Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
FreeBSD Number Of NVD 488 CRITICAL 29 HIGH 219 MEDIUM 185 LOW 55
URL https://www.freebsd.org/
Explanation Starting with FreeBSD 11, we are switching to a model of supporting major versions for at least 5 years.
We plan to release updates to the major versions every two years.
Older versions will be supported until three months after a new minor version is released.
Tag
  • BSD

Add Information URL
No Type Name URL
1 https://www.freebsd.org/security/
2 https://www.freebsd.org/releases/
3 https://www.freebsd.org/security/unsupported.html

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
121 FreeBSD 15 15.1 June 16, 2026 June 16, 2026 March 31, 2027 March 31, 2027 0 0 0 0
122 FreeBSD 13 13.2 April 11, 2023 April 13, 2021 April 13, 2021 3 29 6 0
123 FreeBSD 12 12.4 Dec. 5, 2022 Dec. 11, 2018 June 30, 2024 18 39 22 2
124 FreeBSD 11 11.4 June 16, 2020 Oct. 10, 2016 Sept. 30, 2021 21 48 40 2
125 FreeBSD 10 10.4 Jan. 20, 2014 Jan. 20, 2014 Feb. 28, 2015 7 40 46 2
126 FreeBSD 9 9.3 July 16, 2014 Jan. 10, 2012 Dec. 31, 2016 5 38 33 6
127 FreeBSD 8 8.4 June 9, 2013 Nov. 25, 2009 Aug. 1, 2015 5 38 33 6
128 FreeBSD 7 7.4 Feb. 24, 2011 Feb. 27, 2008 Feb. 28, 2013 5 37 31 5
129 FreeBSD 6 6.4 Nov. 28, 2008 Nov. 4, 2005 Nov. 30, 2010 6 43 46 15
130 FreeBSD 5 5.5 May 25, 2006 Nov. 6, 2004 May 31, 2008 7 42 50 18
131 FreeBSD 4 4.0 March 14, 2000 Jan. 31, 2007 8 67 61 23
132 FreeBSD 3 3.0 Oct. 16, 1998 Jan. 1, 1900 6 57 47 16
133 FreeBSD 2 2.0.5 Nov. 22, 1994 Jan. 1, 1900 6 51 41 10
134 FreeBSD 1 1.0 Oct. 1, 1993 Jan. 1, 1900 26 112 90 9
135 FreeBSD 0.4_1 0.4_1 Jan. 1, 1900 6 27 30 4
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
121 3.7
4.3
LOW
Network
The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD suppo… CWE-203
 Information Exposure Through Discrepancy
CVE-2019-9495 cpe:2.3:o:freebsd:freebsd:12.0:p3
cpe:2.3:o:freebsd:freebsd:12.0:p2
cpe:2.3:o:freebsd:freebsd:12.0:p1
cpe:2.3:…
2024-11-21 13:51
2019-04-17
Show GitHub Exploit DB Packet Storm
122 5.9
4.3
MEDIUM
Network
The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain… CWE-203
 Information Exposure Through Discrepancy
CVE-2019-9494 cpe:2.3:o:freebsd:freebsd:12.0:p3
cpe:2.3:o:freebsd:freebsd:12.0:p2
cpe:2.3:o:freebsd:freebsd:12.0:p1
cpe:2.3:…
2024-11-21 13:51
2019-04-17
Show GitHub Exploit DB Packet Storm
123 5.9
5.8
MEDIUM
Network
An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only perf… CWE-22
Path Traversal
CVE-2019-6111 cpe:2.3:o:freebsd:freebsd:12.0:p3
cpe:2.3:o:freebsd:freebsd:12.0:p2
cpe:2.3:o:freebsd:freebsd:12.0:p1
cpe:2.3:…
12.0 2024-11-21 13:45
2019-02-1
Show GitHub Exploit DB Packet Storm
124 9.8
7.5
CRITICAL
Network
In FreeBSD before 11.2-STABLE(r348229), 11.2-RELEASE-p7, 12.0-STABLE(r342228), and 12.0-RELEASE-p1, insufficient validation of network-provided data in bootpd may make it possible for a malicious att… CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2018-17161 cpe:2.3:o:freebsd:freebsd:12.0:-
cpe:2.3:o:freebsd:freebsd:11.2:p6
cpe:2.3:o:freebsd:freebsd:11.2:p5
cpe:2.3:o…
2024-11-21 12:53
2019-01-4
Show GitHub Exploit DB Packet Storm
125 10.0
10.0
CRITICAL
Network
In FreeBSD before 11.2-STABLE(r341486) and 11.2-RELEASE-p6, insufficient bounds checking in one of the device models provided by bhyve can permit a guest operating system to overwrite memory in the b… CWE-787
 Out-of-bounds Write
CVE-2018-17160 cpe:2.3:o:freebsd:freebsd:11.2:p5
cpe:2.3:o:freebsd:freebsd:*:*
11.2 2024-11-21 12:53
2018-12-5
Show GitHub Exploit DB Packet Storm
126 7.5
7.8
HIGH
Network
In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, the NFS server lacks a bounds check in the READDIRPLUS NFS request. Unprivileged remote users with access to the NFS server can cause a res… CWE-400
 Uncontrolled Resource Consumption
CVE-2018-17159 cpe:2.3:o:freebsd:freebsd:11.2:p5
cpe:2.3:o:freebsd:freebsd:*:*
11.2 2024-11-21 12:53
2018-12-5
Show GitHub Exploit DB Packet Storm
127 7.5
7.8
HIGH
Network
In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer overflow error can occur when handling the client address length field in an NFSv4 request. Unprivileged remote users with acces… CWE-190
 Integer Overflow or Wraparound
CVE-2018-17158 cpe:2.3:o:freebsd:freebsd:11.2:p5
cpe:2.3:o:freebsd:freebsd:*:*
11.2 2024-11-21 12:53
2018-12-5
Show GitHub Exploit DB Packet Storm
128 9.8
10.0
CRITICAL
Network
In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer overflow error when handling opcodes can cause memory corruption by sending a specially crafted NFSv4 request. Unprivileged remo… CWE-190
 Integer Overflow or Wraparound
CVE-2018-17157 cpe:2.3:o:freebsd:freebsd:11.2:p4
cpe:2.3:o:freebsd:freebsd:*:*
11.2 2024-11-21 12:53
2018-12-5
Show GitHub Exploit DB Packet Storm
129 5.9
4.3
MEDIUM
Network
In FreeBSD before 11.2-STABLE(r340268) and 11.2-RELEASE-p5, due to incorrectly accounting for padding on 64-bit platforms, a buffer underwrite could occur when constructing an ICMP reply packet when … CWE-787
 Out-of-bounds Write
CVE-2018-17156 cpe:2.3:o:freebsd:freebsd:11.2:p5
cpe:2.3:o:freebsd:freebsd:*:*
11.2 2024-11-21 12:53
2018-11-29
Show GitHub Exploit DB Packet Storm
130 5.5
4.9
MEDIUM
Local
In FreeBSD before 11.2-STABLE(r338986), 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLE(r338985), and 10.4-RELEASE-p13, due to improper maintenance of IPv6 protocol control block flags through various… CWE-476
 NULL Pointer Dereference
CVE-2018-6925 cpe:2.3:o:freebsd:freebsd:11.2:p4
cpe:2.3:o:freebsd:freebsd:11.1:p15
cpe:2.3:o:freebsd:freebsd:10.4:p13
cpe:2.…
11.2 2024-11-21 13:11
2018-09-28
Show GitHub Exploit DB Packet Storm