Vulnerabilities > Freebsd > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-02-04 CVE-2018-1000998 Cross-site Scripting vulnerability in Freebsd Cvsweb 2.0.4/2.0.5/2.0.6
FreeBSD CVSweb version 2.x contains a Cross Site Scripting (XSS) vulnerability in all pages that can result in limited impact--CVSweb is anonymous & read-only.
network
low complexity
freebsd CWE-79
6.1
2019-01-31 CVE-2019-6111 Path Traversal vulnerability in multiple products
An issue was discovered in OpenSSH 7.9.
5.9
2018-11-28 CVE-2018-17156 Out-of-bounds Write vulnerability in Freebsd
In FreeBSD before 11.2-STABLE(r340268) and 11.2-RELEASE-p5, due to incorrectly accounting for padding on 64-bit platforms, a buffer underwrite could occur when constructing an ICMP reply packet when using a non-standard value for the net.inet.icmp.quotelen sysctl.
network
high complexity
freebsd CWE-787
5.9
2018-09-28 CVE-2018-6925 NULL Pointer Dereference vulnerability in Freebsd
In FreeBSD before 11.2-STABLE(r338986), 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLE(r338985), and 10.4-RELEASE-p13, due to improper maintenance of IPv6 protocol control block flags through various failure paths, an unprivileged authenticated local user may be able to cause a NULL pointer dereference causing the kernel to crash.
local
low complexity
freebsd CWE-476
5.5
2018-09-28 CVE-2018-17155 Information Exposure vulnerability in Freebsd
In FreeBSD before 11.2-STABLE(r338983), 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLE(r338984), and 10.4-RELEASE-p13, due to insufficient initialization of memory copied to userland in the getcontext and swapcontext system calls, small amounts of kernel memory may be disclosed to userland processes.
local
low complexity
freebsd CWE-200
5.5
2018-09-28 CVE-2018-17154 NULL Pointer Dereference vulnerability in Freebsd
In FreeBSD before 11.2-STABLE(r338987), 11.2-RELEASE-p4, and 11.1-RELEASE-p15, due to insufficient memory checking in the freebsd4_getfsstat system call, a NULL pointer dereference can occur.
local
low complexity
freebsd CWE-476
5.5
2018-08-09 CVE-2018-6922 Resource Exhaustion vulnerability in Freebsd 10.4/11.1/11.2
One of the data structures that holds TCP segments in all versions of FreeBSD prior to 11.2-RELEASE-p1, 11.1-RELEASE-p12, and 10.4-RELEASE-p10 uses an inefficient algorithm to reassemble the data.
network
low complexity
freebsd CWE-400
5.3
2018-06-21 CVE-2018-3665 Information Exposure vulnerability in multiple products
System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.
5.6
2018-06-04 CVE-2016-9042 Improper Input Validation vulnerability in multiple products
An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9.
network
high complexity
ntp freebsd hpe siemens CWE-20
5.9
2018-05-08 CVE-2018-6921 Information Exposure vulnerability in Freebsd 11.0/11.1
In FreeBSD before 11.1-STABLE(r332066) and 11.1-RELEASE-p10, due to insufficient initialization of memory copied to userland in the network subsystem, small amounts of kernel memory may be disclosed to userland processes.
local
low complexity
freebsd CWE-200
5.5