This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Freebsd First view 1990-05-09
Product Freebsd Last view 2024-09-05
Version Type
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:* 144
cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:* 140
cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:* 140
cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:* 136
cpe:2.3:o:freebsd:freebsd:4.3:-:*:*:*:*:*:* 132
cpe:2.3:o:freebsd:freebsd:3.0:*:*:*:*:*:*:* 131
cpe:2.3:o:freebsd:freebsd:3.3:-:*:*:*:*:*:* 131
cpe:2.3:o:freebsd:freebsd:3.2:*:*:*:*:*:*:* 130
cpe:2.3:o:freebsd:freebsd:4.4:-:*:*:*:*:*:* 129
cpe:2.3:o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:* 128
cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:* 128
cpe:2.3:o:freebsd:freebsd:3.1:*:*:*:*:*:*:* 127
cpe:2.3:o:freebsd:freebsd:3.4:*:*:*:*:*:*:* 126
cpe:2.3:o:freebsd:freebsd:2.0:*:*:*:*:*:*:* 125
cpe:2.3:o:freebsd:freebsd:5.0:-:*:*:*:*:*:* 124
cpe:2.3:o:freebsd:freebsd:3.5:*:*:*:*:*:*:* 124
cpe:2.3:o:freebsd:freebsd:2.1.5:*:*:*:*:*:*:* 123
cpe:2.3:o:freebsd:freebsd:4.5:-:*:*:*:*:*:* 122
cpe:2.3:o:freebsd:freebsd:2.2:*:*:*:*:*:*:* 122
cpe:2.3:o:freebsd:freebsd:4.6:-:*:*:*:*:*:* 122
cpe:2.3:o:freebsd:freebsd:3.5.1:*:*:*:*:*:*:* 122
cpe:2.3:o:freebsd:freebsd:2.0.5:*:*:*:*:*:*:* 122
cpe:2.3:o:freebsd:freebsd:2.1.6:*:*:*:*:*:*:* 119
cpe:2.3:o:freebsd:freebsd:1.1.5.1:*:*:*:*:*:*:* 118
cpe:2.3:o:freebsd:freebsd:2.2.2:*:*:*:*:*:*:* 116
cpe:2.3:o:freebsd:freebsd:4.0:alpha:*:*:*:*:*:* 116
cpe:2.3:o:freebsd:freebsd:4.7:-:*:*:*:*:*:* 116
cpe:2.3:o:freebsd:freebsd:2.2.4:*:*:*:*:*:*:* 115
cpe:2.3:o:freebsd:freebsd:2.2.3:*:*:*:*:*:*:* 115
cpe:2.3:o:freebsd:freebsd:2.1.7.1:*:*:*:*:*:*:* 115
cpe:2.3:o:freebsd:freebsd:2.2.5:*:*:*:*:*:*:* 115
cpe:2.3:o:freebsd:freebsd:4.1.1:stable:*:*:*:*:*:* 114
cpe:2.3:o:freebsd:freebsd:2.2.8:*:*:*:*:*:*:* 114
cpe:2.3:o:freebsd:freebsd:4.1.1:release:*:*:*:*:*:* 114
cpe:2.3:o:freebsd:freebsd:2.2.6:*:*:*:*:*:*:* 114
cpe:2.3:o:freebsd:freebsd:4.8:-:*:*:*:*:*:* 113
cpe:2.3:o:freebsd:freebsd:2.1.6.1:*:*:*:*:*:*:* 113
cpe:2.3:o:freebsd:freebsd:-:*:*:*:*:*:*:* 112
cpe:2.3:o:freebsd:freebsd:4.3:release:*:*:*:*:*:* 112
cpe:2.3:o:freebsd:freebsd:4.5:release:*:*:*:*:*:* 112
cpe:2.3:o:freebsd:freebsd:4.2:stable:*:*:*:*:*:* 112
cpe:2.3:o:freebsd:freebsd:5.1:-:*:*:*:*:*:* 112
cpe:2.3:o:freebsd:freebsd:5.2:-:*:*:*:*:*:* 111
cpe:2.3:o:freebsd:freebsd:4.0:releng:*:*:*:*:*:* 111
cpe:2.3:o:freebsd:freebsd:4.9:-:*:*:*:*:*:* 111
cpe:2.3:o:freebsd:freebsd:4.3:stable:*:*:*:*:*:* 110
cpe:2.3:o:freebsd:freebsd:4.3:releng:*:*:*:*:*:* 108
cpe:2.3:o:freebsd:freebsd:4.5:stable:*:*:*:*:*:* 108
cpe:2.3:o:freebsd:freebsd:1.2:*:*:*:*:*:*:* 108
cpe:2.3:o:freebsd:freebsd:2.1.7:*:*:*:*:*:*:* 108

