Approved changes feed: RSS · Atom
cpe:2.3:o:freebsd:freebsd:11.0:*:*:*:*:*:*:*
part: o version: 11.0 update: *
| Vendor | Freebsd (1e86ea60-a74f-5f45-ac35-3eb819c9e064) |
|---|---|
| Product | Freebsd (be9b20ed-2a20-5a94-a224-b1a6fdcacb17) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2018-6923 |
vulnerable | 2026-06-08 05:11:54.461714 |
Details available
In FreeBSD before 11.1-STABLE, 11.2-RELEASE-p2, 11.1-RELEASE-p13, ip fragment reassembly code is vulnerable to a denial of service due to excessive system resource consumption. This issue can allow a remote attacker who is able to send an arbitrary ip fragments to cause the machine to consume excessive resources.
Published: 2018-09-04T18:00:00.000Z
Updated: 2024-09-16T23:16:08.596Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-3665 |
vulnerable | 2026-06-08 05:11:40.813791 |
Details available
System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.
Published: 2018-06-21T20:00:00.000Z
Updated: 2024-09-17T01:01:36.405Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-9042 |
vulnerable | 2026-06-08 05:08:22.455947 |
Details available
LOW (3.7)
An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the origin timestamp check (TEST2) causing the reply to be dropped and creating a denial of service condition.
Published: 2018-06-04T20:00:00.000Z
Updated: 2024-09-17T03:53:51.612Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-6559 |
vulnerable | 2026-06-08 05:08:02.769302 |
The BSD libc library's link_ntoa() function may be vulnerable to a classic buffer overflow
Improper bounds checking of the obuf variable in the link_ntoa() function in linkaddr.c of the BSD libc library may allow an attacker to read or write from memory. The full impact and severity depends on the method of exploit and how the library is used by applications. According to analysis by FreeBSD developers, it is very unlikely that applications exist that utilize link_ntoa() in an exploitable manner, and the CERT/CC is not aware of any proof of concept. A blog post describes the functionality of link_ntoa() and points out that none of the base utilities use this function in an exploitable manner. For more information, please see FreeBSD Security Advisory SA-16:37.
Published: 2018-07-13T20:00:00.000Z
Updated: 2024-08-06T01:36:29.410Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-1889 |
vulnerable | 2026-06-08 05:07:32.166796 |
Details available
Integer overflow in the bhyve hypervisor in FreeBSD 10.1, 10.2, 10.3, and 11.0 when configured with a large amount of guest memory, allows local users to gain privilege via a crafted device descriptor.
Published: 2017-02-15T15:00:00.000Z
Updated: 2024-08-05T23:10:39.893Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-1888 |
vulnerable | 2026-06-08 05:07:32.166303 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.