Search Results (586 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0388 1 Freebsd 1 Freebsd 2026-04-16 N/A
Buffer overflow in FreeBSD libmytinfo library allows local users to execute commands via a long TERMCAP environmental variable.
CVE-2001-0796 2 Freebsd, Sgi 2 Freebsd, Irix 2026-04-16 N/A
SGI IRIX 6.5 through 6.5.12f and possibly earlier versions, and FreeBSD 3.0, allows remote attackers to cause a denial of service via a malformed IGMP multicast packet with a small response delay.
CVE-2006-1283 1 Freebsd 1 Freebsd 2026-04-16 N/A
opiepasswd in One-Time Passwords in Everything (OPIE) in FreeBSD 4.10-RELEASE-p22 through 6.1-STABLE before 20060322 uses the getlogin function to determine the invoking user account, which might allow local users to configure OPIE access to the root account and possibly gain root privileges if a root shell is permitted by the configuration of the wheel group or sshd.
CVE-2002-1674 1 Freebsd 1 Freebsd 2026-04-16 N/A
procfs on FreeBSD before 4.5 allows local users to cause a denial of service (kernel panic) by removing a file that the fstatfs function refers to.
CVE-2000-0186 4 Freebsd, Mandrakesoft, Redhat and 1 more 4 Freebsd, Mandrake Linux, Linux and 1 more 2026-04-16 N/A
Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument.
CVE-2002-1125 1 Freebsd 1 Freebsd 2026-04-16 N/A
FreeBSD port programs that use libkvm for FreeBSD 4.6.2-RELEASE and earlier, including (1) asmon, (2) ascpu, (3) bubblemon, (4) wmmon, and (5) wmnet2, leave open file descriptors for /dev/mem and /dev/kmem, which allows local users to read kernel memory.
CVE-2000-0584 2 Debian, Freebsd 2 Debian Linux, Freebsd 2026-04-16 N/A
Buffer overflow in Canna input system allows remote attackers to execute arbitrary commands via an SR_INIT command with a long user name or group name.
CVE-2000-0375 1 Freebsd 1 Freebsd 2026-04-16 N/A
The kernel in FreeBSD 3.2 follows symbolic links when it creates core dump files, which allows local attackers to modify arbitrary files.
CVE-2001-1029 2 Freebsd, Openbsd 2 Freebsd, Openssh 2026-04-16 N/A
libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the capabilities checks and read arbitrary files by specifying alternate copyright or welcome files.
CVE-2001-1034 1 Freebsd 1 Freebsd 2026-04-16 N/A
Format string vulnerability in Hylafax on FreeBSD allows local users to execute arbitrary code via format specifiers in the -h hostname argument for (1) faxrm or (2) faxalter.
CVE-1999-0855 1 Freebsd 1 Freebsd 2026-04-16 N/A
Buffer overflow in FreeBSD gdc program.
CVE-2004-0079 23 4d, Apple, Avaya and 20 more 67 Webstar, Mac Os X, Mac Os X Server and 64 more 2026-04-16 7.5 High
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
CVE-2006-0433 1 Freebsd 1 Freebsd 2026-04-16 N/A
Selective Acknowledgement (SACK) in FreeBSD 5.3 and 5.4 does not properly handle an incoming selective acknowledgement when there is insufficient memory, which might allow remote attackers to cause a denial of service (infinite loop).
CVE-2002-0574 1 Freebsd 1 Freebsd 2026-04-16 N/A
Memory leak in FreeBSD 4.5 and earlier allows remote attackers to cause a denial of service (memory exhaustion) via ICMP echo packets that trigger a bug in ip_output() in which the reference count for a routing table entry is not decremented, which prevents the entry from being removed.
CVE-2002-1667 1 Freebsd 1 Freebsd 2026-04-16 N/A
The virtual memory management system in FreeBSD 4.5-RELEASE and earlier does not properly check the existence of a VM object during page invalidation, which allows local users to cause a denial of service (crash) by calling msync on an unaccessed memory map created with MAP_ANON and MAP_NOSYNC flags.
CVE-2005-0356 9 Alaxala, Cisco, F5 and 6 more 76 Alaxala Networks, Agent Desktop, Aironet Ap1200 and 73 more 2026-04-16 N/A
Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old.
CVE-1999-0032 5 Bsdi, Freebsd, Next and 2 more 5 Bsd Os, Freebsd, Nextstep and 2 more 2026-04-16 N/A
Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C (classification) command line option.
CVE-2005-1036 2 Amd, Freebsd 2 Amd64, Freebsd 2026-04-16 7.8 High
FreeBSD 5.x to 5.4 on AMD64 does not properly initialize the IO permission bitmap used to allow user access to certain hardware, which allows local users to bypass intended access restrictions to cause a denial of service, obtain sensitive information, and possibly gain privileges.
CVE-1999-0037 2 Freebsd, Redhat 2 Freebsd, Linux 2026-04-16 N/A
Arbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail.
CVE-2001-1017 1 Freebsd 1 Freebsd 2026-04-16 N/A
rmuser utility in FreeBSD 4.2 and 4.3 creates a copy of the master.passwd file with world-readable permissions while updating the original file, which could allow local users to gain privileges by reading the copied file while rmuser is running, obtain the password hashes, and crack the passwords.