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
8.8 2024-09-05 CVE-2024-8178

The ctl_write_buffer and ctl_read_buffer functions allocated memory to be returned to userspace, without initializing it.

Malicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host.

7.5 2024-09-05 CVE-2024-45287

A malicious value of size in a structure of packed libnv can cause an integer overflow, leading to the allocation of a smaller buffer than required for the parsed data.

8.8 2024-09-05 CVE-2024-45063

The function ctl_write_buffer incorrectly set a flag which resulted in a kernel Use-After-Free when a command finished processing.

Malicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host.

8.8 2024-09-05 CVE-2024-43110

The ctl_request_sense function could expose up to three bytes of the kernel heap to userspace.

Malicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host.

10 2024-09-05 CVE-2024-43102

Concurrent removals of certain anonymous shared memory mappings by using the UMTX_SHM_DESTROY sub-request of UMTX_OP_SHM can lead to decreasing the reference count of the object representing the mapping too many times, causing it to be freed too early.

A malicious code exercizing the UMTX_SHM_DESTROY sub-request in parallel can panic the kernel or enable further Use-After-Free attacks, potentially including code execution or Capsicum sandbox escape.

8.8 2024-09-05 CVE-2024-42416

The ctl_report_supported_opcodes function did not sufficiently validate a field provided by userspace, allowing an arbitrary write to a limited amount of kernel help memory.

Malicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host.

8.2 2024-09-05 CVE-2024-32668

An insufficient boundary validation in the USB code could lead to an out-of-bounds write on the heap, with data controlled by the caller.

A malicious, privileged software running in a guest VM can exploit the vulnerability to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process.

8.1 2024-08-12 CVE-2024-7589

A signal handler in sshd(8) may call a logging function that is not async-signal-safe. The signal handler is invoked when a client does not authenticate within the LoginGraceTime seconds (120 by default). This signal handler executes in the context of the sshd(8)'s privileged code, which is not sandboxed and runs with full root privileges.

This issue is another instance of the problem in CVE-2024-6387 addressed by FreeBSD-SA-24:04.openssh. The faulty code in this case is from the integration of blacklistd in OpenSSH in FreeBSD.

As a result of calling functions that are not async-signal-safe in the privileged sshd(8) context, a race condition exists that a determined attacker may be able to exploit to allow an unauthenticated remote code execution as root.

7.5 2024-08-12 CVE-2024-6760

A logic bug in the code which disables kernel tracing for setuid programs meant that tracing was not disabled when it should have, allowing unprivileged users to trace and inspect the behavior of setuid programs.

The bug may be used by an unprivileged user to read the contents of files to which they would not otherwise have access, such as the local password database.

5.3 2024-08-12 CVE-2024-6759

When mounting a remote filesystem using NFS, the kernel did not sanitize remotely provided filenames for the path separator character, "/". This allows readdir(3) and related functions to return filesystem entries with names containing additional path components.

The lack of validation described above gives rise to a confused deputy problem. For example, a program copying files from an NFS mount could be tricked into copying from outside the intended source directory, and/or to a location outside the intended destination directory.

8.1 2024-07-01 CVE-2024-6387

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

0 2024-04-11 CVE-2024-29937

NFS in a BSD derived codebase, as used in OpenBSD through 7.4 and FreeBSD through 14.0-RELEASE, allows remote attackers to execute arbitrary code via a bug that is unrelated to memory corruption.

0 2024-02-15 CVE-2024-25941

The jail(2) system call has not limited a visiblity of allocated TTYs (the kern.ttys sysctl). This gives rise to an information leak about processes outside the current jail.

