Vulnerabilities > Freebsd > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-02 | CVE-2019-5599 | Allocation of Resources Without Limits or Throttling vulnerability in Freebsd 12.0 In FreeBSD 12.0-STABLE before r349197 and 12.0-RELEASE before 12.0-RELEASE-p6, a bug in the non-default RACK TCP stack can allow an attacker to cause several linked lists to grow unbounded and cause an expensive list traversal on every packet being processed, leading to resource exhaustion and a denial of service. | 7.8 |
| 2019-04-17 | CVE-2019-9499 | Improper Authentication vulnerability in multiple products The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. | 8.1 |
| 2019-04-17 | CVE-2019-9498 | Improper Authentication vulnerability in multiple products The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. | 8.1 |
| 2019-02-12 | CVE-2019-5596 | Unspecified vulnerability in Freebsd 11.2/12.0 In FreeBSD 11.2-STABLE after r338618 and before r343786, 12.0-STABLE before r343781, and 12.0-RELEASE before 12.0-RELEASE-p3, a bug in the reference count implementation for UNIX domain sockets can cause a file structure to be incorrectly released potentially allowing a malicious local user to gain root privileges or escape from a jail. | 7.2 |
| 2019-01-03 | CVE-2018-17161 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Freebsd 11.2/12.0 In FreeBSD before 11.2-STABLE(r348229), 11.2-RELEASE-p7, 12.0-STABLE(r342228), and 12.0-RELEASE-p1, insufficient validation of network-provided data in bootpd may make it possible for a malicious attacker to craft a bootp packet which could cause a stack buffer overflow. | 7.5 |
| 2018-12-04 | CVE-2018-17159 | Resource Exhaustion vulnerability in Freebsd In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, the NFS server lacks a bounds check in the READDIRPLUS NFS request. | 7.8 |
| 2018-12-04 | CVE-2018-17158 | Integer Overflow or Wraparound vulnerability in Freebsd In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer overflow error can occur when handling the client address length field in an NFSv4 request. | 7.8 |
| 2018-09-12 | CVE-2017-1085 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Freebsd In FreeBSD before 11.2-RELEASE, an application which calls setrlimit() to increase RLIMIT_STACK may turn a read-only memory region below the stack into a read-write region. | 7.2 |
| 2018-09-12 | CVE-2017-1084 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Freebsd In FreeBSD before 11.2-RELEASE, multiple issues with the implementation of the stack guard-page reduce the protections afforded by the guard-page. | 7.8 |
| 2018-09-12 | CVE-2017-1083 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Freebsd In FreeBSD before 11.2-RELEASE, a stack guard-page is available but is disabled by default. | 7.8 |