Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
FreeBSD Number Of NVD 488 CRITICAL 29 HIGH 219 MEDIUM 185 LOW 55
URL https://www.freebsd.org/
Explanation Starting with FreeBSD 11, we are switching to a model of supporting major versions for at least 5 years.
We plan to release updates to the major versions every two years.
Older versions will be supported until three months after a new minor version is released.
Tag
  • BSD

Add Information URL
No Type Name URL
1 https://www.freebsd.org/security/
2 https://www.freebsd.org/releases/
3 https://www.freebsd.org/security/unsupported.html

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
91 FreeBSD 15 15.1 June 16, 2026 June 16, 2026 March 31, 2027 March 31, 2027 0 0 0 0
92 FreeBSD 13 13.2 April 11, 2023 April 13, 2021 April 13, 2021 3 29 6 0
93 FreeBSD 12 12.4 Dec. 5, 2022 Dec. 11, 2018 June 30, 2024 18 39 22 2
94 FreeBSD 11 11.4 June 16, 2020 Oct. 10, 2016 Sept. 30, 2021 21 48 40 2
95 FreeBSD 10 10.4 Jan. 20, 2014 Jan. 20, 2014 Feb. 28, 2015 7 40 46 2
96 FreeBSD 9 9.3 July 16, 2014 Jan. 10, 2012 Dec. 31, 2016 5 38 33 6
97 FreeBSD 8 8.4 June 9, 2013 Nov. 25, 2009 Aug. 1, 2015 5 38 33 6
98 FreeBSD 7 7.4 Feb. 24, 2011 Feb. 27, 2008 Feb. 28, 2013 5 37 31 5
99 FreeBSD 6 6.4 Nov. 28, 2008 Nov. 4, 2005 Nov. 30, 2010 6 43 46 15
100 FreeBSD 5 5.5 May 25, 2006 Nov. 6, 2004 May 31, 2008 7 42 50 18
101 FreeBSD 4 4.0 March 14, 2000 Jan. 31, 2007 8 67 61 23
102 FreeBSD 3 3.0 Oct. 16, 1998 Jan. 1, 1900 6 57 47 16
103 FreeBSD 2 2.0.5 Nov. 22, 1994 Jan. 1, 1900 6 51 41 10
104 FreeBSD 1 1.0 Oct. 1, 1993 Jan. 1, 1900 26 112 90 9
105 FreeBSD 0.4_1 0.4_1 Jan. 1, 1900 6 27 30 4
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
91 7.5
7.8
HIGH
Network
The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets contain… CWE-400
 Uncontrolled Resource Consumption
CVE-2012-5365 cpe:2.3:o:freebsd:freebsd:*:* 9.2 2024-11-21 10:44
2020-02-21
Show GitHub Exploit DB Packet Storm
92 7.5
7.8
HIGH
Network
The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a di… CWE-400
 Uncontrolled Resource Consumption
CVE-2012-5363 cpe:2.3:o:freebsd:freebsd:*:* 9.2 2024-11-21 10:44
2020-02-21
Show GitHub Exploit DB Packet Storm
93 6.5
3.3
MEDIUM
Adjacent
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in FreeBSD through 10.1 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advert… CWE-20
 Improper Input Validation 
CVE-2015-2923 cpe:2.3:o:freebsd:freebsd:*:* 10.1 2024-11-21 11:28
2020-02-20
Show GitHub Exploit DB Packet Storm
94 9.8
7.5
CRITICAL
Network
OpenPAM Nummularia 9.2 through 10.0 does not properly handle the error reported when an include directive refers to a policy that does not exist, which causes the loaded policy chain to no be discard… CWE-287
Improper Authentication
CVE-2014-3879 cpe:2.3:o:freebsd:freebsd:*:* 9.2 2024-11-21 11:09
2020-02-19
Show GitHub Exploit DB Packet Storm
95 9.8
7.5
CRITICAL
Network
In FreeBSD 12.1-STABLE before r357213, 12.1-RELEASE before 12.1-RELEASE-p2, 12.0-RELEASE before 12.0-RELEASE-p13, 11.3-STABLE before r357214, and 11.3-RELEASE before 11.3-RELEASE-p6, URL handling in … CWE-787
 Out-of-bounds Write
CVE-2020-7450 cpe:2.3:o:freebsd:freebsd:12.1:p1
cpe:2.3:o:freebsd:freebsd:12.1:-
cpe:2.3:o:freebsd:freebsd:12.0:p9
cpe:2.3:o…
2024-11-21 14:37
2020-02-19
Show GitHub Exploit DB Packet Storm
96 9.8
7.5
CRITICAL
Network
In FreeBSD 12.0-RELEASE before 12.0-RELEASE-p13, a missing check in the ipsec packet processor allows reinjection of an old packet to be accepted by the ipsec endpoint. Depending on the higher-level … CWE-345
 Insufficient Verification of Data Authenticity
CVE-2019-5613 cpe:2.3:o:freebsd:freebsd:12.0:p9
cpe:2.3:o:freebsd:freebsd:12.0:p8
cpe:2.3:o:freebsd:freebsd:12.0:p7
cpe:2.3:…
2024-11-21 13:45
2020-02-19
Show GitHub Exploit DB Packet Storm
97 3.3
2.1
LOW
Local
In FreeBSD 12.1-STABLE before r354734, 12.1-RELEASE before 12.1-RELEASE-p2, 12.0-RELEASE before 12.0-RELEASE-p13, 11.3-STABLE before r354735, and 11.3-RELEASE before 11.3-RELEASE-p6, due to incorrect… CWE-665
 Improper Initialization
CVE-2019-15875 cpe:2.3:o:freebsd:freebsd:12.1:p1
cpe:2.3:o:freebsd:freebsd:12.1:-
cpe:2.3:o:freebsd:freebsd:12.0:p9
cpe:2.3:o…
2024-11-21 13:29
2020-02-19
Show GitHub Exploit DB Packet Storm
98 7.5
7.8
HIGH
Network
regcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion. CWE-400
 Uncontrolled Resource Consumption
CVE-2011-3336 cpe:2.3:o:freebsd:freebsd:8.2:- 2024-11-21 10:30
2020-02-13
Show GitHub Exploit DB Packet Storm
99 7.4
4.9
HIGH
Adjacent
A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make pos… - CVE-2019-14899 cpe:2.3:o:freebsd:freebsd:-:* 2024-11-21 13:27
2019-12-12
Show GitHub Exploit DB Packet Storm
100 7.8
7.2
HIGH
Local
FreeBSD: Input Validation Flaw allows local users to gain elevated privileges CWE-20
 Improper Input Validation 
CVE-2012-4576 cpe:2.3:o:freebsd:freebsd:9.1:-
cpe:2.3:o:freebsd:freebsd:9.0:-
cpe:2.3:o:freebsd:freebsd:8.3:-
cpe:2.3:o:free…
2024-11-21 10:43
2019-12-3
Show GitHub Exploit DB Packet Storm