| FreeBSD | Number Of NVD | 488 | CRITICAL | 29 | HIGH | 219 | MEDIUM | 185 | LOW | 55 |
| URL | https://www.freebsd.org/ | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Explanation | Starting with FreeBSD 11, we are switching to a model of supporting major versions for at least 5 years. We plan to release updates to the major versions every two years. Older versions will be supported until three months after a new minor version is released. |
||||||||
| Tag | |||||||||
| No | Type | Name | URL |
|---|---|---|---|
| 1 | https://www.freebsd.org/security/ | ||
| 2 | https://www.freebsd.org/releases/ | ||
| 3 | https://www.freebsd.org/security/unsupported.html |
| No | Name | Latest Version | Release date | Initial release | Normal Support | Security Support Service Pack Support |
Extended for a fee |
Critical | High | Medium | Low |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 71 | FreeBSD 15 | 15.1 | June 16, 2026 | June 16, 2026 | March 31, 2027 | March 31, 2027 | 0 | 0 | 0 | 0 | |
| 72 | FreeBSD 13 | 13.2 | April 11, 2023 | April 13, 2021 | April 13, 2021 | 3 | 29 | 6 | 0 | ||
| 73 | FreeBSD 12 | 12.4 | Dec. 5, 2022 | Dec. 11, 2018 | June 30, 2024 | 18 | 39 | 22 | 2 | ||
| 74 | FreeBSD 11 | 11.4 | June 16, 2020 | Oct. 10, 2016 | Sept. 30, 2021 | 21 | 48 | 40 | 2 | ||
| 75 | FreeBSD 10 | 10.4 | Jan. 20, 2014 | Jan. 20, 2014 | Feb. 28, 2015 | 7 | 40 | 46 | 2 | ||
| 76 | FreeBSD 9 | 9.3 | July 16, 2014 | Jan. 10, 2012 | Dec. 31, 2016 | 5 | 38 | 33 | 6 | ||
| 77 | FreeBSD 8 | 8.4 | June 9, 2013 | Nov. 25, 2009 | Aug. 1, 2015 | 5 | 38 | 33 | 6 | ||
| 78 | FreeBSD 7 | 7.4 | Feb. 24, 2011 | Feb. 27, 2008 | Feb. 28, 2013 | 5 | 37 | 31 | 5 | ||
| 79 | FreeBSD 6 | 6.4 | Nov. 28, 2008 | Nov. 4, 2005 | Nov. 30, 2010 | 6 | 43 | 46 | 15 | ||
| 80 | FreeBSD 5 | 5.5 | May 25, 2006 | Nov. 6, 2004 | May 31, 2008 | 7 | 42 | 50 | 18 | ||
| 81 | FreeBSD 4 | 4.0 | March 14, 2000 | Jan. 31, 2007 | 8 | 67 | 61 | 23 | |||
| 82 | FreeBSD 3 | 3.0 | Oct. 16, 1998 | Jan. 1, 1900 | 6 | 57 | 47 | 16 | |||
| 83 | FreeBSD 2 | 2.0.5 | Nov. 22, 1994 | Jan. 1, 1900 | 6 | 51 | 41 | 10 | |||
| 84 | FreeBSD 1 | 1.0 | Oct. 1, 1993 | Jan. 1, 1900 | 26 | 112 | 90 | 9 | |||
| 85 | FreeBSD 0.4_1 | 0.4_1 | Jan. 1, 1900 | 6 | 27 | 30 | 4 |
| No | CVSS3 CVSS2 |
Level Attach Vector |
Title | CWE | CVE | cpe23Uri | or higher | or less | more than | less than | Update date Published date |
Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 71 |
6.8 4.6 |
MEDIUM
Physics |
In FreeBSD 12.1-STABLE before r362166, 12.1-RELEASE before p8, 11.4-STABLE before r362167, 11.4-RELEASE before p2, and 11.3-RELEASE before p12, missing length validation code common to mulitple USB n… |
CWE-20
Improper Input Validation |
CVE-2020-7459 |
cpe:2.3:o:freebsd:freebsd:12.1:p7 cpe:2.3:o:freebsd:freebsd:12.1:p6 cpe:2.3:o:freebsd:freebsd:12.1:p4 cpe:2.3:… |
2024-11-21 14:37 2020-08-7 |
Show | GitHub Exploit DB Packet Storm | ||||
| 72 |
9.8 7.5 |
CRITICAL
Network |
In FreeBSD 12.1-STABLE before r362281, 11.4-STABLE before r362281, and 11.4-RELEASE before p1, long values in the user-controlled PATH environment variable cause posix_spawnp to write beyond the end … |
CWE-787
Out-of-bounds Write |
CVE-2020-7458 |
cpe:2.3:o:freebsd:freebsd:12.1:- cpe:2.3:o:freebsd:freebsd:11.4:beta1 cpe:2.3:o:freebsd:freebsd:11.4:- |
2024-11-21 14:37 2020-07-9 |
Show | GitHub Exploit DB Packet Storm | ||||
| 73 |
8.1 6.8 |
HIGH
Network |
In FreeBSD 12.1-STABLE before r359565, 12.1-RELEASE before p7, 11.4-STABLE before r362975, 11.4-RELEASE before p1, and 11.3-RELEASE before p11, missing synchronization in the IPV6_2292PKTOPTIONS sock… |
