • EPSS 0.41%
  • Published 21.08.2014 22:55:03
  • Last modified 12.04.2025 10:46:40

The HZ module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a crafted argument to the iconv_open function. NOTE: this issue was SPLIT p...

5

CVE-2014-5384

  • EPSS 0.41%
  • Published 21.08.2014 22:55:03
  • Last modified 12.04.2025 10:46:40

The VIQR module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denial of service (out-of-bounds array access) via a crafted argument to the iconv_open function. NOTE: this issue was SPL...

4.9

CVE-2014-3952

  • EPSS 0.07%
  • Published 15.07.2014 14:55:09
  • Last modified 12.04.2025 10:46:40

FreeBSD 8.4 before p14, 9.1 before p17, 9.2 before p10, and 10.0 before p7 does not properly initialize the buffer between the header and data of a control message, which allows local users to obtain sensitive information from kernel memory via unspe...

4.9

CVE-2014-3953

  • EPSS 0.07%
  • Published 15.07.2014 14:55:09
  • Last modified 12.04.2025 10:46:40

FreeBSD 8.4 before p14, 9.1 before p17, 9.2 before p10, and 10.0 before p7 does not properly initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via a (1) SCTP_SNDRCV, (2) SCTP_EXTRCV, or (3...

2.1

CVE-2014-3873

  • EPSS 0.06%
  • Published 10.06.2014 14:55:10
  • Last modified 12.04.2025 10:46:40

The ktrace utility in the FreeBSD kernel 8.4 before p11, 9.1 before p14, 9.2 before p7, and 9.3-BETA1 before p1 uses an incorrect page fault kernel trace entry size, which allows local users to obtain sensitive information from kernel memory via a ke...

4.9

CVE-2014-3880

  • EPSS 0.05%
  • Published 10.06.2014 14:55:10
  • Last modified 12.04.2025 10:46:40

The (1) execve and (2) fexecve system calls in the FreeBSD kernel 8.4 before p11, 9.1 before p14, 9.2 before p7, and 10.0 before p4 destroys the virtual memory address space and mappings for a process before all threads have terminated, which allows ...

1.9

CVE-2014-3956

  • EPSS 0.1%
  • Published 04.06.2014 11:19:13
  • Last modified 12.04.2025 10:46:40

The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom ma...

7.8

CVE-2014-3000

  • EPSS 8.78%
  • Published 02.05.2014 14:55:07
  • Last modified 12.04.2025 10:46:40

The TCP reassembly function in the inet module in FreeBSD 8.3 before p16, 8.4 before p9, 9.1 before p12, 9.2 before p5, and 10.0 before p2 allows remote attackers to cause a denial of service (undefined memory access and system crash) or possibly rea...