Attacker can get information about TTYs allocated on the host or in other jails. Effectively, the information printed by "pstat -t" may be leaked.

0 2024-02-15 CVE-2024-25940

`bhyveload -h ` may be used to grant loader access to the directory tree on the host. Affected versions of bhyveload(8) do not make any attempt to restrict loader's access to , allowing the loader to read any file the host user has access to. In the bhyveload(8) model, the host supplies a userboot.so to boot with, but the loader scripts generally come from the guest image. A maliciously crafted script could be used to exfiltrate sensitive data from the host accessible to the user running bhyhveload(8), which is often the system root.

0 2024-02-15 CVE-2022-23093

ping reads raw IP packets from the network to process responses in the pr_pack() function. As part of processing a response ping has to reconstruct the IP header, the ICMP header and if present a "quoted packet," which represents the packet that generated an ICMP error. The quoted packet again has an IP header and an ICMP header.

The pr_pack() copies received IP and ICMP headers into stack buffers for further processing. In so doing, it fails to take into account the possible presence of IP option headers following the IP header in either the response or the quoted packet. When IP options are present, pr_pack() overflows the destination buffer by up to 40 bytes.

The memory safety bugs described above can be triggered by a remote host, causing the ping program to crash.

The ping process runs in a capability mode sandbox on all affected versions of FreeBSD and is thus very constrained in how it can interact with the rest of the system at the point where the bug can occur.

0 2024-02-15 CVE-2022-23092

The implementation of lib9p's handling of RWALK messages was missing a bounds check needed when unpacking the message contents. The missing check means that the receipt of a specially crafted message will cause lib9p to overwrite unrelated memory.

The bug can be triggered by a malicious bhyve guest kernel to overwrite memory in the bhyve(8) process. This could potentially lead to user-mode code execution on the host, subject to bhyve's Capsicum sandbox.

0 2024-02-15 CVE-2022-23091

A particular case of memory sharing is mishandled in the virtual memory system. This is very similar to SA-21:08.vm, but with a different root cause.

An unprivileged local user process can maintain a mapping of a page after it is freed, allowing that process to read private data belonging to other processes or the kernel.

0 2024-02-15 CVE-2022-23090

The aio_aqueue function, used by the lio_listio system call, fails to release a reference to a credential in an error case.

An attacker may cause the reference count to overflow, leading to a use after free (UAF).

0 2024-02-15 CVE-2022-23089

When dumping core and saving process information, proc_getargv() might return an sbuf which have a sbuf_len() of 0 or -1, which is not properly handled.

An out-of-bound read can happen when user constructs a specially crafted ps_string, which in turn can cause the kernel to crash.

0 2024-02-15 CVE-2022-23088

The 802.11 beacon handling routine failed to validate the length of an IEEE 802.11s Mesh ID before copying it to a heap-allocated buffer.

While a FreeBSD Wi-Fi client is in scanning mode (i.e., not associated with a SSID) a malicious beacon frame may overwrite kernel memory, leading to remote code execution.

8.8 2024-02-15 CVE-2022-23087

The e1000 network adapters permit a variety of modifications to an Ethernet packet when it is being transmitted. These include the insertion of IP and TCP checksums, insertion of an Ethernet VLAN header, and TCP segmentation offload ("TSO"). The e1000 device model uses an on-stack buffer to generate the modified packet header when simulating these modifications on transmitted packets.

When checksum offload is requested for a transmitted packet, the e1000 device model used a guest-provided value to specify the checksum offset in the on-stack buffer. The offset was not validated for certain packet types.

A misbehaving bhyve guest could overwrite memory in the bhyve process on the host, possibly leading to code execution in the host context.

The bhyve process runs in a Capsicum sandbox, which (depending on the FreeBSD version and bhyve configuration) limits the impact of exploiting this issue.

7.8 2024-02-15 CVE-2022-23086

Handlers for *_CFG_PAGE read / write ioctls in the mpr, mps, and mpt drivers allocated a buffer of a caller-specified size, but copied to it a fixed size header. Other heap content would be overwritten if the specified size was too small.

