Vulnerabilities > Freebsd

DATE CVE VULNERABILITY TITLE RISK
2023-12-24 CVE-2023-51765 Insufficient Verification of Data Authenticity vulnerability in multiple products
sendmail through 8.17.2 allows SMTP smuggling in certain configurations.
network
low complexity
sendmail freebsd redhat CWE-345
5.3
2023-12-18 CVE-2023-48795 Improper Validation of Integrity Check Value vulnerability in multiple products
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack.
5.9
2023-12-13 CVE-2023-6534 Unspecified vulnerability in Freebsd 12.4/13.2/14.0
In versions of FreeBSD 14.0-RELEASE before 14-RELEASE-p2, FreeBSD 13.2-RELEASE before 13.2-RELEASE-p7 and FreeBSD 12.4-RELEASE before 12.4-RELEASE-p9, the pf(4) packet filter incorrectly validates TCP sequence numbers.
network
low complexity
freebsd
7.5
2023-12-13 CVE-2023-6660 Unspecified vulnerability in Freebsd 13.2/14.0
When a program running on an affected system appends data to a file via an NFS client mount, the bug can cause the NFS client to fail to copy in the data to be written but proceed as though the copy operation had succeeded.
network
low complexity
freebsd
6.5
2023-11-08 CVE-2023-5941 Incorrect Calculation of Buffer Size vulnerability in Freebsd
In versions of FreeBSD 12.4-RELEASE prior to 12.4-RELEASE-p7 and FreeBSD 13.2-RELEASE prior to 13.2-RELEASE-p5 the __sflush() stdio function in libc does not correctly update FILE objects' write space members for write-buffered streams when the write(2) system call returns an error.
network
low complexity
freebsd CWE-131
critical
9.8
2023-11-08 CVE-2023-5978 Unspecified vulnerability in Freebsd 13.0/13.1/13.2
In versions of FreeBSD 13-RELEASE before 13-RELEASE-p5, under certain circumstances the cap_net libcasper(3) service incorrectly validates that updated constraints are strictly subsets of the active constraints.
network
low complexity
freebsd
7.5
2023-10-04 CVE-2023-5368 Insecure Default Initialization of Resource vulnerability in Freebsd
On an msdosfs filesystem, the 'truncate' or 'ftruncate' system calls under certain circumstances populate the additional space in the file with unallocated data from the underlying disk device, rather than zero bytes. This may permit a user with write access to files on a msdosfs filesystem to read unintended data (e.g.
network
low complexity
freebsd CWE-1188
6.5
2023-10-04 CVE-2023-5369 Improper Check for Dropped Privileges vulnerability in Freebsd 13.2
Before correction, the copy_file_range system call checked only for the CAP_READ and CAP_WRITE capabilities on the input and output file descriptors, respectively.
local
low complexity
freebsd CWE-273
7.1
2023-10-04 CVE-2023-5370 Improper Initialization vulnerability in Freebsd 13.2
On CPU 0 the check for the SMCCC workaround is called before SMCCC support has been initialized.
local
low complexity
freebsd CWE-665
5.5
2023-09-06 CVE-2023-4809 Unspecified vulnerability in Freebsd
In pf packet processing with a 'scrub fragment reassemble' rule, a packet containing multiple IPv6 fragment headers would be reassembled, and then immediately processed.
network
low complexity
freebsd
7.5