GCVE - cpe:2.3:o:freebsd:freebsd:6.3:-:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:freebsd:freebsd:6.3:-:*:*:*:*:*:*

part: o version: 6.3 update: -

Vendor	Freebsd (`1e86ea60-a74f-5f45-ac35-3eb819c9e064`)
Product	Freebsd (`be9b20ed-2a20-5a94-a224-b1a6fdcacb17`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/freebsd/freebsd-src`	purl2cpe	2026-06-01 10:12:45.354760

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2008-5736`	vulnerable	2026-06-08 04:50:52.918798	Details available Multiple unspecified vulnerabilities in FreeBSD 6 before 6.4-STABLE, 6.3 before 6.3-RELEASE-p7, 6.4 before 6.4-RELEASE-p1, 7.0 before 7.0-RELEASE-p7, 7.1 before 7.1-RC2, and 7 before 7.1-PRERELEASE allow local users to gain privileges via unknown attack vectors related to function pointers that are "not properly initialized" for (1) netgraph sockets and (2) bluetooth sockets. Published: 2008-12-26T18:00:00.000Z Updated: 2024-08-07T11:04:44.543Z Open on db.gcve.eu Reference links https://www.exploit-db.com/exploits/7581 http://securityreason.com/securityalert/8124 https://exchange.xforce.ibmcloud.com/vulnerabilities/47570 http://www.exploit-db.com/exploits/16951 http://security.freebsd.org/advisories/FreeBSD-SA-08:13.protosw.asc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2008-5162`	vulnerable	2026-06-08 04:50:49.913865	Details available The arc4random function in the kernel in FreeBSD 6.3 through 7.1 does not have a proper entropy source for a short time period immediately after boot, which makes it easier for attackers to predict the function's return values and conduct certain attacks against the GEOM framework and various network protocols, related to the Yarrow random number generator. Published: 2008-11-26T23:00:00.000Z Updated: 2024-08-07T10:40:17.200Z Open on db.gcve.eu Reference links http://secunia.com/advisories/32871 http://security.freebsd.org/advisories/FreeBSD-SA-08:11.arc4random.asc http://securitytracker.com/id?1021276 http://osvdb.org/50137 http://www.securityfocus.com/bid/32447	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2008-0122`	not_vulnerable	2026-06-08 04:50:10.302142	Details available Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption. Published: 2008-01-16T01:00:00.000Z Updated: 2024-08-07T07:32:24.383Z Open on db.gcve.eu Reference links http://secunia.com/advisories/28579 https://bugzilla.redhat.com/show_bug.cgi?id=429149 http://www.redhat.com/support/errata/RHSA-2008-0300.html http://www.securityfocus.com/bid/27283 http://secunia.com/advisories/30538	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.