GCVE - cpe:2.3:o:freebsd:freebsd:14.1:-:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:freebsd:freebsd:14.1:-:*:*:*:*:*:*

part: o version: 14.1 update: -

Vendor	Freebsd (`1e86ea60-a74f-5f45-ac35-3eb819c9e064`)
Product	Freebsd (`be9b20ed-2a20-5a94-a224-b1a6fdcacb17`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/freebsd/freebsd-src`	purl2cpe	2026-06-01 10:12:45.194214

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-8178`	vulnerable	2026-06-08 07:00:22.947745	Multiple issues in ctl(4) CAM Target Layer The ctl_write_buffer and ctl_read_buffer functions allocated memory to be returned to userspace, without initializing it. Malicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host. Published: 2024-09-05T04:31:12.231Z Updated: 2025-11-04T16:15:56.298Z Open on db.gcve.eu Reference links https://security.freebsd.org/advisories/FreeBSD-SA-24:11.ctl.asc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-6387`	vulnerable	2026-06-08 06:58:19.240628	Openssh: regresshion - race condition in ssh allows rce/dos HIGH (8.1) A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period. Published: 2024-07-01T12:37:25.431Z Updated: 2026-05-12T11:39:26.672Z Open on db.gcve.eu Reference links https://access.redhat.com/errata/RHSA-2024:4312 https://access.redhat.com/errata/RHSA-2024:4340 https://access.redhat.com/errata/RHSA-2024:4389 https://access.redhat.com/errata/RHSA-2024:4469 https://access.redhat.com/errata/RHSA-2024:4474	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-45287`	vulnerable	2026-06-08 06:45:55.822313	Multiple vulnerabilities in libnv A malicious value of size in a structure of packed libnv can cause an integer overflow, leading to the allocation of a smaller buffer than required for the parsed data. Published: 2024-09-05T03:18:16.076Z Updated: 2024-09-26T15:03:11.171Z Open on db.gcve.eu Reference links https://security.freebsd.org/advisories/FreeBSD-SA-24:09.libnv.asc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-45063`	vulnerable	2026-06-08 06:45:54.485988	Multiple issues in ctl(4) CAM Target Layer The function ctl_write_buffer incorrectly set a flag which resulted in a kernel Use-After-Free when a command finished processing. Malicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host. Published: 2024-09-05T04:31:22.649Z Updated: 2025-11-04T16:15:46.470Z Open on db.gcve.eu Reference links https://security.freebsd.org/advisories/FreeBSD-SA-24:11.ctl.asc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-43110`	vulnerable	2026-06-08 06:45:49.592449	Multiple issues in ctl(4) CAM Target Layer The ctl_request_sense function could expose up to three bytes of the kernel heap to userspace. Malicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host. Published: 2024-09-05T04:31:19.166Z Updated: 2025-11-04T16:13:45.604Z Open on db.gcve.eu Reference links https://security.freebsd.org/advisories/FreeBSD-SA-24:11.ctl.asc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-43102`	vulnerable	2026-06-08 06:45:49.579823	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-42416`	vulnerable	2026-06-08 06:43:56.670684	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-32668`	vulnerable	2026-06-08 06:37:23.580850	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.