|
131
|
5.5
2.1
|
MEDIUM
Local
|
In FreeBSD before 11.2-STABLE(r338983), 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLE(r338984), and 10.4-RELEASE-p13, due to insufficient initialization of memory copied to userland in the getcontex…
|
CWE-200
Information Exposure
|
CVE-2018-17155
|
cpe:2.3:o:freebsd:freebsd:11.2:p4 cpe:2.3:o:freebsd:freebsd:11.1:p15 cpe:2.3:o:freebsd:freebsd:10.4:p13 cpe:2.…
|
|
|
|
11.2
|
2024-11-21 12:53
2018-09-28
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
132
|
5.5
4.9
|
MEDIUM
Local
|
In FreeBSD before 11.2-STABLE(r338987), 11.2-RELEASE-p4, and 11.1-RELEASE-p15, due to insufficient memory checking in the freebsd4_getfsstat system call, a NULL pointer dereference can occur. Unprivi…
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-17154
|
cpe:2.3:o:freebsd:freebsd:11.2:p4 cpe:2.3:o:freebsd:freebsd:11.1:p15 cpe:2.3:o:freebsd:freebsd:*:*
|
|
|
|
11.2
|
2024-11-21 12:53
2018-09-28
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
133
|
7.1
5.6
|
HIGH
Local
|
In FreeBSD before 11.1-STABLE, 11.2-RELEASE-p3, 11.1-RELEASE-p14, 10.4-STABLE, and 10.4-RELEASE-p12, insufficient validation in the ELF header parser could allow a malicious ELF binary to cause a ker…
|
CWE-20
Improper Input Validation
|
CVE-2018-6924
|
cpe:2.3:o:freebsd:freebsd:11.2:* cpe:2.3:o:freebsd:freebsd:10.4:* cpe:2.3:o:freebsd:freebsd:*:*
|
11.0
|
|
|
11.1
|
2024-11-21 13:11
2018-09-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
134
|
7.8
7.2
|
HIGH
Local
|
In FreeBSD before 11.2-RELEASE, an application which calls setrlimit() to increase RLIMIT_STACK may turn a read-only memory region below the stack into a read-write region. A specially crafted execut…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-1085
|
cpe:2.3:o:freebsd:freebsd:*:*
|
|
|
|
11.2
|
2024-11-21 12:21
2018-09-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
135
|
7.5
7.8
|
HIGH
Network
|
In FreeBSD before 11.2-RELEASE, multiple issues with the implementation of the stack guard-page reduce the protections afforded by the guard-page. This results in the possibility a poorly written pro…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-1084
|
cpe:2.3:o:freebsd:freebsd:*:*
|
|
|
|
11.2
|
2024-11-21 12:21
2018-09-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
136
|
7.5
7.8
|
HIGH
Network
|
In FreeBSD before 11.2-RELEASE, a stack guard-page is available but is disabled by default. This results in the possibility a poorly written process could be cause a stack overflow.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-1083
|
cpe:2.3:o:freebsd:freebsd:*:*
|
|
|
|
11.2
|
2024-11-21 12:21
2018-09-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
137
|
7.5
5.0
|
HIGH
Network
|
In FreeBSD 11.x before 11.1-RELEASE and 10.x before 10.4-RELEASE, the qsort algorithm has a deterministic recursion pattern. Feeding a pathological input to the algorithm can lead to excessive stack …
|
CWE-20
Improper Input Validation
|
CVE-2017-1082
|
cpe:2.3:o:freebsd:freebsd:*:*
|
11.0 10.0
|
10.4
|
|
11.1
|
2024-11-21 12:21
2018-09-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
138
|
7.5
7.8
|
HIGH
Network
|
In FreeBSD before 11.1-STABLE, 11.2-RELEASE-p2, 11.1-RELEASE-p13, ip fragment reassembly code is vulnerable to a denial of service due to excessive system resource consumption. This issue can allow a…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2018-6923
|
cpe:2.3:o:freebsd:freebsd:9.3:* cpe:2.3:o:freebsd:freebsd:9.2:* cpe:2.3:o:freebsd:freebsd:9.1:* cpe:2.3:o:free…
|
|
|
|
|
2024-11-21 13:11
2018-09-5
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
139
|
5.3
5.0
|
MEDIUM
Network
|
One of the data structures that holds TCP segments in all versions of FreeBSD prior to 11.2-RELEASE-p1, 11.1-RELEASE-p12, and 10.4-RELEASE-p10 uses an inefficient algorithm to reassemble the data. Th…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2018-6922
|
cpe:2.3:o:freebsd:freebsd:11.2:- cpe:2.3:o:freebsd:freebsd:11.1:p9 cpe:2.3:o:freebsd:freebsd:11.1:p7 cpe:2.3:o…
|
|
|
|
|
2024-11-21 13:11
2018-08-10
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
140
|
9.8
7.5
|
CRITICAL
Network
|
Improper bounds checking of the obuf variable in the link_ntoa() function in linkaddr.c of the BSD libc library may allow an attacker to read or write from memory. The full impact and severity depend…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-6559
|
cpe:2.3:o:freebsd:freebsd:9.3:* cpe:2.3:o:freebsd:freebsd:11.0:* cpe:2.3:o:freebsd:freebsd:10.3:* cpe:2.3:o:fr…
|
|
|
|
|
2024-11-21 11:56
2018-07-14
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|