Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
FreeBSD Number Of NVD 488 CRITICAL 29 HIGH 219 MEDIUM 185 LOW 55
URL https://www.freebsd.org/
Explanation Starting with FreeBSD 11, we are switching to a model of supporting major versions for at least 5 years.
We plan to release updates to the major versions every two years.
Older versions will be supported until three months after a new minor version is released.
Tag
  • BSD

Add Information URL
No Type Name URL
1 https://www.freebsd.org/security/
2 https://www.freebsd.org/releases/
3 https://www.freebsd.org/security/unsupported.html

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
21 FreeBSD 15 15.1 June 16, 2026 June 16, 2026 March 31, 2027 March 31, 2027 0 0 0 0
22 FreeBSD 13 13.2 April 11, 2023 April 13, 2021 April 13, 2021 3 29 6 0
23 FreeBSD 12 12.4 Dec. 5, 2022 Dec. 11, 2018 June 30, 2024 18 39 22 2
24 FreeBSD 11 11.4 June 16, 2020 Oct. 10, 2016 Sept. 30, 2021 21 48 40 2
25 FreeBSD 10 10.4 Jan. 20, 2014 Jan. 20, 2014 Feb. 28, 2015 7 40 46 2
26 FreeBSD 9 9.3 July 16, 2014 Jan. 10, 2012 Dec. 31, 2016 5 38 33 6
27 FreeBSD 8 8.4 June 9, 2013 Nov. 25, 2009 Aug. 1, 2015 5 38 33 6
28 FreeBSD 7 7.4 Feb. 24, 2011 Feb. 27, 2008 Feb. 28, 2013 5 37 31 5
29 FreeBSD 6 6.4 Nov. 28, 2008 Nov. 4, 2005 Nov. 30, 2010 6 43 46 15
30 FreeBSD 5 5.5 May 25, 2006 Nov. 6, 2004 May 31, 2008 7 42 50 18
31 FreeBSD 4 4.0 March 14, 2000 Jan. 31, 2007 8 67 61 23
32 FreeBSD 3 3.0 Oct. 16, 1998 Jan. 1, 1900 6 57 47 16
33 FreeBSD 2 2.0.5 Nov. 22, 1994 Jan. 1, 1900 6 51 41 10
34 FreeBSD 1 1.0 Oct. 1, 1993 Jan. 1, 1900 26 112 90 9
35 FreeBSD 0.4_1 0.4_1 Jan. 1, 1900 6 27 30 4
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
21 8.2
-
HIGH
Local
An insufficient boundary validation in the USB code could lead to an out-of-bounds write on the heap, with data controlled by the caller. A malicious, privileged software running in a guest VM can e… CWE-787
 Out-of-bounds Write
CVE-2024-32668 cpe:2.3:o:freebsd:freebsd:14.1:p3
cpe:2.3:o:freebsd:freebsd:14.1:p2
cpe:2.3:o:freebsd:freebsd:14.1:p1
cpe:2.3:…
13.0 13.3 2024-11-21 18:15
2024-09-5
Show GitHub Exploit DB Packet Storm
22 7.5
-
HIGH
Network
A malicious value of size in a structure of packed libnv can cause an integer overflow, leading to the allocation of a smaller buffer than required for the parsed data. CWE-190
 Integer Overflow or Wraparound
CVE-2024-45287 cpe:2.3:o:freebsd:freebsd:14.1:p3
cpe:2.3:o:freebsd:freebsd:14.1:p2
cpe:2.3:o:freebsd:freebsd:14.1:p1
cpe:2.3:…
13.0 13.3 2024-11-21 18:37
2024-09-5
Show GitHub Exploit DB Packet Storm
23 8.1
-
HIGH
Network
A signal handler in sshd(8) may call a logging function that is not async-signal-safe. The signal handler is invoked when a client does not authenticate within the LoginGraceTime seconds (120 by def… CWE-362
Race Condition
CVE-2024-7589 cpe:2.3:o:freebsd:freebsd:14.1:p2
cpe:2.3:o:freebsd:freebsd:14.1:p1
cpe:2.3:o:freebsd:freebsd:14.0:rc4-p1
cpe:…

