Vulnerabilities > Freebsd > Freebsd > 7.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-14 | CVE-2020-10566 | Classic Buffer Overflow vulnerability in Freebsd grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, mishandles font loading by a guest through a grub2.cfg file, leading to a buffer overflow. | 4.6 |
| 2020-03-14 | CVE-2020-10565 | Improper Privilege Management vulnerability in Freebsd grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, does not validate the address provided as part of a memrw command (read_* or write_*) by a guest through a grub2.cfg file. | 7.2 |
| 2020-02-20 | CVE-2012-5365 | Resource Exhaustion vulnerability in Freebsd The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries. | 7.8 |
| 2020-02-20 | CVE-2012-5363 | Resource Exhaustion vulnerability in Freebsd The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2011-2393. | 7.8 |
| 2020-02-20 | CVE-2015-2923 | Improper Input Validation vulnerability in Freebsd The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in FreeBSD through 10.1 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message. | 3.3 |
| 2020-02-18 | CVE-2014-3879 | Improper Authentication vulnerability in Freebsd OpenPAM Nummularia 9.2 through 10.0 does not properly handle the error reported when an include directive refers to a policy that does not exist, which causes the loaded policy chain to no be discarded and allows context-dependent attackers to bypass authentication via a login (1) without a password or (2) with an incorrect password. | 7.5 |
| 2019-11-27 | CVE-2011-2480 | Information Exposure vulnerability in Freebsd Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures. | 5.0 |
| 2019-01-31 | CVE-2019-6111 | Path Traversal vulnerability in multiple products An issue was discovered in OpenSSH 7.9. | 5.9 |
| 2018-12-04 | CVE-2018-17160 | Out-of-bounds Write vulnerability in Freebsd In FreeBSD before 11.2-STABLE(r341486) and 11.2-RELEASE-p6, insufficient bounds checking in one of the device models provided by bhyve can permit a guest operating system to overwrite memory in the bhyve host possibly permitting arbitrary code execution. | 10.0 |
| 2018-12-04 | CVE-2018-17159 | Resource Exhaustion vulnerability in Freebsd In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, the NFS server lacks a bounds check in the READDIRPLUS NFS request. | 7.8 |