Users with access to the mpr, mps or mpt device node may overwrite heap data, potentially resulting in privilege escalation. Note that the device node is only accessible to root and members of the operator group.

8.2 2024-02-15 CVE-2022-23085

A user-provided integer option was passed to nmreq_copyin() without checking if it would overflow. This insufficient bounds checking could lead to kernel memory corruption.

On systems configured to include netmap in their devfs_ruleset, a privileged process running in a jail can affect the host environment.

7.5 2024-02-15 CVE-2022-23084

The total size of the user-provided nmreq to nmreq_copyin() was first computed and then trusted during the copyin. This time-of-check to time-of-use bug could lead to kernel memory corruption.

On systems configured to include netmap in their devfs_ruleset, a privileged process running in a jail can affect the host environment.

5.3 2023-12-24 CVE-2023-51765

sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports . but some other popular e-mail servers do not. This is resolved in 8.18 and later versions with 'o' in srv_features.

CWE : Common Weakness Enumeration

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
10% (28) CWE-20 Improper Input Validation
9% (27) CWE-264 Permissions, Privileges, and Access Controls
9% (25) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
7% (21) CWE-200 Information Exposure
6% (19) CWE-787 Out-of-bounds Write
4% (12) CWE-416 Use After Free
4% (12) CWE-362 Race Condition
4% (12) CWE-189 Numeric Errors
4% (11) CWE-399 Resource Management Errors
4% (11) CWE-330 Use of Insufficiently Random Values
3% (9) CWE-190 Integer Overflow or Wraparound
2% (8) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
2% (7) CWE-476 NULL Pointer Dereference
2% (7) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
2% (7) CWE-125 Out-of-bounds Read
1% (5) CWE-287 Improper Authentication
1% (4) CWE-665 Improper Initialization
1% (4) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
1% (3) CWE-345 Insufficient Verification of Data Authenticity
1% (3) CWE-203 Information Exposure Through Discrepancy
0% (2) CWE-772 Missing Release of Resource after Effective Lifetime
0% (2) CWE-770 Allocation of Resources Without Limits or Throttling
0% (2) CWE-667 Insufficient Locking
0% (2) CWE-415 Double Free
0% (2) CWE-404 Improper Resource Shutdown or Release

CAPEC : Common Attack Pattern Enumeration & Classification

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Name
CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs
CAPEC-8 Buffer Overflow in an API Call
CAPEC-9 Buffer Overflow in Local Command-Line Utilities
CAPEC-10 Buffer Overflow via Environment Variables
CAPEC-13 Subverting Environment Variable Values
CAPEC-14 Client-side Injection-induced Buffer Overflow
CAPEC-17 Accessing, Modifying or Executing Executable Files
CAPEC-18 Embedding Scripts in Nonscript Elements
CAPEC-24 Filter Failure through Buffer Overflow
CAPEC-25 Forced Deadlock
CAPEC-26 Leveraging Race Conditions
CAPEC-29 Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
CAPEC-30 Hijacking a Privileged Thread of Execution
CAPEC-39 Manipulating Opaque Client-based Data Tokens
CAPEC-42 MIME Conversion
CAPEC-44 Overflow Binary Resource File
CAPEC-45 Buffer Overflow via Symbolic Links
CAPEC-46 Overflow Variables and Tags
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-51 Poison Web Service Registry
CAPEC-58 Restful Privilege Elevation
CAPEC-59 Session Credential Falsification through Prediction
CAPEC-60 Reusing Session IDs (aka Session Replay)
CAPEC-63 Simple Script Injection
CAPEC-67 String Format Overflow in syslog()

