Vulnerabilities > Freebsd > Freebsd > 10.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-05-02 | CVE-2014-3001 | Permissions, Privileges, and Access Controls vulnerability in Freebsd 10.0 The device file system (aka devfs) in FreeBSD 10.0 before p2 does not load default rulesets when booting, which allows context-dependent attackers to bypass intended restrictions by leveraging a jailed device node process. | 5.8 |
2014-05-02 | CVE-2014-3000 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Freebsd The TCP reassembly function in the inet module in FreeBSD 8.3 before p16, 8.4 before p9, 9.1 before p12, 9.2 before p5, and 10.0 before p2 allows remote attackers to cause a denial of service (undefined memory access and system crash) or possibly read system memory via multiple crafted packets, related to moving a reassemble queue entry to the segment list when the queue is full. | 7.8 |
2014-04-16 | CVE-2014-1453 | Resource Management Errors vulnerability in Freebsd The NFS server (nfsserver) in FreeBSD 8.3 through 10.0 does not acquire locks in the proper order when converting a directory file handle to a vnode, which allows remote authenticated users to cause a denial of service (deadlock) via vectors involving a thread that uses the correct locking order. | 4.0 |
2013-11-21 | CVE-2013-6834 | Improper Input Validation vulnerability in Freebsd The ql_eioctl function in sys/dev/qlxgbe/ql_ioctl.c in the kernel in FreeBSD 10 and earlier does not validate a certain size parameter, which allows local users to obtain sensitive information from kernel memory via a crafted ioctl call. | 4.9 |
2013-11-21 | CVE-2013-6833 | Improper Input Validation vulnerability in Freebsd The qls_eioctl function in sys/dev/qlxge/qls_ioctl.c in the kernel in FreeBSD 10 and earlier does not validate a certain size parameter, which allows local users to obtain sensitive information from kernel memory via a crafted ioctl call. | 4.9 |
2013-11-21 | CVE-2013-6832 | Information Exposure vulnerability in Freebsd The nand_ioctl function in sys/dev/nand/nand_geom.c in the nand driver in the kernel in FreeBSD 10 and earlier does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via a crafted ioctl call. | 4.9 |
2012-08-21 | CVE-2012-4578 | Cryptographic Issues vulnerability in Pawel Jakub Dawidek Geli 4/7 The geli encryption provider 7 before r239184 on FreeBSD 10 uses a weak Master Key, which makes it easier for local users to defeat a cryptographic protection mechanism via a brute-force attack. | 2.1 |