Search Results (602 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-0379 1 Freebsd 1 Freebsd 2026-04-16 N/A
FreeBSD kernel 5.4-STABLE and 6.0 does not completely initialize a buffer before making it available to userland, which could allow local users to read portions of kernel memory.
CVE-2000-1013 1 Freebsd 1 Freebsd 2026-04-16 N/A
The setlocale function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to read arbitrary files via the LANG environmental variable.
CVE-2001-1244 7 Freebsd, Hp, Linux and 4 more 9 Freebsd, Hp-ux, Vvos and 6 more 2026-04-16 N/A
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.
CVE-1999-0130 7 Bsdi, Caldera, Eric Allman and 4 more 7 Bsd Os, Network Desktop, Sendmail and 4 more 2026-04-16 N/A
Local users can start Sendmail in daemon mode and gain root privileges.
CVE-2000-1167 1 Freebsd 1 Freebsd 2026-04-16 N/A
ppp utility in FreeBSD 4.1.1 and earlier does not properly restrict access as specified by the "nat deny_incoming" command, which allows remote attackers to connect to the target system.
CVE-2002-0754 2 Freebsd, Kth 3 Freebsd, Heimdal, Heimdal 2026-04-16 N/A
Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them.
CVE-2006-1056 3 Freebsd, Linux, Redhat 3 Freebsd, Linux Kernel, Enterprise Linux 2026-04-16 N/A
The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one process to determine portions of the state of floating point instructions of other processes, which can be leveraged to obtain sensitive information such as cryptographic keys. NOTE: this is the documented behavior of AMD64 processors, but it is inconsistent with Intel processors in a security-relevant fashion that was not addressed by the kernels.
CVE-2001-0247 5 Freebsd, Mit, Netbsd and 2 more 5 Freebsd, Kerberos 5, Netbsd and 2 more 2026-04-16 N/A
Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.
CVE-2002-0572 3 Freebsd, Openbsd, Sun 4 Freebsd, Openbsd, Solaris and 1 more 2026-04-16 N/A
FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which may then be reused by a called setuid process that intended to perform I/O on normal files.
CVE-2001-0371 1 Freebsd 1 Freebsd 2026-04-16 N/A
Race condition in the UFS and EXT2FS file systems in FreeBSD 4.2 and earlier, and possibly other operating systems, makes deleted data available to user processes before it is zeroed out, which allows a local user to access otherwise restricted information.
CVE-2006-0433 1 Freebsd 1 Freebsd 2026-04-16 N/A
Selective Acknowledgement (SACK) in FreeBSD 5.3 and 5.4 does not properly handle an incoming selective acknowledgement when there is insufficient memory, which might allow remote attackers to cause a denial of service (infinite loop).
CVE-2006-2654 1 Freebsd 1 Freebsd 2026-04-16 N/A
Directory traversal vulnerability in smbfs smbfs on FreeBSD 4.10 up to 6.1 allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences. NOTE: this is similar to CVE-2006-1864, but this is a different implementation of smbfs, so it has a different CVE identifier.
CVE-1999-0096 3 Bsdi, Freebsd, Sco 4 Bsd Os, Freebsd, Internet Faststart and 1 more 2026-04-16 N/A
Sendmail decode alias can be used to overwrite sensitive files.
CVE-1999-0085 3 Freebsd, Ibm, Netbsd 3 Freebsd, Aix, Netbsd 2026-04-16 N/A
Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname.
CVE-2004-0435 1 Freebsd 1 Freebsd 2026-04-16 N/A
Certain "programming errors" in the msync system call for FreeBSD 5.2.1 and earlier, and 4.10 and earlier, do not properly handle the MS_INVALIDATE operation, which leads to cache consistency problems that allow a local user to prevent certain changes to files from being committed to disk.
CVE-1999-0855 1 Freebsd 1 Freebsd 2026-04-16 N/A
Buffer overflow in FreeBSD gdc program.
CVE-2004-0125 1 Freebsd 1 Freebsd 2026-04-16 N/A
The jail system call in FreeBSD 4.x before 4.10-RELEASE does not verify that an attempt to manipulate routing tables originated from a non-jailed process, which could allow local users to modify the routing table.
CVE-2004-0618 1 Freebsd 1 Freebsd 2026-04-16 N/A
FreeBSD 5.1 for the Alpha processor allows local users to cause a denial of service (crash) via an execve system call with an unaligned memory address as an argument.
CVE-1999-0131 8 Bsdi, Digital, Eric Allman and 5 more 9 Bsd Os, Osf 1, Sendmail and 6 more 2026-04-16 N/A
Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.
CVE-1999-0138 7 Apple, Digital, Freebsd and 4 more 9 A Ux, Osf 1, Freebsd and 6 more 2026-04-16 N/A
The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access.