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalID Name
oval:org.mitre.oval:def:5931 The vacation program erroneously passes parameters to sendmail.
oval:org.mitre.oval:def:10888 cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating sys...
oval:org.mitre.oval:def:1828 Buffer Overflow in "in.telnetd"or "telnetd"Process
oval:org.mitre.oval:def:9 Solaris 8 RPC xdr_array Buffer Overflow
oval:org.mitre.oval:def:4728 SunRPC xdr_array Function Integer Overflow
oval:org.mitre.oval:def:42 Solaris 7 RPC xdr_array Buffer Overflow
oval:org.mitre.oval:def:2539 BIND SIG Resource Records Buffer Overflow
oval:org.mitre.oval:def:449 Bind OPT Resource Record DoS Vulnerability
oval:org.mitre.oval:def:2094 BIND DoS via SIG RR Elements
oval:org.mitre.oval:def:2665 Data Leak in NIC
oval:org.mitre.oval:def:28706 Critical Patch Update January 2015
oval:org.mitre.oval:def:230 xdrmem_bytes() Integer Overflow Vulnerability
oval:org.mitre.oval:def:1970 Off-by-one Error in fb_realpath()
oval:org.mitre.oval:def:597 Denial of Service in Sendmail via the enhdnsbl Feature
oval:org.mitre.oval:def:603 Sendmail BO in prescan Function
oval:org.mitre.oval:def:572 Sendmail BO in Prescan Function
oval:org.mitre.oval:def:2975 Sendmail prescan function Buffer Overflow
oval:org.mitre.oval:def:2011 ISC BIND Cache Poison Denial Of Service
oval:org.mitre.oval:def:9779 The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to...
oval:org.mitre.oval:def:975 Red Hat OpenSSL do_change_cipher_spec Function Denial of Service
oval:org.mitre.oval:def:870 Red Hat Enterprise 3 OpenSSL do_change_cipher_spec Function Denial of Service
oval:org.mitre.oval:def:5770 Multiple Vendor OpenSSL 0.9.6x, 0.9.7x Null-Pointer DoS Vulnerability
oval:org.mitre.oval:def:2621 OpenSSL Denial of Service Vulnerabilities
oval:org.mitre.oval:def:902 Red Hat OpenSSL Improper Unknown Message Handling Vulnerability
oval:org.mitre.oval:def:871 Red Hat Enterprise 3 OpenSSL Improper Unknown Message Handling Vulnerability

SAINT Exploits

Description Link
Telnetd Encryption Key ID Code Execution More info here

Open Source Vulnerability Database (OSVDB)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
78020 FreeBSD telnetd Multiple telnet/libtelnet/encrypt.c encrypt_keyid() Function ...
76945 OpenPAM Pam Services Traversal Local Privilege Escalation
75788 FreeBSD UNIX Domain Socket sys/kern/uipc_usrreq.c uipc_bind() Function Local ...
75249 OpenSSH sftp-glob.c remote_glob Function Glob Expression Parsing Remote DoS
75248 OpenSSH sftp.c process_put Function Glob Expression Parsing Remote DoS
75011 crontab crontab.c Temporary File Symlink Arbitrary MD5 Hash Comparison
75010 crontab crontab.c realpath() Temporary File Symlink Directory Enumeration
75009 crontab crontab.c stat() Call Temporary File Symlink Arbitrary File Enumeration
75007 libc glob Expression Pathname Matching Remote DoS (2010-4754)
74934 KAME IPSEC Implementations Spoofed ESP Packet DoS
74927 X.Org libXfont src/fontfile/decompress.c BufCompressedFill() Function LZW Dec...
73388 Multiple Vendor libc Implentation fnmatch.c Memory Consumption DoS
73383 Apache HTTP Server Portable Runtime (APR) Library apr_fnmatch() Infinite Loop...
72130 FreeBSD mountd mountd.c makemask Function NFS Mount Request Access Restrictio...
68313 FreeBSD pseudofs pfs_getattr() Function NULL Dereference Local Privilege Esca...
68291 NetBSD Kernel netsmb Module smb_subr.c /dev/nsmb IOCTL Operation Integer Sign...
67346 Multiple Unix Vendor rpc.pcnfsd pr_init() Symlink Arbitrary File Permission M...
67330 Coda Filesystem Kernel Module IOCTL ViceIoctl Struct Local Memory Disclosure
66316 FreeBSD Read-only Flag Copy Weakness Duplicate mbuf Buffer Reference Sendfile...
65152 FreeBSD jail(8) Descendant Process CWD Escape Arbitrary File Access
65036 FreeBSD nfsclient nfs_vfsops.c nfs_mount() Function File Handle Buffer Mounti...
64949 OPIE readrec.c __opiereadrec() Off-by-One Remote Code Execution
63646 J Programming Language libc dtoa Implementation Floating Point Parsing Memory...
63641 Matlab libc dtoa Implementation Floating Point Parsing Memory Corruption
63639 Apple Mac OS X libc dtoa Implementation Floating Point Parsing Memory Corruption

