Vulnerabilities > Freebsd > High

DATE CVE VULNERABILITY TITLE RISK
2024-02-15 CVE-2022-23085 Out-of-bounds Write vulnerability in Freebsd
A user-provided integer option was passed to nmreq_copyin() without checking if it would overflow.
local
low complexity
freebsd CWE-787
8.2
2024-02-15 CVE-2022-23086 Out-of-bounds Write vulnerability in Freebsd
Handlers for *_CFG_PAGE read / write ioctls in the mpr, mps, and mpt drivers allocated a buffer of a caller-specified size, but copied to it a fixed size header.
local
low complexity
freebsd CWE-787
7.8
2024-02-15 CVE-2022-23087 Out-of-bounds Write vulnerability in Freebsd
The e1000 network adapters permit a variety of modifications to an Ethernet packet when it is being transmitted.
local
low complexity
freebsd CWE-787
8.8
2023-12-13 CVE-2023-6534 Unspecified vulnerability in Freebsd 12.4/13.2/14.0
In versions of FreeBSD 14.0-RELEASE before 14-RELEASE-p2, FreeBSD 13.2-RELEASE before 13.2-RELEASE-p7 and FreeBSD 12.4-RELEASE before 12.4-RELEASE-p9, the pf(4) packet filter incorrectly validates TCP sequence numbers.
network
low complexity
freebsd
7.5
2023-11-08 CVE-2023-5978 Unspecified vulnerability in Freebsd 13.0/13.1/13.2
In versions of FreeBSD 13-RELEASE before 13-RELEASE-p5, under certain circumstances the cap_net libcasper(3) service incorrectly validates that updated constraints are strictly subsets of the active constraints.
network
low complexity
freebsd
7.5
2023-10-04 CVE-2023-5369 Improper Check for Dropped Privileges vulnerability in Freebsd 13.2
Before correction, the copy_file_range system call checked only for the CAP_READ and CAP_WRITE capabilities on the input and output file descriptors, respectively.
local
low complexity
freebsd CWE-273
7.1
2023-09-06 CVE-2023-4809 Unspecified vulnerability in Freebsd
In pf packet processing with a 'scrub fragment reassemble' rule, a packet containing multiple IPv6 fragment headers would be reassembled, and then immediately processed.
network
low complexity
freebsd
7.5
2023-08-01 CVE-2023-3107 Integer Overflow or Wraparound vulnerability in multiple products
A set of carefully crafted ipv6 packets can trigger an integer overflow in the calculation of a fragment reassembled packet's payload length field.
network
low complexity
freebsd netapp CWE-190
7.5
2023-08-01 CVE-2023-3494 Classic Buffer Overflow vulnerability in Freebsd 13.1/13.2
The fwctl driver implements a state machine which is executed when a bhyve guest accesses certain x86 I/O ports.
local
low complexity
freebsd CWE-120
8.8
2022-09-06 CVE-2022-32264 Improper Handling of Exceptional Conditions vulnerability in Freebsd
sys/netinet/tcp_timer.h in FreeBSD before 7.0 contains a denial-of-service (DoS) vulnerability due to improper handling of TSopt on TCP connections.
network
low complexity
freebsd CWE-755
7.5