Vulnerabilities > Freebsd > High

DATE CVE VULNERABILITY TITLE RISK
2017-10-05 CVE-2017-15037 Out-of-bounds Read vulnerability in Freebsd
In FreeBSD through 11.1, the smb_strdupin function in sys/netsmb/smb_subr.c has a race condition with a resultant out-of-bounds read, because it can cause t2p->t_name strings to lack a final '\0' character.
network
high complexity
freebsd CWE-125
8.1
2017-07-25 CVE-2015-1417 Resource Exhaustion vulnerability in Freebsd
The inet module in FreeBSD 10.2x before 10.2-PRERELEASE, 10.2-BETA2-p2, 10.2-RC1-p1, 10.1x before 10.1-RELEASE-p16, 9.x before 9.3-STABLE, 9.3-RELEASE-p21, and 8.x before 8.4-STABLE, 8.4-RELEASE-p35 on systems with VNET enabled and at least 16 VNET instances allows remote attackers to cause a denial of service (mbuf consumption) via multiple concurrent TCP connections.
network
low complexity
freebsd CWE-400
7.5
2017-07-13 CVE-2017-11103 Insufficient Verification of Data Authenticity vulnerability in multiple products
Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification.
network
high complexity
heimdal-project freebsd samba apple debian CWE-345
8.1
2017-02-15 CVE-2016-1889 Integer Overflow or Wraparound vulnerability in Freebsd
Integer overflow in the bhyve hypervisor in FreeBSD 10.1, 10.2, 10.3, and 11.0 when configured with a large amount of guest memory, allows local users to gain privilege via a crafted device descriptor.
local
low complexity
freebsd CWE-190
7.8
2017-02-15 CVE-2016-1888 Improper Authentication vulnerability in Freebsd
The telnetd service in FreeBSD 9.3, 10.1, 10.2, 10.3, and 11.0 allows remote attackers to inject arguments to login and bypass authentication via vectors involving a "sequence of memory allocation failures."
network
low complexity
freebsd CWE-287
7.5
2017-02-15 CVE-2016-1883 Permissions, Privileges, and Access Controls vulnerability in Freebsd 10.1/10.2/9.3
The issetugid system call in the Linux compatibility layer in FreeBSD 9.3, 10.1, and 10.2 allows local users to gain privilege via unspecified vectors.
local
low complexity
freebsd CWE-264
7.8
2017-02-15 CVE-2016-1881 Permissions, Privileges, and Access Controls vulnerability in Freebsd 10.1/10.2/9.3
The kernel in FreeBSD 9.3, 10.1, and 10.2 allows local users to cause a denial of service (crash) or potentially gain privilege via a crafted Linux compatibility layer setgroups system call.
local
low complexity
freebsd CWE-264
7.8
2017-02-15 CVE-2016-1880 Permissions, Privileges, and Access Controls vulnerability in Freebsd 10.1/10.2/9.3
The Linux compatibility layer in the kernel in FreeBSD 9.3, 10.1, and 10.2 allows local users to read portions of kernel memory and potentially gain privilege via unspecified vectors, related to "handling of Linux futex robust lists."
local
low complexity
freebsd CWE-264
7.8
2016-08-07 CVE-2016-5766 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image.
network
low complexity
redhat freebsd libgd fedoraproject debian CWE-190
8.8
2016-05-25 CVE-2016-1887 Permissions, Privileges, and Access Controls vulnerability in Freebsd 10.1/10.2/10.3
Integer signedness error in the sockargs function in sys/kern/uipc_syscalls.c in FreeBSD 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to cause a denial of service (memory overwrite and kernel panic) or gain privileges via a negative buflen argument, which triggers a heap-based buffer overflow.
local
low complexity
freebsd CWE-264
7.8