ExploitDB Exploits

id Description
26454 FreeBSD 9 Address Space Manipulation Privilege Escalation
26076 Cisco ASA < 8.4.4.6|8.2.5.32 Ethernet Information Leak
22131 Linux Kernel 2.0.x/2.2.x/2.4.x,FreeBSD 4.x Network Device Driver Frame Paddin...
16951 FreeBSD <= 6.4 Netgraph Local Privledge Escalation Exploit
12762 FreeBSD 8.0 ftpd off-by one PoC (FreeBSD-SA-10:05)
10380 Sunbird 0.9 Array Overrun (code execution) 0day
10187 Opera 10.01 Remote Array Overrun
10186 K-Meleon 1.5.3 Remote Array Overrun
10185 SeaMonkey 1.1.8 Remote Array Overrun
10184 KDE KDELibs 4.3.3 Remote Array Overrun
9082 FreeBSD 7.0/7.1 vfs.usermount Local Privilege Escalation Exploit
3555 Ethernet Device Drivers Frame Padding - Info Leakage Exploit (Etherleak)

OpenVAS Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-12-18 Name : Fedora Update for xen FEDORA-2012-19828
File : nvt/gb_fedora_2012_19828_xen_fc16.nasl
2012-12-14 Name : Fedora Update for xen FEDORA-2012-19717
File : nvt/gb_fedora_2012_19717_xen_fc17.nasl
2012-12-13 Name : SuSE Update for xen openSUSE-SU-2012:0886-1 (xen)
File : nvt/gb_suse_2012_0886_1.nasl
2012-11-26 Name : FreeBSD Ports: FreeBSD
File : nvt/freebsd_FreeBSD20.nasl
2012-11-23 Name : Fedora Update for xen FEDORA-2012-18242
File : nvt/gb_fedora_2012_18242_xen_fc17.nasl
2012-11-23 Name : Fedora Update for xen FEDORA-2012-18249
File : nvt/gb_fedora_2012_18249_xen_fc16.nasl
2012-11-15 Name : Fedora Update for xen FEDORA-2012-17204
File : nvt/gb_fedora_2012_17204_xen_fc17.nasl
2012-11-15 Name : Fedora Update for xen FEDORA-2012-17408
File : nvt/gb_fedora_2012_17408_xen_fc16.nasl
2012-10-03 Name : Gentoo Security Advisory GLSA 201209-24 (PostgreSQL)
File : nvt/glsa_201209_24.nasl
2012-09-26 Name : Gentoo Security Advisory GLSA 201209-03 (php)
File : nvt/glsa_201209_03.nasl
2012-09-25 Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2012-004)
File : nvt/gb_macosx_su12-004.nasl
2012-09-22 Name : Fedora Update for xen FEDORA-2012-13434
File : nvt/gb_fedora_2012_13434_xen_fc17.nasl
2012-09-22 Name : Fedora Update for xen FEDORA-2012-13443
File : nvt/gb_fedora_2012_13443_xen_fc16.nasl
2012-09-10 Name : Slackware Advisory SSA:2011-133-01 apr/apr-util
File : nvt/esoft_slk_ssa_2011_133_01.nasl
2012-08-30 Name : Fedora Update for php FEDORA-2012-10936
File : nvt/gb_fedora_2012_10936_php_fc17.nasl
2012-08-30 Name : Fedora Update for xen FEDORA-2012-11182
File : nvt/gb_fedora_2012_11182_xen_fc17.nasl
2012-08-30 Name : Fedora Update for xen FEDORA-2012-11755
File : nvt/gb_fedora_2012_11755_xen_fc17.nasl
2012-08-30 Name : Fedora Update for postgresql FEDORA-2012-12156
File : nvt/gb_fedora_2012_12156_postgresql_fc16.nasl
2012-08-30 Name : Fedora Update for postgresql FEDORA-2012-12165
File : nvt/gb_fedora_2012_12165_postgresql_fc17.nasl
2012-08-30 Name : Fedora Update for postgresql FEDORA-2012-8924
File : nvt/gb_fedora_2012_8924_postgresql_fc17.nasl
2012-08-30 Name : Fedora Update for xen FEDORA-2012-9386
File : nvt/gb_fedora_2012_9386_xen_fc17.nasl
2012-08-30 Name : Fedora Update for maniadrive FEDORA-2012-9490
File : nvt/gb_fedora_2012_9490_maniadrive_fc17.nasl
2012-08-30 Name : Fedora Update for php FEDORA-2012-9490
File : nvt/gb_fedora_2012_9490_php_fc17.nasl
2012-08-24 Name : Fedora Update for xen FEDORA-2012-11785
File : nvt/gb_fedora_2012_11785_xen_fc16.nasl
2012-08-10 Name : Debian Security Advisory DSA 2491-1 (postgresql-8.4)
File : nvt/deb_2491_1.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0222 Multiple Security Vulnerabilities in Apple iOS
Severity: Category I - VMSKEY: V0061471
2013-A-0151 ISC BIND 9 Remote Denial of Service Vulnerability
Severity: Category I - VMSKEY: V0039823
2012-A-0056 Multiple Vulnerabilities in VMWare ESX 4.0 and ESXi 4.0
Severity: Category I - VMSKEY: V0031979
2008-B-0070 Multiple Vendors IPv6 Neighbor Discovery Protocol Spoofing Vulnerability
Severity: Category II - VMSKEY: V0017557

