GCVE - cpe:2.3:o:freebsd:freebsd:0.4_1:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:freebsd:freebsd:0.4_1:*:*:*:*:*:*:*

part: o version: 0.4_1 update: *

Vendor	Freebsd (`1e86ea60-a74f-5f45-ac35-3eb819c9e064`)
Product	Freebsd (`be9b20ed-2a20-5a94-a224-b1a6fdcacb17`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/freebsd/freebsd-src`	purl2cpe	2026-06-01 10:12:45.130509

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2013-6834`	vulnerable	2026-06-08 05:05:07.107845	Details available The ql_eioctl function in sys/dev/qlxgbe/ql_ioctl.c in the kernel in FreeBSD 10 and earlier does not validate a certain size parameter, which allows local users to obtain sensitive information from kernel memory via a crafted ioctl call. Published: 2013-11-21T02:00:00.000Z Updated: 2024-08-06T17:46:23.887Z Open on db.gcve.eu Reference links http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0107.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-6833`	vulnerable	2026-06-08 05:05:07.105649	Details available The qls_eioctl function in sys/dev/qlxge/qls_ioctl.c in the kernel in FreeBSD 10 and earlier does not validate a certain size parameter, which allows local users to obtain sensitive information from kernel memory via a crafted ioctl call. Published: 2013-11-21T02:00:00.000Z Updated: 2024-08-06T17:46:23.761Z Open on db.gcve.eu Reference links http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0107.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-6832`	vulnerable	2026-06-08 05:05:07.061648	Details available The nand_ioctl function in sys/dev/nand/nand_geom.c in the nand driver in the kernel in FreeBSD 10 and earlier does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via a crafted ioctl call. Published: 2013-11-21T02:00:00.000Z Updated: 2024-08-06T17:46:23.757Z Open on db.gcve.eu Reference links http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0106.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2008-4609`	vulnerable	2026-06-08 04:50:46.958136	Details available The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. Published: 2008-10-20T17:00:00.000Z Updated: 2024-08-07T10:24:20.677Z Open on db.gcve.eu Reference links http://blog.robertlee.name/2008/10/conjecture-speculation.html https://www.cert.fi/haavoittuvuudet/2008/tcp-vulnerabilities.html http://marc.info/?l=bugtraq&m=125856010926699&w=2 http://lists.immunitysec.com/pipermail/dailydave/2008-October/005360.html http://insecure.org/stf/tcp-dos-attack-explained.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.