13.1


13.0
13.3
2024-11-21 18:51
2024-08-12
Show GitHub Exploit DB Packet Storm
24 7.5
-
HIGH
Network
A logic bug in the code which disables kernel tracing for setuid programs meant that tracing was not disabled when it should have, allowing unprivileged users to trace and inspect the behavior of set… NVD-CWE-noinfo
CVE-2024-6760 cpe:2.3:o:freebsd:freebsd:14.1:p2
cpe:2.3:o:freebsd:freebsd:14.1:p1
cpe:2.3:o:freebsd:freebsd:14.0:rc4-p1
cpe:…

13.1


13.0
13.3
2024-11-21 18:50
2024-08-12
Show GitHub Exploit DB Packet Storm
25 5.3
-
MEDIUM
Network
When mounting a remote filesystem using NFS, the kernel did not sanitize remotely provided filenames for the path separator character, "/". This allows readdir(3) and related functions to return fil… CWE-22
Path Traversal
CVE-2024-6759 cpe:2.3:o:freebsd:freebsd:14.1:p2
cpe:2.3:o:freebsd:freebsd:14.1:p1
cpe:2.3:o:freebsd:freebsd:14.0:rc4-p1
cpe:…

13.1


13.0
13.3
2024-11-21 18:50
2024-08-12
Show GitHub Exploit DB Packet Storm
26 8.1
-
HIGH
Network
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote a… CWE-362
Race Condition
CVE-2024-6387 cpe:2.3:o:freebsd:freebsd:14.1:p1
cpe:2.3:o:freebsd:freebsd:14.1:-
cpe:2.3:o:freebsd:freebsd:14.0:rc4-p1
cpe:2…
2024-11-21 18:49
2024-07-1
Show GitHub Exploit DB Packet Storm
27 5.3
-
MEDIUM
Network
sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowi… CWE-345
 Insufficient Verification of Data Authenticity
CVE-2023-51765 cpe:2.3:o:freebsd:freebsd:*:* 11.0 2024-11-21 17:38
2023-12-24
Show GitHub Exploit DB Packet Storm
28 5.9
-
MEDIUM
Network
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from… CWE-354
 Improper Validation of Integrity Check Value
CVE-2023-48795 cpe:2.3:o:freebsd:freebsd:*:* 12.4 2024-11-21 17:32
2023-12-19
Show GitHub Exploit DB Packet Storm
29 7.5
-
HIGH
Network
In versions of FreeBSD 14.0-RELEASE before 14-RELEASE-p2, FreeBSD 13.2-RELEASE before 13.2-RELEASE-p7 and FreeBSD 12.4-RELEASE before 12.4-RELEASE-p9, the pf(4) packet filter incorrectly validates TC… NVD-CWE-noinfo
CVE-2023-6534 cpe:2.3:o:freebsd:freebsd:14.0:rc4-p1
cpe:2.3:o:freebsd:freebsd:14.0:rc3
cpe:2.3:o:freebsd:freebsd:14.0:p1
cpe…
2024-11-21 17:44
2023-12-13
Show GitHub Exploit DB Packet Storm
30 6.5
-
MEDIUM
Network
When a program running on an affected system appends data to a file via an NFS client mount, the bug can cause the NFS client to fail to copy in the data to be written but proceed as though the copy … NVD-CWE-noinfo
CVE-2023-6660 cpe:2.3:o:freebsd:freebsd:14.0:rc4-p1
cpe:2.3:o:freebsd:freebsd:14.0:rc3
cpe:2.3:o:freebsd:freebsd:14.0:p2
cpe…
2024-11-21 17:44
2023-12-13
Show GitHub Exploit DB Packet Storm