Snort® IPS/IDS

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2014-01-10 record route rr denial of service attempt
RuleID : 8730 - Type : PROTOCOL-ICMP - Revision : 6
2014-01-10 vrfy decode
RuleID : 672-community - Type : SERVER-MAIL - Revision : 17
2014-01-10 vrfy decode
RuleID : 672 - Type : SERVER-MAIL - Revision : 17
2014-01-10 Sendmail expn decode
RuleID : 659-community - Type : SERVER-MAIL - Revision : 18
2014-01-10 Sendmail expn decode
RuleID : 659 - Type : SERVER-MAIL - Revision : 18
2014-01-10 RCPT TO overflow
RuleID : 654-community - Type : SERVER-MAIL - Revision : 28
2014-01-10 RCPT TO overflow
RuleID : 654 - Type : SERVER-MAIL - Revision : 28
2014-01-10 portmap pcnfsd request UDP
RuleID : 581-community - Type : PROTOCOL-RPC - Revision : 18
2014-01-10 portmap pcnfsd request UDP
RuleID : 581 - Type : PROTOCOL-RPC - Revision : 18
2014-01-10 portmap amountd request UDP
RuleID : 576-community - Type : PROTOCOL-RPC - Revision : 17
2014-01-10 portmap amountd request UDP
RuleID : 576 - Type : PROTOCOL-RPC - Revision : 17
2014-01-10 AMD Overflow
RuleID : 573 - Type : RPC - Revision : 9
2019-08-31 Apple DMG ffs_mountfs integer overflow exploit attempt
RuleID : 50853 - Type : FILE-OTHER - Revision : 1
2019-08-31 Apple DMG ffs_mountfs integer overflow exploit attempt
RuleID : 50852 - Type : FILE-OTHER - Revision : 1
2018-09-19 ntpq decode array buffer overflow attempt
RuleID : 47585 - Type : SERVER-OTHER - Revision : 4
2018-07-10 Microsoft Windows Interrupt Service Routine stack rollback attempt
RuleID : 46910 - Type : INDICATOR-COMPROMISE - Revision : 2
2018-07-10 Microsoft Windows Interrupt Service Routine stack rollback attempt
RuleID : 46909 - Type : INDICATOR-COMPROMISE - Revision : 2
2018-07-10 Microsoft Windows processor modification return to user-mode attempt
RuleID : 46908 - Type : INDICATOR-COMPROMISE - Revision : 2
2018-07-10 Microsoft Windows processor modification return to user-mode attempt
RuleID : 46907 - Type : INDICATOR-COMPROMISE - Revision : 2
2018-07-10 Microsoft Windows malicious CONTEXT structure creation attempt
RuleID : 46906 - Type : INDICATOR-COMPROMISE - Revision : 2
2018-07-10 Microsoft Windows malicious CONTEXT structure creation attempt
RuleID : 46905 - Type : INDICATOR-COMPROMISE - Revision : 2
2018-07-10 Microsoft Windows SYSTEM token stealing attempt
RuleID : 46904 - Type : INDICATOR-COMPROMISE - Revision : 2
2018-07-10 Microsoft Windows SYSTEM token stealing attempt
RuleID : 46903 - Type : INDICATOR-COMPROMISE - Revision : 2
2018-07-03 Microsoft Windows kernel privilege escalation attempt
RuleID : 46835 - Type : OS-WINDOWS - Revision : 1
2018-07-03 Microsoft Windows kernel privilege escalation attempt
RuleID : 46834 - Type : OS-WINDOWS - Revision : 1

