Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
FreeBSD Number Of NVD 488 CRITICAL 29 HIGH 219 MEDIUM 185 LOW 55
URL https://www.freebsd.org/
Explanation Starting with FreeBSD 11, we are switching to a model of supporting major versions for at least 5 years.
We plan to release updates to the major versions every two years.
Older versions will be supported until three months after a new minor version is released.
Tag
  • BSD

Add Information URL
No Type Name URL
1 https://www.freebsd.org/security/
2 https://www.freebsd.org/releases/
3 https://www.freebsd.org/security/unsupported.html

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
111 FreeBSD 15 15.1 June 16, 2026 June 16, 2026 March 31, 2027 March 31, 2027 0 0 0 0
112 FreeBSD 13 13.2 April 11, 2023 April 13, 2021 April 13, 2021 3 29 6 0
113 FreeBSD 12 12.4 Dec. 5, 2022 Dec. 11, 2018 June 30, 2024 18 39 22 2
114 FreeBSD 11 11.4 June 16, 2020 Oct. 10, 2016 Sept. 30, 2021 21 48 40 2
115 FreeBSD 10 10.4 Jan. 20, 2014 Jan. 20, 2014 Feb. 28, 2015 7 40 46 2
116 FreeBSD 9 9.3 July 16, 2014 Jan. 10, 2012 Dec. 31, 2016 5 38 33 6
117 FreeBSD 8 8.4 June 9, 2013 Nov. 25, 2009 Aug. 1, 2015 5 38 33 6
118 FreeBSD 7 7.4 Feb. 24, 2011 Feb. 27, 2008 Feb. 28, 2013 5 37 31 5
119 FreeBSD 6 6.4 Nov. 28, 2008 Nov. 4, 2005 Nov. 30, 2010 6 43 46 15
120 FreeBSD 5 5.5 May 25, 2006 Nov. 6, 2004 May 31, 2008 7 42 50 18
121 FreeBSD 4 4.0 March 14, 2000 Jan. 31, 2007 8 67 61 23
122 FreeBSD 3 3.0 Oct. 16, 1998 Jan. 1, 1900 6 57 47 16
123 FreeBSD 2 2.0.5 Nov. 22, 1994 Jan. 1, 1900 6 51 41 10
124 FreeBSD 1 1.0 Oct. 1, 1993 Jan. 1, 1900 26 112 90 9
125 FreeBSD 0.4_1 0.4_1 Jan. 1, 1900 6 27 30 4
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
111 7.8
7.2
HIGH
Local
In FreeBSD 12.0-STABLE before r350261, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r350263, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, system calls ope… CWE-404
 Improper Resource Shutdown or Release
CVE-2019-5603 cpe:2.3:o:freebsd:freebsd:12.0:p7
cpe:2.3:o:freebsd:freebsd:12.0:p6
cpe:2.3:o:freebsd:freebsd:12.0:p5
cpe:2.3:…
2024-11-21 13:45
2019-07-26
Show GitHub Exploit DB Packet Storm
112 8.8
9.0
HIGH
Network
In FreeBSD 12.0-STABLE before r349628, 12.0-RELEASE before 12.0-RELEASE-p7, 11.3-PRERELEASE before r349629, 11.3-RC3 before 11.3-RC3-p1, and 11.2-RELEASE before 11.2-RELEASE-p11, a bug in the cdrom d… CWE-787
CWE-863
 Out-of-bounds Write
 Incorrect Authorization
CVE-2019-5602 cpe:2.3:o:freebsd:freebsd:12.0:p6
cpe:2.3:o:freebsd:freebsd:12.0:p5
cpe:2.3:o:freebsd:freebsd:12.0:p4
cpe:2.3:…
2024-11-21 13:45
2019-07-4
Show GitHub Exploit DB Packet Storm
113 6.5
4.0
MEDIUM
Network
In FreeBSD 12.0-STABLE before r347474, 12.0-RELEASE before 12.0-RELEASE-p7, 11.2-STABLE before r347475, and 11.2-RELEASE before 11.2-RELEASE-p11, a bug in the FFS implementation causes up to three by… CWE-200
Information Exposure
CVE-2019-5601 cpe:2.3:o:freebsd:freebsd:12.0:p6