CWE-362 CWE-416 CWE-662 Race Condition Use After Free Improper Synchronization |
CVE-2020-7457 |
cpe:2.3:o:freebsd:freebsd:12.1:p6 cpe:2.3:o:freebsd:freebsd:12.1:p5 cpe:2.3:o:freebsd:freebsd:12.1:p4 cpe:2.3:… |
2024-11-21 14:37 2020-07-9 |
Show | GitHub Exploit DB Packet Storm | ||||
| 74 |
6.8 7.2 |
MEDIUM
Physics |
In FreeBSD 12.1-STABLE before r361918, 12.1-RELEASE before p6, 11.4-STABLE before r361919, 11.3-RELEASE before p10, and 11.4-RC2 before p1, an invalid memory location may be used for HID items if the… |
CWE-119
Incorrect Access of Indexable Resource ('Range Error') |
CVE-2020-7456 |
cpe:2.3:o:freebsd:freebsd:12.1:p5 cpe:2.3:o:freebsd:freebsd:12.1:p4 cpe:2.3:o:freebsd:freebsd:12.1:p3 cpe:2.3:… |
2024-11-21 14:37 2020-06-10 |
Show | GitHub Exploit DB Packet Storm | ||||
| 75 |
5.5 2.1 |
MEDIUM
Local |
SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. |
CWE-190
Integer Overflow or Wraparound |
CVE-2020-13434 |
cpe:2.3:o:freebsd:freebsd:12.1:p7 cpe:2.3:o:freebsd:freebsd:12.1:p6 cpe:2.3:o:freebsd:freebsd:12.1:p5 cpe:2.3:… |
11.0 | 11.4 |
2024-11-21 14:01 2020-05-25 |
Show | GitHub Exploit DB Packet Storm | ||
| 76 |
5.5 2.1 |
MEDIUM
Local |
In FreeBSD 12.1-STABLE before r360973, 12.1-RELEASE before p5, 11.4-STABLE before r360973, 11.4-BETA1 before p1 and 11.3-RELEASE before p9, the FTP packet handler in libalias incorrectly calculates s… |
CWE-772
Missing Release of Resource after Effective Lifetime |
CVE-2020-7455 |
cpe:2.3:o:freebsd:freebsd:12.1:p4 cpe:2.3:o:freebsd:freebsd:12.1:p3 cpe:2.3:o:freebsd:freebsd:12.1:p2 cpe:2.3:… |
2024-11-21 14:37 2020-05-14 |
Show | GitHub Exploit DB Packet Storm | ||||
| 77 |
9.8 7.5 |
CRITICAL
Network |
In FreeBSD 12.1-STABLE before r360971, 12.1-RELEASE before p5, 11.4-STABLE before r360971, 11.4-BETA1 before p1 and 11.3-RELEASE before p9, libalias does not properly validate packet length resulting… |
CWE-20 CWE-787 Improper Input Validation Out-of-bounds Write |
CVE-2020-7454 |
cpe:2.3:o:freebsd:freebsd:12.1:p4 cpe:2.3:o:freebsd:freebsd:12.1:p3 cpe:2.3:o:freebsd:freebsd:12.1:p2 cpe:2.3:… |
2024-11-21 14:37 2020-05-14 |
Show | GitHub Exploit DB Packet Storm | ||||
| 78 |
9.8 7.5 |
CRITICAL
Network |
In FreeBSD 12.1-STABLE before r356911, and 12.1-RELEASE before p5, insufficient checking in the cryptodev module allocated the size of a kernel buffer based on a user-supplied length allowing an unpr… |
CWE-119 CWE-20 Incorrect Access of Indexable Resource ('Range Error') Improper Input Validation |
CVE-2019-15880 |
cpe:2.3:o:freebsd:freebsd:12.1:p4 cpe:2.3:o:freebsd:freebsd:12.1:p3 cpe:2.3:o:freebsd:freebsd:12.1:p2 cpe:2.3:… |
2024-11-21 13:29 2020-05-14 |
Show | GitHub Exploit DB Packet Storm | ||||
| 79 |
7.4 5.8 |
HIGH
Network |
In FreeBSD 12.1-STABLE before r356908, 12.1-RELEASE before p5, 11.3-STABLE before r356908, and 11.3-RELEASE before p9, a race condition in the cryptodev module permitted a data structure in the kerne… |
CWE-362 CWE-772 Race Condition Missing Release of Resource after Effective Lifetime |
CVE-2019-15879 |
cpe:2.3:o:freebsd:freebsd:12.1:p4 cpe:2.3:o:freebsd:freebsd:12.1:p3 cpe:2.3:o:freebsd:freebsd:12.1:p2 cpe:2.3:… |
2024-11-21 13:29 2020-05-14 |
Show | GitHub Exploit DB Packet Storm | ||||
| 80 |
7.8 4.6 |
HIGH
Local |
In FreeBSD 12.1-STABLE before r352509, 11.3-STABLE before r352509, and 11.3-RELEASE before p9, an unprivileged local user can trigger a use-after-free situation due to improper checking in SCTP when … |
CWE-416
Use After Free |
CVE-2019-15878 |
cpe:2.3:o:freebsd:freebsd:12.1:- cpe:2.3:o:freebsd:freebsd:11.3:p8 cpe:2.3:o:freebsd:freebsd:11.3:p7 cpe:2.3:o… |
2024-11-21 13:29 2020-05-14 |
Show | GitHub Exploit DB Packet Storm |