Search Results (602 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0144 4 Bsd, Freebsd, Lprold and 1 more 4 Lpr, Freebsd, Lprold and 1 more 2026-04-16 N/A
Buffer overflow in the lprm command in the lprold lpr package on SuSE 7.1 through 7.3, OpenBSD 3.2 and earlier, and possibly other operating systems, allows local users to gain root privileges via long command line arguments such as (1) request ID or (2) user name.
CVE-2004-0099 1 Freebsd 1 Freebsd 2026-04-16 N/A
mksnap_ffs in FreeBSD 5.1 and 5.2 only sets the snapshot flag when creating a snapshot for a file system, which causes default values for other flags to be used, possibly disabling security-critical settings and allowing a local user to bypass intended access restrictions.
CVE-1999-0040 7 Bsdi, Freebsd, Hp and 4 more 10 Bsd Os, Freebsd, Hp-ux and 7 more 2026-04-16 N/A
Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.
CVE-1999-0129 7 Bsdi, Eric Allman, Freebsd and 4 more 9 Bsd Os, Sendmail, Freebsd and 6 more 2026-04-16 N/A
Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.
CVE-2004-0126 1 Freebsd 1 Freebsd 2026-04-16 N/A
The jail_attach system call in FreeBSD 5.1 and 5.2 changes the directory of a calling process even if the process doesn't have permission to change directory, which allows local users to gain read/write privileges to files and directories within another jail.
CVE-2004-0002 1 Freebsd 1 Freebsd 2026-04-16 N/A
The TCP MSS (maximum segment size) functionality in netinet allows remote attackers to cause a denial of service (resource exhaustion) via (1) a low MTU, which causes a large number of small packets to be produced, or (2) via a large number of packets with a small TCP payload, which cause a large number of calls to the resource-intensive sowakeup function.
CVE-2002-0574 1 Freebsd 1 Freebsd 2026-04-16 N/A
Memory leak in FreeBSD 4.5 and earlier allows remote attackers to cause a denial of service (memory exhaustion) via ICMP echo packets that trigger a bug in ip_output() in which the reference count for a routing table entry is not decremented, which prevents the entry from being removed.
CVE-2000-1066 1 Freebsd 1 Freebsd 2026-04-16 N/A
The getnameinfo function in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows a remote attacker to cause a denial of service via a long DNS hostname.
CVE-2002-0518 1 Freebsd 1 Freebsd 2026-04-16 N/A
The SYN cache (syncache) and SYN cookie (syncookie) mechanism in FreeBSD 4.5 and earlier allows remote attackers to cause a denial of service (crash) (1) via a SYN packet that is accepted using syncookies that causes a null pointer to be referenced for the socket's TCP options, or (2) by killing and restarting a process that listens on the same socket, which does not properly clear the old inpcb pointer on restart.
CVE-1999-0782 3 Freebsd, Kde, Linux 3 Freebsd, Kde, Linux Kernel 2026-04-16 N/A
KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable.
CVE-1999-0323 4 Bsdi, Freebsd, Netbsd and 1 more 4 Bsd Os, Freebsd, Netbsd and 1 more 2026-04-16 N/A
FreeBSD mmap function allows users to modify append-only or immutable files.
CVE-2001-0063 1 Freebsd 1 Freebsd 2026-04-16 N/A
procfs in FreeBSD and possibly other operating systems allows local users to bypass access control restrictions for a jail environment and gain additional privileges.
CVE-1999-1572 5 Debian, Freebsd, Mandrakesoft and 2 more 6 Debian Linux, Freebsd, Mandrake Linux and 3 more 2026-04-16 N/A
cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files.
CVE-2005-4351 4 Dragonfly, Freebsd, Linux and 1 more 4 Dragonfly, Freebsd, Linux Kernel and 1 more 2026-04-16 N/A
The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while the system is running.
CVE-2005-0988 7 Freebsd, Gentoo, Gnu and 4 more 13 Freebsd, Linux, Gzip and 10 more 2026-04-16 N/A
Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete.
CVE-1999-0857 1 Freebsd 1 Freebsd 2026-04-16 N/A
FreeBSD gdc program allows local users to modify files via a symlink attack.
CVE-1999-0964 1 Freebsd 1 Freebsd 2026-04-16 N/A
Buffer overflow in FreeBSD setlocale in the libc module allows attackers to execute arbitrary code via a long PATH_LOCALE environment variable.
CVE-1999-1008 2 Freebsd, Mandrakesoft 2 Freebsd, Mandrake Linux 2026-04-16 N/A
xsoldier program allows local users to gain root access via a long argument.
CVE-2002-1221 3 Freebsd, Isc, Openbsd 3 Freebsd, Bind, Openbsd 2026-04-16 N/A
BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference.
CVE-2000-0186 4 Freebsd, Mandrakesoft, Redhat and 1 more 4 Freebsd, Mandrake Linux, Linux and 1 more 2026-04-16 N/A
Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument.