|
61
|
7.5
8.5
|
HIGH
Network
|
In FreeBSD 12.2-STABLE before r369312, 11.4-STABLE before r369313, 12.2-RELEASE before p4 and 11.4-RELEASE before p8 due to a race condition in the jail_remove(2) implementation, it may fail to kill …
|
CWE-362
Race Condition
|
CVE-2020-25581
|
cpe:2.3:o:freebsd:freebsd:12.2:p3 cpe:2.3:o:freebsd:freebsd:12.2:p2 cpe:2.3:o:freebsd:freebsd:12.2:p1 cpe:2.3:…
|
|
|
|
|
2024-11-21 14:18
2021-03-27
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
62
|
5.3
5.0
|
MEDIUM
Network
|
In FreeBSD 12.2-STABLE before r369346, 11.4-STABLE before r369345, 12.2-RELEASE before p4 and 11.4-RELEASE before p8 a regression in the login.access(5) rule processor has the effect of causing rules…
|
CWE-697
Incorrect Comparison
|
CVE-2020-25580
|
cpe:2.3:o:freebsd:freebsd:12.2:p3 cpe:2.3:o:freebsd:freebsd:12.2:p2 cpe:2.3:o:freebsd:freebsd:12.2:p1 cpe:2.3:…
|
|
|
|
|
2024-11-21 14:18
2021-03-27
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
63
|
5.3
5.0
|
MEDIUM
Network
|
In FreeBSD 12.2-STABLE before r368969, 11.4-STABLE before r369047, 12.2-RELEASE before p3, 12.1-RELEASE before p13 and 11.4-RELEASE before p7 msdosfs(5) was failing to zero-fill a pair of padding fie…
|
CWE-909
Missing Initialization of Resource
|
CVE-2020-25579
|
cpe:2.3:o:freebsd:freebsd:12.2:p2 cpe:2.3:o:freebsd:freebsd:12.2:p1 cpe:2.3:o:freebsd:freebsd:12.2:- cpe:2.3:o…
|
|
|
|
|
2024-11-21 14:18
2021-03-27
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
64
|
5.3
5.0
|
MEDIUM
Network
|
In FreeBSD 12.2-STABLE before r368969, 11.4-STABLE before r369047, 12.2-RELEASE before p3, 12.1-RELEASE before p13 and 11.4-RELEASE before p7 several file systems were not properly initializing the d…
|
CWE-665
Improper Initialization
|
CVE-2020-25578
|
cpe:2.3:o:freebsd:freebsd:12.2:p2 cpe:2.3:o:freebsd:freebsd:12.2:p1 cpe:2.3:o:freebsd:freebsd:12.2:- cpe:2.3:o…
|
|
|
|
|
2024-11-21 14:18
2021-03-27
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
65
|
7.4
5.8
|
HIGH
Network
|
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disal…
|
CWE-295
Improper Certificate Validation
|
CVE-2021-3450
|
cpe:2.3:o:freebsd:freebsd:12.2:p2 cpe:2.3:o:freebsd:freebsd:12.2:p1 cpe:2.3:o:freebsd:freebsd:12.2:-
|
|
|
|
|
2024-11-21 15:21
2021-03-26
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
66
|
5.9
4.3
|
MEDIUM
Network
|
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where i…
|
CWE-476
NULL Pointer Dereference
|
CVE-2021-3449
|
cpe:2.3:o:freebsd:freebsd:12.2:p2 cpe:2.3:o:freebsd:freebsd:12.2:p1 cpe:2.3:o:freebsd:freebsd:12.2:-
|
|
|
|
|
2024-11-21 15:21
2021-03-26
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
67
|
8.2
7.2
|
HIGH
Local
|
bhyve, as used in FreeBSD through 12.1 and illumos (e.g., OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04), does not properly restrict VMCS and VMCB read/write operations, as demons…
|
CWE-862
Missing Authorization
|
CVE-2020-24718
|
cpe:2.3:o:freebsd:freebsd:12.1:p9 cpe:2.3:o:freebsd:freebsd:12.1:p8 cpe:2.3:o:freebsd:freebsd:12.1:p7 cpe:2.3:…
|
|
11.2
|
|
|
2024-11-21 14:15
2020-09-25
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
68
|
5.5
4.9
|
MEDIUM
Local
|
A memory corruption vulnerability was found in the kernel function kern_getfsstat in MidnightBSD before 1.2.7 and 1.3 through 2020-08-19, and FreeBSD through 11.4, that allows an attacker to trigger …
|
CWE-787
Out-of-bounds Write
|
CVE-2020-24863
|
cpe:2.3:o:freebsd:freebsd:*:*
|
|
11.4
|
|
|
2024-11-21 14:16
2020-09-4
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
69
|
5.5
4.9
|
MEDIUM
Local
|
In MidnightBSD before 1.2.6 and 1.3 before August 2020, and FreeBSD before 7, a NULL pointer dereference was found in the Linux emulation layer that allows attackers to crash the running kernel. Duri…
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-24385
|
cpe:2.3:o:freebsd:freebsd:*:*
|
|
7.0
|
|
|
2024-11-21 14:14
2020-09-4
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
70
|
7.0
4.4
|
HIGH
Local
|
In FreeBSD 12.1-STABLE before r363918, 12.1-RELEASE before p8, 11.4-STABLE before r363919, 11.4-RELEASE before p2, and 11.3-RELEASE before p12, the sendmsg system call in the compat32 subsystem on 64…
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2020-7460
|
cpe:2.3:o:freebsd:freebsd:12.1:p7 cpe:2.3:o:freebsd:freebsd:12.1:p6 cpe:2.3:o:freebsd:freebsd:12.1:p4 cpe:2.3:…
|
|
|
|
|
2024-11-21 14:37
2020-08-7
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|