Vulnerabilities > Freebsd > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-04 | CVE-2018-6917 | Integer Overflow or Wraparound vulnerability in Freebsd In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELEASE-p8 and 10.3-RELEASE-p28, insufficient validation of user-provided font parameters can result in an integer overflow, leading to the use of arbitrary kernel memory as glyph data. | 7.5 |
| 2018-02-05 | CVE-2015-1418 | Information Exposure vulnerability in Freebsd 10.1/10.2 The do_ed_script function in pch.c in GNU patch through 2.7.6, and patch in FreeBSD 10.1 before 10.1-RELEASE-p17, 10.2 before 10.2-BETA2-p3, 10.2-RC1 before 10.2-RC1-p2, and 0.2-RC2 before 10.2-RC2-p1, allows remote attackers to execute arbitrary commands via a crafted patch file, because a '!' character can be passed to the ed program. | 7.8 |
| 2018-02-05 | CVE-2015-1416 | Permissions, Privileges, and Access Controls vulnerability in Freebsd 10.0/10.1/10.2 Larry Wall's patch; patch in FreeBSD 10.2-RC1 before 10.2-RC1-p1, 10.2 before 10.2-BETA2-p2, and 10.1 before 10.1-RELEASE-p16; Bitrig; GNU patch before 2.2.5; and possibly other patch variants allow remote attackers to execute arbitrary shell commands via a crafted patch file. | 7.8 |
| 2017-11-16 | CVE-2017-1087 | Path Traversal vulnerability in Freebsd In FreeBSD 10.x before 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24 named paths are globally scoped, meaning a process located in one jail can read and modify the content of POSIX shared memory objects created by a process in another jail or the host system. | 7.8 |
| 2017-10-17 | CVE-2017-13082 | Use of Insufficiently Random Values vulnerability in multiple products Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. | 8.1 |
| 2017-10-10 | CVE-2015-5675 | Permissions, Privileges, and Access Controls vulnerability in Freebsd 10.1/9.3 The sys_amd64 IRET Handler in the kernel in FreeBSD 9.3 and 10.1 allows local users to gain privileges or cause a denial of service (kernel panic). | 7.8 |
| 2017-10-05 | CVE-2017-15037 | Out-of-bounds Read vulnerability in Freebsd In FreeBSD through 11.1, the smb_strdupin function in sys/netsmb/smb_subr.c has a race condition with a resultant out-of-bounds read, because it can cause t2p->t_name strings to lack a final '\0' character. | 8.1 |
| 2017-07-25 | CVE-2015-1417 | Resource Exhaustion vulnerability in Freebsd The inet module in FreeBSD 10.2x before 10.2-PRERELEASE, 10.2-BETA2-p2, 10.2-RC1-p1, 10.1x before 10.1-RELEASE-p16, 9.x before 9.3-STABLE, 9.3-RELEASE-p21, and 8.x before 8.4-STABLE, 8.4-RELEASE-p35 on systems with VNET enabled and at least 16 VNET instances allows remote attackers to cause a denial of service (mbuf consumption) via multiple concurrent TCP connections. | 7.5 |
| 2017-07-13 | CVE-2017-11103 | Insufficient Verification of Data Authenticity vulnerability in multiple products Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. | 8.1 |
| 2017-02-15 | CVE-2016-1889 | Integer Overflow or Wraparound vulnerability in Freebsd Integer overflow in the bhyve hypervisor in FreeBSD 10.1, 10.2, 10.3, and 11.0 when configured with a large amount of guest memory, allows local users to gain privilege via a crafted device descriptor. | 7.8 |