CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-24385
https://notcve.org/view.php?id=CVE-2020-24385
03 Sep 2020 — In MidnightBSD before 1.2.6 and 1.3 before August 2020, and FreeBSD before 7, a NULL pointer dereference was found in the Linux emulation layer that allows attackers to crash the running kernel. During binary interaction, td->td_emuldata in sys/compat/linux/linux_emul.h is not getting initialized and returns NULL from em_find(). En MidnightBSD versiones anteriores a 1.2.6 y versiones 1.3 anteriores a Agosto de 2020, y FreeBSD versiones anteriores a 7, se encontró una desreferencia del puntero NULL en la cap... • http://www.midnightbsd.org/security/adv/MIDNIGHTBSD-SA-20:02.txt • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 2CVE-2020-24863
https://notcve.org/view.php?id=CVE-2020-24863
03 Sep 2020 — A memory corruption vulnerability was found in the kernel function kern_getfsstat in MidnightBSD before 1.2.7 and 1.3 through 2020-08-19, and FreeBSD through 11.4, that allows an attacker to trigger an invalid free and crash the system via a crafted size value in conjunction with an invalid mode. Se encontró una vulnerabilidad de corrupción de memoria en la función del kernel kern_getfsstat en MidnightBSD versiones anteriores a 1.2.7 y versiones 1.3 hasta el19-08-2020, y FreeBSD versiones hasta 11.4, que pe... • http://www.midnightbsd.org/security/adv/MIDNIGHTBSD-SA-20:01.txt • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 12%CPEs: 7EXPL: 3CVE-2009-0687 – Multiple Vendor - PF Null Pointer Dereference
https://notcve.org/view.php?id=CVE-2009-0687
11 Aug 2009 — The pf_test_rule function in OpenBSD Packet Filter (PF), as used in OpenBSD 4.2 through 4.5, NetBSD 5.0 before RC3, MirOS 10 and earlier, and MidnightBSD 0.3-current allows remote attackers to cause a denial of service (panic) via crafted IP packets that trigger a NULL pointer dereference during translation, related to an IPv4 packet with an ICMPv6 payload. La función pf_test_rule de OpenBSD Packet Filter (PF), tal como es usada en OpenBSD v4.2 hasta v4.5, NetBSD v5.0 anterior a RC3, MirOS v10 y anteriores ... • https://www.exploit-db.com/exploits/8581 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 2049EXPL: 1CVE-2008-4609
https://notcve.org/view.php?id=CVE-2008-4609
20 Oct 2008 — The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. La implementación del protocolo TCP en (1) Linux, (2) plataformas basadas en BSD Unix, (3) Microsoft Windows, (4) productos Cisco, y probablemente otros sistemas operativos, p... • https://github.com/mrclki/sockstress • CWE-16: Configuration •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2006-6013
https://notcve.org/view.php?id=CVE-2006-6013
21 Nov 2006 — Integer signedness error in the fw_ioctl (FW_IOCTL) function in the FireWire (IEEE-1394) drivers (dev/firewire/fwdev.c) in various BSD kernels, including DragonFlyBSD, FreeBSD 5.5, MidnightBSD 0.1-CURRENT before 20061115, NetBSD-current before 20061116, NetBSD-4 before 20061203, and TrustedBSD, allows local users to read arbitrary memory contents via certain negative values of crom_buf->len in an FW_GCROM command. NOTE: this issue has been labeled as an integer overflow, but it is more like an integer signe... • http://archives.neohapsis.com/archives/fulldisclosure/2006-11/0261.html •