Vulnerabilities > Freebsd
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-28 | CVE-2018-17155 | Information Exposure vulnerability in Freebsd In FreeBSD before 11.2-STABLE(r338983), 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLE(r338984), and 10.4-RELEASE-p13, due to insufficient initialization of memory copied to userland in the getcontext and swapcontext system calls, small amounts of kernel memory may be disclosed to userland processes. | 2.1 |
| 2018-09-28 | CVE-2018-17154 | NULL Pointer Dereference vulnerability in Freebsd In FreeBSD before 11.2-STABLE(r338987), 11.2-RELEASE-p4, and 11.1-RELEASE-p15, due to insufficient memory checking in the freebsd4_getfsstat system call, a NULL pointer dereference can occur. | 4.9 |
| 2018-09-12 | CVE-2018-6924 | Improper Input Validation vulnerability in Freebsd 10.4/11.0/11.2 In FreeBSD before 11.1-STABLE, 11.2-RELEASE-p3, 11.1-RELEASE-p14, 10.4-STABLE, and 10.4-RELEASE-p12, insufficient validation in the ELF header parser could allow a malicious ELF binary to cause a kernel crash or disclose kernel memory. | 5.6 |
| 2018-09-12 | CVE-2017-1085 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Freebsd In FreeBSD before 11.2-RELEASE, an application which calls setrlimit() to increase RLIMIT_STACK may turn a read-only memory region below the stack into a read-write region. | 7.2 |
| 2018-09-12 | CVE-2017-1084 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Freebsd In FreeBSD before 11.2-RELEASE, multiple issues with the implementation of the stack guard-page reduce the protections afforded by the guard-page. | 7.8 |
| 2018-09-12 | CVE-2017-1083 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Freebsd In FreeBSD before 11.2-RELEASE, a stack guard-page is available but is disabled by default. | 7.8 |
| 2018-09-12 | CVE-2017-1082 | Improper Input Validation vulnerability in Freebsd In FreeBSD 11.x before 11.1-RELEASE and 10.x before 10.4-RELEASE, the qsort algorithm has a deterministic recursion pattern. | 5.0 |
| 2018-09-04 | CVE-2018-6923 | Resource Exhaustion vulnerability in Freebsd In FreeBSD before 11.1-STABLE, 11.2-RELEASE-p2, 11.1-RELEASE-p13, ip fragment reassembly code is vulnerable to a denial of service due to excessive system resource consumption. | 7.8 |
| 2018-08-09 | CVE-2018-6922 | Resource Exhaustion vulnerability in Freebsd 10.4/11.1/11.2 One of the data structures that holds TCP segments in all versions of FreeBSD prior to 11.2-RELEASE-p1, 11.1-RELEASE-p12, and 10.4-RELEASE-p10 uses an inefficient algorithm to reassemble the data. | 5.0 |
| 2018-07-13 | CVE-2016-6559 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Freebsd Improper bounds checking of the obuf variable in the link_ntoa() function in linkaddr.c of the BSD libc library may allow an attacker to read or write from memory. | 7.5 |