Vulnerabilities > Freebsd > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-13 | CVE-2020-7455 | Missing Release of Resource after Effective Lifetime vulnerability in Freebsd 11.3/11.4/12.1 In FreeBSD 12.1-STABLE before r360973, 12.1-RELEASE before p5, 11.4-STABLE before r360973, 11.4-BETA1 before p1 and 11.3-RELEASE before p9, the FTP packet handler in libalias incorrectly calculates some packet length allowing disclosure of small amounts of kernel (for kernel NAT) or natd process space (for userspace natd). | 5.5 |
| 2020-04-29 | CVE-2020-7453 | Improper Check for Unusual or Exceptional Conditions vulnerability in Freebsd 11.3/12.1 In FreeBSD 12.1-STABLE before r359021, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r359020, and 11.3-RELEASE before 11.3-RELEASE-p7, a missing null termination check in the jail_set configuration option "osrelease" may return more bytes with a subsequent jail_get system call allowing a malicious jail superuser with permission to create nested jails to read kernel memory. | 6.0 |
| 2020-04-28 | CVE-2020-7451 | Use of Uninitialized Resource vulnerability in Freebsd 11.3/12.1 In FreeBSD 12.1-STABLE before r358739, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r358740, and 11.3-RELEASE before 11.3-RELEASE-p7, a TCP SYN-ACK or challenge TCP-ACK segment over IPv6 that is transmitted or retransmitted does not properly initialize the Traffic Class field disclosing one byte of kernel memory over the network. | 5.3 |
| 2020-04-28 | CVE-2019-15877 | Missing Authorization vulnerability in Freebsd 12.1 In FreeBSD 12.1-STABLE before r356606 and 12.1-RELEASE before 12.1-RELEASE-p3, driver specific ioctl command handlers in the ixl network driver failed to check whether the caller has sufficient privileges allowing unprivileged users to trigger updates to the device's non-volatile memory. | 5.5 |
| 2020-04-28 | CVE-2019-15876 | Missing Authorization vulnerability in Freebsd 11.3/12.1 In FreeBSD 12.1-STABLE before r356089, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r356090, and 11.3-RELEASE before 11.3-RELEASE-p7, driver specific ioctl command handlers in the oce network driver failed to check whether the caller has sufficient privileges allowing unprivileged users to send passthrough commands to the device firmware. | 5.5 |
| 2020-02-20 | CVE-2015-2923 | Improper Input Validation vulnerability in Freebsd The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in FreeBSD through 10.1 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message. | 6.5 |
| 2019-07-26 | CVE-2019-5605 | Improper Initialization vulnerability in Freebsd 11.0/11.2/11.3 In FreeBSD 11.3-STABLE before r350217, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, due to insufficient initialization of memory copied to userland in the freebsd32_ioctl interface, small amounts of kernel memory may be disclosed to userland processes. | 6.5 |
| 2019-07-03 | CVE-2019-5601 | Information Exposure vulnerability in Freebsd 11.2/12.0 In FreeBSD 12.0-STABLE before r347474, 12.0-RELEASE before 12.0-RELEASE-p7, 11.2-STABLE before r347475, and 11.2-RELEASE before 11.2-RELEASE-p11, a bug in the FFS implementation causes up to three bytes of kernel stack memory to be written to disk as uninitialized directory entry padding. | 6.5 |
| 2019-04-17 | CVE-2019-9494 | Information Exposure Through Discrepancy vulnerability in multiple products The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. | 5.9 |
| 2019-02-12 | CVE-2019-5595 | Incomplete Cleanup vulnerability in Freebsd 11.2/12.0 In FreeBSD before 11.2-STABLE(r343782), 11.2-RELEASE-p9, 12.0-STABLE(r343781), and 12.0-RELEASE-p3, kernel callee-save registers are not properly sanitized before return from system calls, potentially allowing some kernel data used in the system call to be exposed. | 5.5 |