CVSS: 5.3EPSS: 1%CPEs: 10EXPL: 0CVE-2020-7451
https://notcve.org/view.php?id=CVE-2020-7451
28 Apr 2020 — In FreeBSD 12.1-STABLE before r358739, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r358740, and 11.3-RELEASE before 11.3-RELEASE-p7, a TCP SYN-ACK or challenge TCP-ACK segment over IPv6 that is transmitted or retransmitted does not properly initialize the Traffic Class field disclosing one byte of kernel memory over the network. En FreeBSD versiones 12.1-2.1-STABLE anteriores a r358739, versiones 12.1-RELEASE anteriores a 12.1-RELEASE-p3, versiones 11.3-STABLE anteriores a r358740, y versiones 1... • https://security.FreeBSD.org/advisories/FreeBSD-SA-20:04.tcp.asc • CWE-908: Use of Uninitialized Resource •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2019-15876
https://notcve.org/view.php?id=CVE-2019-15876
28 Apr 2020 — In FreeBSD 12.1-STABLE before r356089, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r356090, and 11.3-RELEASE before 11.3-RELEASE-p7, driver specific ioctl command handlers in the oce network driver failed to check whether the caller has sufficient privileges allowing unprivileged users to send passthrough commands to the device firmware. En FreeBSD versiones 12.1-STABLE anteriores a r356089, versiones 12.1-RELEASE anteriores a 12.1-RELEASE-p3, versiones 11.3-STABLE anteriores a r356090 y version... • https://security.FreeBSD.org/advisories/FreeBSD-SA-20:05.if_oce_ioctl.asc • CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-10565
https://notcve.org/view.php?id=CVE-2020-10565
14 Mar 2020 — grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, does not validate the address provided as part of a memrw command (read_* or write_*) by a guest through a grub2.cfg file. This allows an untrusted guest to perform arbitrary read or write operations in the context of the grub-bhyve process, resulting in code execution as root on the host OS. grub2-bhyve, como es usado en FreeBSD bhyve anterior a revisión 525916 12-02-2020, no comprueba la dirección proporcionada como parte de un coman... • https://svnweb.freebsd.org/ports?view=revision&revision=525916 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-10566
https://notcve.org/view.php?id=CVE-2020-10566
14 Mar 2020 — grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, mishandles font loading by a guest through a grub2.cfg file, leading to a buffer overflow. grub2-bhyve, como es usado en FreeBSD bhyve anterior a revisión 525916 12-02-2020, maneja inapropiadamente una carga de fuentes por parte de un invitado mediante un archivo grub2.cfg, conllevando a un desbordamiento de búfer. • https://svnweb.freebsd.org/ports?view=revision&revision=525916 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 3.3EPSS: 0%CPEs: 20EXPL: 0CVE-2019-15875 – FreeBSD Security Advisory - FreeBSD-SA-20:03.thrmisc
https://notcve.org/view.php?id=CVE-2019-15875
28 Jan 2020 — In FreeBSD 12.1-STABLE before r354734, 12.1-RELEASE before 12.1-RELEASE-p2, 12.0-RELEASE before 12.0-RELEASE-p13, 11.3-STABLE before r354735, and 11.3-RELEASE before 11.3-RELEASE-p6, due to incorrect initialization of a stack data structure, core dump files may contain up to 20 bytes of kernel data previously stored on the stack. En FreeBSD versiones 12.1-STABLE anteriores a r354734, versiones 12.1-RELEASE anteriores a 12.1-RELEASE-p2, versiones 12.0-RELEASE anteriores a 12.0-RELEASE-p13, versiones 11.3-STA... • https://security.FreeBSD.org/advisories/FreeBSD-SA-20:03.thrmisc.asc • CWE-665: Improper Initialization •
CVSS: 9.8EPSS: 0%CPEs: 20EXPL: 0CVE-2020-7450 – FreeBSD Security Advisory - FreeBSD-SA-20:01.libfetch
https://notcve.org/view.php?id=CVE-2020-7450
28 Jan 2020 — In FreeBSD 12.1-STABLE before r357213, 12.1-RELEASE before 12.1-RELEASE-p2, 12.0-RELEASE before 12.0-RELEASE-p13, 11.3-STABLE before r357214, and 11.3-RELEASE before 11.3-RELEASE-p6, URL handling in libfetch with URLs containing username and/or password components is vulnerable to a heap buffer overflow allowing program misbehavior or malicious code execution. En FreeBSD versiones 12.1-STABLE anteriores a r357213, versiones 12.1-RELEASE versiones anteriores a 12.1-RELEASE-p2, versiones 12.0-RELEASE anterior... • https://security.FreeBSD.org/advisories/FreeBSD-SA-20:01.libfetch.asc • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 4%CPEs: 25EXPL: 2CVE-2019-5611 – FreeBSD Security Advisory - FreeBSD-SA-19:22.mbuf
https://notcve.org/view.php?id=CVE-2019-5611
21 Aug 2019 — In FreeBSD 12.0-STABLE before r350828, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r350829, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, a missing check in the function to arrange data in a chain of mbufs could cause data returned not to be contiguous. Extra checks in the IPv6 stack could catch the error condition and trigger a kernel panic, leading to a remote denial of service. En FreeBSD versión 12.0-STABLE anterior a r350828, versión 12.0-RELEASE anterior a... • http://packetstormsecurity.com/files/154170/FreeBSD-Security-Advisory-FreeBSD-SA-19-22.mbuf.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 0CVE-2019-5612 – FreeBSD Security Advisory - FreeBSD-SA-19:23.midi
https://notcve.org/view.php?id=CVE-2019-5612
21 Aug 2019 — In FreeBSD 12.0-STABLE before r351264, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r351265, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, the kernel driver for /dev/midistat implements a read handler that is not thread-safe. A multi-threaded program can exploit races in the handler to copy out kernel memory outside the boundaries of midistat's data buffer. En FreeBSD versión 12.0-STABLE anterior a r351264, versión 12.0-RELEASE anterior a 12.0-RELEASE-p10, versió... • https://security.FreeBSD.org/advisories/FreeBSD-SA-19:23.midi.asc • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.8EPSS: 4%CPEs: 25EXPL: 0CVE-2019-5608 – FreeBSD Security Advisory - FreeBSD-SA-19:19.mldv2
https://notcve.org/view.php?id=CVE-2019-5608
06 Aug 2019 — In FreeBSD 12.0-STABLE before r350648, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350650, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the ICMPv6 input path incorrectly handles cases where an MLDv2 listener query packet is internally fragmented across multiple mbufs. A remote attacker may be able to cause an out-of-bounds read or write that may cause the kernel to attempt to access an unmapped page and subsequently panic. En FreeBSD versión 12.0-STABLE anterio... • https://security.FreeBSD.org/advisories/FreeBSD-SA-19:19.mldv2.asc • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 24EXPL: 0CVE-2019-5609 – FreeBSD Security Advisory - FreeBSD-SA-19:21.bhyve
https://notcve.org/view.php?id=CVE-2019-5609
06 Aug 2019 — In FreeBSD 12.0-STABLE before r350619, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350619, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the bhyve e1000 device emulation used a guest-provided value to determine the size of the on-stack buffer without validation when TCP segmentation offload is requested for a transmitted packet. A misbehaving bhyve guest could overwrite memory in the bhyve process on the host. En FreeBSD versiones 12.0-STABLE anteriores a r35061... • https://security.FreeBSD.org/advisories/FreeBSD-SA-19:21.bhyve.asc • CWE-787: Out-of-bounds Write •