cpe:2.3:o:freebsd:freebsd:12.0:p5
cpe:2.3:o:freebsd:freebsd:12.0:p4
cpe:2.3:…
2024-11-21 13:45
2019-07-4
Show GitHub Exploit DB Packet Storm
114 9.8
7.5
CRITICAL
Network
In FreeBSD 12.0-STABLE before r349622, 12.0-RELEASE before 12.0-RELEASE-p7, 11.3-PRERELEASE before r349624, 11.3-RC3 before 11.3-RC3-p1, and 11.2-RELEASE before 11.2-RELEASE-p11, a bug in iconv imple… CWE-787
 Out-of-bounds Write
CVE-2019-5600 cpe:2.3:o:freebsd:freebsd:12.0:p6
cpe:2.3:o:freebsd:freebsd:12.0:p5
cpe:2.3:o:freebsd:freebsd:12.0:p4
cpe:2.3:…
2024-11-21 13:45
2019-07-4
Show GitHub Exploit DB Packet Storm
115 7.5
7.8
HIGH
Network
In FreeBSD 12.0-STABLE before r349197 and 12.0-RELEASE before 12.0-RELEASE-p6, a bug in the non-default RACK TCP stack can allow an attacker to cause several linked lists to grow unbounded and cause … CWE-770
 Allocation of Resources Without Limits or Throttling
CVE-2019-5599 cpe:2.3:o:freebsd:freebsd:12.0:p5
cpe:2.3:o:freebsd:freebsd:12.0:p4
cpe:2.3:o:freebsd:freebsd:12.0:p3
cpe:2.3:…
2024-11-21 13:45
2019-07-3
Show GitHub Exploit DB Packet Storm
116 9.8
7.5
CRITICAL
Network
BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors. CWE-787
 Out-of-bounds Write
CVE-2019-12900 cpe:2.3:o:freebsd:freebsd:12.0:p8
cpe:2.3:o:freebsd:freebsd:12.0:p7
cpe:2.3:o:freebsd:freebsd:12.0:p6
cpe:2.3:…
2024-11-21 13:23
2019-06-20
Show GitHub Exploit DB Packet Storm
117 7.5
5.0
HIGH
Network
In FreeBSD 11.3-PRERELEASE before r345378, 12.0-STABLE before r345377, 11.2-RELEASE before 11.2-RELEASE-p10, and 12.0-RELEASE before 12.0-RELEASE-p4, a bug in pf does not check if the outer ICMP or I… CWE-20
 Improper Input Validation 
CVE-2019-5598 cpe:2.3:o:freebsd:freebsd:12.0:p3
cpe:2.3:o:freebsd:freebsd:12.0:p1
cpe:2.3:o:freebsd:freebsd:12.0:-
cpe:2.3:o…
2024-11-21 13:45
2019-05-16
Show GitHub Exploit DB Packet Storm
118 9.1
6.4
CRITICAL
Network
In FreeBSD 11.3-PRERELEASE and 12.0-STABLE before r347591, 11.2-RELEASE before 11.2-RELEASE-p10, and 12.0-RELEASE before 12.0-RELEASE-p4, a bug in the pf IPv6 fragment reassembly logic incorrectly us… CWE-20
 Improper Input Validation 
CVE-2019-5597 cpe:2.3:o:freebsd:freebsd:12.0:p3
cpe:2.3:o:freebsd:freebsd:12.0:p1
cpe:2.3:o:freebsd:freebsd:12.0:-
cpe:2.3:o…
2024-11-21 13:45
2019-05-16
Show GitHub Exploit DB Packet Storm
119 8.1
6.8
HIGH
Network
The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-p… CWE-287
Improper Authentication
CVE-2019-9499 cpe:2.3:o:freebsd:freebsd:12.0:p3
cpe:2.3:o:freebsd:freebsd:12.0:p2
cpe:2.3:o:freebsd:freebsd:12.0:p1
cpe:2.3:…
11.0 11.1 2024-11-21 13:51
2019-04-17
Show GitHub Exploit DB Packet Storm
120 8.1
6.8
HIGH
Network
The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Co… CWE-287
Improper Authentication
CVE-2019-9498 cpe:2.3:o:freebsd:freebsd:12.0:p3
cpe:2.3:o:freebsd:freebsd:12.0:p2
cpe:2.3:o:freebsd:freebsd:12.0:p1
cpe:2.3:…
11.0 11.1 2024-11-21 13:51
2019-04-17
Show GitHub Exploit DB Packet Storm