Vulnerabilities > Freebsd > Freebsd > 9.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-09-28 | CVE-2018-6925 | NULL Pointer Dereference vulnerability in Freebsd In FreeBSD before 11.2-STABLE(r338986), 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLE(r338985), and 10.4-RELEASE-p13, due to improper maintenance of IPv6 protocol control block flags through various failure paths, an unprivileged authenticated local user may be able to cause a NULL pointer dereference causing the kernel to crash. | 4.9 |
2018-09-28 | CVE-2018-17155 | Information Exposure vulnerability in Freebsd In FreeBSD before 11.2-STABLE(r338983), 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLE(r338984), and 10.4-RELEASE-p13, due to insufficient initialization of memory copied to userland in the getcontext and swapcontext system calls, small amounts of kernel memory may be disclosed to userland processes. | 2.1 |
2018-09-28 | CVE-2018-17154 | NULL Pointer Dereference vulnerability in Freebsd In FreeBSD before 11.2-STABLE(r338987), 11.2-RELEASE-p4, and 11.1-RELEASE-p15, due to insufficient memory checking in the freebsd4_getfsstat system call, a NULL pointer dereference can occur. | 4.9 |
2018-09-12 | CVE-2017-1085 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Freebsd In FreeBSD before 11.2-RELEASE, an application which calls setrlimit() to increase RLIMIT_STACK may turn a read-only memory region below the stack into a read-write region. | 7.2 |
2018-09-12 | CVE-2017-1084 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Freebsd In FreeBSD before 11.2-RELEASE, multiple issues with the implementation of the stack guard-page reduce the protections afforded by the guard-page. | 7.8 |
2018-09-12 | CVE-2017-1083 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Freebsd In FreeBSD before 11.2-RELEASE, a stack guard-page is available but is disabled by default. | 7.8 |
2018-09-04 | CVE-2018-6923 | Resource Exhaustion vulnerability in Freebsd In FreeBSD before 11.1-STABLE, 11.2-RELEASE-p2, 11.1-RELEASE-p13, ip fragment reassembly code is vulnerable to a denial of service due to excessive system resource consumption. | 7.8 |
2018-04-10 | CVE-2017-1081 | Improper Input Validation vulnerability in Freebsd In FreeBSD before 11.0-STABLE, 11.0-RELEASE-p10, 10.3-STABLE, and 10.3-RELEASE-p19, ipfilter using "keep state" or "keep frags" options can cause a kernel panic when fed specially crafted packet fragments due to incorrect memory handling. | 7.8 |
2017-10-05 | CVE-2017-15037 | Race Condition vulnerability in Freebsd In FreeBSD through 11.1, the smb_strdupin function in sys/netsmb/smb_subr.c has a race condition with a resultant out-of-bounds read, because it can cause t2p->t_name strings to lack a final '\0' character. | 6.8 |
2016-08-07 | CVE-2016-5766 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image. | 6.8 |