CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2016-1889
https://notcve.org/view.php?id=CVE-2016-1889
15 Feb 2017 — Integer overflow in the bhyve hypervisor in FreeBSD 10.1, 10.2, 10.3, and 11.0 when configured with a large amount of guest memory, allows local users to gain privilege via a crafted device descriptor. Desbordamiento de entero en el bhyve hypervisor en FreeBSD 10.1, 10.2, 10.3 y 11.0 cuando se configura con una gran cantidad de memoria huésped, permite a usuarios locales obtener privilegios a través del descriptor de un dispositivo manipulado. • http://www.securitytracker.com/id/1037400 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 14%CPEs: 62EXPL: 2CVE-2016-5766 – gd: Integer overflow in _gd2GetHeader() resulting in heap overflow
https://notcve.org/view.php?id=CVE-2016-5766
26 Jun 2016 — Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image. Desbordamiento de entero en la función _gd2GetHeader en gd_gd2.c en la GD Graphics Library (también conocido como libgd) en versiones anter... • http://github.com/php/php-src/commit/7722455726bec8c53458a32851d2a87982cf0eac?w=1 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 2CVE-2016-1886 – FreeBSD Kernel (FreeBSD 10.2 < 10.3 x64) - 'SETFKEY' (PoC)
https://notcve.org/view.php?id=CVE-2016-1886
18 May 2016 — Integer signedness error in the genkbd_commonioctl function in sys/dev/kbd/kbd.c in FreeBSD 9.3 before p42, 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory overwrite and kernel crash), or gain privileges via a negative value in the flen structure member in the arg argument in a SETFKEY ioctl call, which triggers a "two way heap and stack overflow." Error de entero sin signo en la función genkbd_comm... • https://www.exploit-db.com/exploits/44211 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 1%CPEs: 3EXPL: 2CVE-2016-1887 – FreeBSD Kernel (FreeBSD 10.2 x64) - 'sendmsg' Kernel Heap Overflow (PoC)
https://notcve.org/view.php?id=CVE-2016-1887
18 May 2016 — Integer signedness error in the sockargs function in sys/kern/uipc_syscalls.c in FreeBSD 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to cause a denial of service (memory overwrite and kernel panic) or gain privileges via a negative buflen argument, which triggers a heap-based buffer overflow. Error de entero sin signo en la función sockargs en sys/kern/uipc_syscalls.c en FreeBSD 10.1 en versiones anteriores a p34, 10.2 en versiones anteriores a p17 y 10.3 en versiones anteriores ... • https://www.exploit-db.com/exploits/44212 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.3EPSS: 0%CPEs: 125EXPL: 0CVE-2016-2518 – ntp: out-of-bounds references on crafted packet
https://notcve.org/view.php?id=CVE-2016-2518
02 May 2016 — The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value. La función MATCH_ASSOC en NTP en versiones anteriores 4.2.8p9 y 4.3.x en versiones anteriores a 4.3.92 permite a atacantes remotos provocar una referencia fuera de los límites a través de una solicitud addpeer con un valor hmode grande. An out-of-bounds access flaw was found in the way ntpd processed certain packets. An au... • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183647.html • CWE-125: Out-of-bounds Read •
CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 3CVE-2016-1885 – FreeBSD 10.2 (x64) - 'amd64_set_ldt' Heap Overflow
https://notcve.org/view.php?id=CVE-2016-1885
17 Mar 2016 — Integer signedness error in the amd64_set_ldt function in sys/amd64/amd64/sys_machdep.c in FreeBSD 9.3 before p39, 10.1 before p31, and 10.2 before p14 allows local users to cause a denial of service (kernel panic) via an i386_set_ldt system call, which triggers a heap-based buffer overflow. Error de entero sin signo en la función amd64_set_ldt en sys/amd64/amd64/sys_machdep.c en FreeBSD 9.3 en versiones anteriores a p39, 10.1 en versiones anteriores a p31 y 10.2 en versiones anteriores a p14 permite a usua... • https://packetstorm.news/files/id/136276 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.9EPSS: 11%CPEs: 91EXPL: 0CVE-2015-7977 – ntp: restriction list NULL pointer dereference
https://notcve.org/view.php?id=CVE-2015-7977
25 Feb 2016 — ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command. ntpd en NTP en versiones anteriores a 4.2.8p6 y 4.3.x en versiones anteriores a 4.3.90 permite a atacantes remotos provocar una denegación de servicio (referencia a puntero NULL) mediante un comando ntpdc reslist. A NULL pointer dereference flaw was found in the way ntpd processed 'ntpdc reslist' commands that queried restriction lists with a large a... • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-1883 – FreeBSD Security Advisory - FreeBSD-SA-16:10.linux
https://notcve.org/view.php?id=CVE-2016-1883
27 Jan 2016 — The issetugid system call in the Linux compatibility layer in FreeBSD 9.3, 10.1, and 10.2 allows local users to gain privilege via unspecified vectors. La llamada de sistema issetugid en la capa de compatibilidad de Linux en FreeBSD 9.3, 10.1 y 10.2 permite a usuarios locales obtener privilegios a través de vectores no especificados. A programming error in the Linux compatibility layer could cause the issetugid(2) system call to return incorrect information. If an application relies on output of the issetug... • http://www.securitytracker.com/id/1034872 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.5EPSS: 7%CPEs: 81EXPL: 0CVE-2015-7973 – HPE Security Bulletin HPESBHF03750 1
https://notcve.org/view.php?id=CVE-2015-7973
27 Jan 2016 — NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network. NTP en versiones anteriores a 4.2.8p6 y 4.3.x en versiones anteriores a 4.3.90, cuando está configurado en modo de difusión, permite a atacantes man-in-the-middle realizar ataques de repetición rastreando la red. Aanchal Malhotra discovered that NTP incorrectly handled authenticated broadcast mode. A remote attacker could use this issue to perfo... • http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html • CWE-254: 7PK - Security Features •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 2CVE-2015-5677 – FreeBSD bsnmpd Information Disclosure
https://notcve.org/view.php?id=CVE-2015-5677
15 Jan 2016 — bsnmpd, as used in FreeBSD 9.3, 10.1, and 10.2, uses world-readable permissions on the snmpd.config file, which allows local users to obtain the secret key for USM authentication by reading the file. bsnmpd, como se utiliza en FreeBSD 9.3, 10.1 y 10.2, utiliza permisos de lectura universal en el archivo snmpd.config, lo que permite a usuarios locales obtener la clave secreta para autenticación USM leyendo el archivo. The SNMP protocol supports an authentication model called USM, which relies on a shared sec... • https://packetstorm.news/files/id/135296 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •