| Bug | Description |
|---|
| TEMP-0000000-01E656 | Possible SQL injection in freeradius |
| CVE-2019-17185 | In FreeRADIUS 3.0.x before 3.0.20, the EAP-pwd module used a global Op ... |
| CVE-2019-13456 | In FreeRADIUS 3.0 through 3.0.19, on average 1 in every 2048 EAP-pwd h ... |
| CVE-2019-11235 | FreeRADIUS before 3.0.19 mishandles the "each participant verifies tha ... |
| CVE-2019-11234 | FreeRADIUS before 3.0.19 does not prevent use of reflection for authen ... |
| CVE-2017-10987 | An FR-GV-304 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Buff ... |
| CVE-2017-10986 | An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Infi ... |
| CVE-2017-10985 | An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows "Infinite lo ... |
| CVE-2017-10984 | An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows "Write overf ... |
| CVE-2017-10983 | An FR-GV-206 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0. ... |
| CVE-2017-10982 | An FR-GV-205 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Buff ... |
| CVE-2017-10981 | An FR-GV-204 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memo ... |
| CVE-2017-10980 | An FR-GV-203 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memo ... |
| CVE-2017-10979 | An FR-GV-202 issue in FreeRADIUS 2.x before 2.2.10 allows "Write overf ... |
| CVE-2017-10978 | An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0. ... |
| CVE-2017-9148 | The TLS session cache in FreeRADIUS 2.1.1 through 2.1.7, 3.0.x before ... |
| CVE-2015-8764 | Off-by-one error in the EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 ... |
| CVE-2015-8763 | The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attac ... |
| CVE-2015-8762 | The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attac ... |
| CVE-2015-4680 | FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly ... |
| CVE-2014-2015 | Stack-based buffer overflow in the normify function in the rlm_pap mod ... |
| CVE-2012-3547 | Stack-based buffer overflow in the cbtls_verify function in FreeRADIUS ... |
| CVE-2011-4966 | modules/rlm_unix/rlm_unix.c in FreeRADIUS before 2.2.0, when unix mode ... |
| CVE-2011-2701 | The ocsp_check function in rlm_eap_tls.c in FreeRADIUS 2.1.11, when OC ... |
| CVE-2010-3697 | The wait_for_child_to_die function in main/event.c in FreeRADIUS 2.1.x ... |
| CVE-2010-3696 | The fr_dhcp_decode function in lib/dhcp.c in FreeRADIUS 2.1.9, in cert ... |
| CVE-2010-0524 | The default configuration of the FreeRADIUS server in Apple Mac OS X S ... |
| CVE-2009-3111 | The rad_decode function in FreeRADIUS before 1.1.8 allows remote attac ... |
| CVE-2008-4474 | freeradius-dialupadmin in freeradius 2.0.4 allows local users to overw ... |
| CVE-2007-2028 | Memory leak in freeRADIUS 1.1.5 and earlier allows remote attackers to ... |
| CVE-2007-0080 | Buffer overflow in the SMB_Connect_Server function in FreeRadius 1.1.3 ... |
| CVE-2006-1354 | Unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remot ... |
| CVE-2005-4746 | Multiple buffer overflows in FreeRADIUS 1.0.3 and 1.0.4 allow remote a ... |
| CVE-2005-4745 | SQL injection vulnerability in the rlm_sqlcounter module in FreeRADIUS ... |
| CVE-2005-4744 | Off-by-one error in the sql_error function in sql_unixodbc.c in FreeRA ... |
| CVE-2005-1455 | Buffer overflow in the sql_escape_func function in the SQL module for ... |
| CVE-2005-1454 | SQL injection vulnerability in the radius_xlat function in the SQL mod ... |
| CVE-2004-0961 | Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to caus ... |
| CVE-2004-0960 | FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of s ... |
| CVE-2004-0938 | FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of s ... |
| CVE-2003-0968 | Stack-based buffer overflow in SMB_Logon_Server of the rlm_smb experim ... |
| CVE-2003-0967 | rad_decode in FreeRADIUS 0.9.2 and earlier allows remote attackers to ... |