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-10 Name: The remote device is affected by multiple vulnerabilities.
File: juniper_space_jsa10917_183R1.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-a7ac26523d.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-d3cb6f113c.nasl - Type: ACT_GATHER_INFO
2018-12-11 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_32498c8ffc8411e8be12a4badb2f4699.nasl - Type: ACT_GATHER_INFO
2018-11-30 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_sa-18-13_nfs.nasl - Type: ACT_GATHER_INFO
2018-11-27 Name: The remote Virtuozzo host is missing a security update.
File: Virtuozzo_VZLSA-2017-2911.nasl - Type: ACT_GATHER_INFO
2018-11-21 Name: The remote EulerOS Virtualization host is missing a security update.
File: EulerOS_SA-2018-1378.nasl - Type: ACT_GATHER_INFO
2018-11-13 Name: The remote Debian host is missing a security update.
File: debian_DLA-1573.nasl - Type: ACT_GATHER_INFO
2018-11-13 Name: The remote Debian host is missing a security update.
File: debian_DLA-1577.nasl - Type: ACT_GATHER_INFO
2018-11-13 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_791841a3d4844878890992ef9ce424f4.nasl - Type: ACT_GATHER_INFO
2018-11-09 Name: The remote AIX host is missing a security patch.
File: aix_IJ09618.nasl - Type: ACT_GATHER_INFO
2018-11-09 Name: The remote AIX host is missing a security patch.
File: aix_IJ09619.nasl - Type: ACT_GATHER_INFO
2018-11-09 Name: The remote AIX host is missing a security patch.
File: aix_IJ09620.nasl - Type: ACT_GATHER_INFO
2018-11-09 Name: The remote AIX host is missing a security patch.
File: aix_IJ09621.nasl - Type: ACT_GATHER_INFO
2018-11-09 Name: The remote AIX host is missing a security patch.
File: aix_IJ09622.nasl - Type: ACT_GATHER_INFO
2018-11-09 Name: The remote AIX host is missing a security patch.
File: aix_IJ09623.nasl - Type: ACT_GATHER_INFO
2018-11-09 Name: The remote AIX host is missing a security patch.
File: aix_IJ09624.nasl - Type: ACT_GATHER_INFO
2018-11-09 Name: The remote AIX host is missing a security patch.
File: aix_IJ09625.nasl - Type: ACT_GATHER_INFO
2018-11-02 Name: The remote Debian host is missing a security update.
File: debian_DLA-1564.nasl - Type: ACT_GATHER_INFO
2018-11-02 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL17403481.nasl - Type: ACT_GATHER_INFO
2018-11-02 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL21344224.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote EulerOS Virtualization host is missing multiple security updates.
File: EulerOS_SA-2018-1263.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote EulerOS Virtualization host is missing multiple security updates.
File: EulerOS_SA-2018-1270.nasl - Type: ACT_GATHER_INFO
2018-09-13 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_a67c122ab69311e8ac58a4badb2f4699.nasl - Type: ACT_GATHER_INFO
2018-08-23 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_359e1548a65211e8805ba4badb2f4699.nasl - Type: ACT_GATHER_INFO