1
|
5.3
-
|
MEDIUM
Network
sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowi…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2023-51765
|
cpe:2.3:o:freebsd:freebsd:*:*
|
|
|
|
11.0
|
2024-01-18 12:15
2023-12-24
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2
|
5.9
-
|
MEDIUM
Network
|
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from…
|
CWE-354
Improper Validation of Integrity Check Value
|
CVE-2023-48795
|
cpe:2.3:o:freebsd:freebsd:*:*
|
|
12.4
|
|
|
2024-05-2 03:15
2023-12-19
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
3
|
7.5
-
|
HIGH
Network
In versions of FreeBSD 14.0-RELEASE before 14-RELEASE-p2, FreeBSD 13.2-RELEASE before 13.2-RELEASE-p7 and FreeBSD 12.4-RELEASE before 12.4-RELEASE-p9, the pf(4) packet filter incorrectly validates TC…
|
NVD-CWE-noinfo
|
CVE-2023-6534
|
cpe:2.3:o:freebsd:freebsd:14.0:rc4-p1 cpe:2.3:o:freebsd:freebsd:14.0:rc3 cpe:2.3:o:freebsd:freebsd:14.0:p1 cpe…
|
|
|
|
|
2024-01-12 23:15
2023-12-13
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
4
|
6.5
-
|
MEDIUM
Network
|
When a program running on an affected system appends data to a file via an NFS client mount, the bug can cause the NFS client to fail to copy in the data to be written but proceed as though the copy …
|
NVD-CWE-noinfo
|
CVE-2023-6660
|
cpe:2.3:o:freebsd:freebsd:14.0:rc4-p1 cpe:2.3:o:freebsd:freebsd:14.0:rc3 cpe:2.3:o:freebsd:freebsd:14.0:p2 cpe…
|
|
|
|
|
2024-03-23 04:15
2023-12-13
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
5
|
7.5
-
|
HIGH
Network
In versions of FreeBSD 13-RELEASE before 13-RELEASE-p5, under certain circumstances the cap_net libcasper(3) service incorrectly validates that updated constraints are strictly subsets of the active …
|
NVD-CWE-noinfo
|
CVE-2023-5978
|
cpe:2.3:o:freebsd:freebsd:13.2:p4 cpe:2.3:o:freebsd:freebsd:13.2:p3 cpe:2.3:o:freebsd:freebsd:13.2:p2 cpe:2.3:…
|
13.0
|
|
|
13.2
|
2023-12-14 19:15
2023-11-8
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
6
|
9.8
-
|
CRITICAL
Network
In versions of FreeBSD 12.4-RELEASE prior to 12.4-RELEASE-p7 and FreeBSD 13.2-RELEASE prior to 13.2-RELEASE-p5 the __sflush() stdio function in libc does not correctly update FILE objects' write spac…
|
CWE-787 CWE-131
Out-of-bounds Write Incorrect Calculation of Buffer Size
|
CVE-2023-5941
|
cpe:2.3:o:freebsd:freebsd:13.2:p4 cpe:2.3:o:freebsd:freebsd:13.2:p3 cpe:2.3:o:freebsd:freebsd:13.2:p2 cpe:2.3:…
|
13.0
|
|
|
12.4 13.2
|
2023-12-14 19:15
2023-11-8
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
7
|
5.5
-
|
MEDIUM
Local
|
On CPU 0 the check for the SMCCC workaround is called before SMCCC support has been initialized. This resulted in no speculative execution workarounds being installed on CPU 0.
|
CWE-665
Improper Initialization
|
CVE-2023-5370
|
cpe:2.3:o:freebsd:freebsd:13.2:-
|
|
|
|
|
2023-11-24 18:15
2023-10-4
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
8
|
7.1
-
|
HIGH
Local
|
Before correction, the copy_file_range system call checked only for the CAP_READ and CAP_WRITE capabilities on the input and output file descriptors, respectively. Using an offset is logically equiv…
|
CWE-273
Improper Check for Dropped Privileges
|
CVE-2023-5369
|
cpe:2.3:o:freebsd:freebsd:13.2:-
|
|
|
|
|
2023-11-24 18:15
2023-10-4
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
9
|
6.5
-
|
MEDIUM
Network
|
On an msdosfs filesystem, the 'truncate' or 'ftruncate' system calls under certain circumstances populate the additional space in the file with unallocated data from the underlying disk device, rathe…
|
CWE-1188
Insecure Default Initialization of Resource
|
CVE-2023-5368
|
cpe:2.3:o:freebsd:freebsd:13.2:p3 cpe:2.3:o:freebsd:freebsd:13.2:p2 cpe:2.3:o:freebsd:freebsd:13.2:p1 cpe:2.3:…
|
13.0
|
|
|
12.4 13.2
|
2023-11-30 06:15
2023-10-4
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
10
|
7.5
-
|
HIGH
Network
In pf packet processing with a 'scrub fragment reassemble' rule, a packet containing multiple IPv6 fragment headers would be reassembled, and then immediately processed. That is, a packet with multi…
|
NVD-CWE-Other
|
CVE-2023-4809
|
cpe:2.3:o:freebsd:freebsd:13.2:p2 cpe:2.3:o:freebsd:freebsd:13.2:p1 cpe:2.3:o:freebsd:freebsd:13.2:- cpe:2.3:o…
|
13.0
|
|
|
12.4 13.2
|
2023-12-22 07:15
2023-09-7
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|