Filtered by vendor Freeradius
Subscriptions
Total
49 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-1354 | 2 Freeradius, Redhat | 2 Freeradius, Enterprise Linux | 2026-04-16 | N/A |
| Unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remote attackers to bypass authentication or cause a denial of service (server crash) via "Insufficient input validation" in the EAP-MSCHAPv2 state machine module. | ||||
| CVE-2005-1454 | 2 Freeradius, Redhat | 2 Freeradius, Enterprise Linux | 2026-04-16 | N/A |
| SQL injection vulnerability in the radius_xlat function in the SQL module for FreeRADIUS 1.0.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via (1) group_membership_query, (2) simul_count_query, or (3) simul_verify_query configuration entries. | ||||
| CVE-2001-1377 | 12 Freeradius, Gnu, Icradius and 9 more | 12 Freeradius, Radius, Icradius and 9 more | 2026-04-16 | N/A |
| Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2. | ||||
| CVE-2005-1455 | 2 Freeradius, Redhat | 2 Freeradius, Enterprise Linux | 2026-04-16 | N/A |
| Buffer overflow in the sql_escape_func function in the SQL module for FreeRADIUS 1.0.2 and earlier allows remote attackers to cause a denial of service (crash). | ||||
| CVE-2004-0938 | 2 Freeradius, Redhat | 2 Freeradius, Enterprise Linux | 2026-04-16 | N/A |
| FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (server crash) by sending an Ascend-Send-Secret attribute without the required leading packet. | ||||
| CVE-2004-0960 | 2 Freeradius, Redhat | 3 Freeradius, Enterprise Linux, Fedora Core | 2026-04-16 | N/A |
| FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (core dump) via malformed USR vendor-specific attributes (VSA) that cause a memcpy operation with a -1 argument. | ||||
| CVE-2005-4745 | 1 Freeradius | 1 Freeradius | 2026-04-16 | N/A |
| SQL injection vulnerability in the rlm_sqlcounter module in FreeRADIUS 1.0.3 and 1.0.4 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors. | ||||
| CVE-2001-1376 | 13 Ascend, Freeradius, Gnu and 10 more | 13 Radius, Freeradius, Radius and 10 more | 2026-04-16 | N/A |
| Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data. | ||||
| CVE-2002-0318 | 1 Freeradius | 1 Freeradius | 2026-04-16 | N/A |
| FreeRADIUS RADIUS server allows remote attackers to cause a denial of service (CPU consumption) via a flood of Access-Request packets. | ||||
| CVE-2005-4744 | 2 Freeradius, Redhat | 2 Freeradius, Enterprise Linux | 2026-04-16 | N/A |
| Off-by-one error in the sql_error function in sql_unixodbc.c in FreeRADIUS 1.0.2.5-5, and possibly other versions including 1.0.4, might allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing the external database query to fail. NOTE: this single issue is part of a larger-scale disclosure, originally by SUSE, which reported multiple issues that were disputed by FreeRADIUS. Disputed issues included file descriptor leaks, memory disclosure, LDAP injection, and other issues. Without additional information, the most recent FreeRADIUS report is being regarded as the authoritative source for this CVE identifier. | ||||
| CVE-2005-4746 | 1 Freeradius | 1 Freeradius | 2026-04-16 | N/A |
| Multiple buffer overflows in FreeRADIUS 1.0.3 and 1.0.4 allow remote attackers to cause denial of service (crash) via (1) the rlm_sqlcounter module or (2) unknown vectors "while expanding %t". | ||||
| CVE-2003-0968 | 1 Freeradius | 1 Freeradius | 2026-04-16 | N/A |
| Stack-based buffer overflow in SMB_Logon_Server of the rlm_smb experimental module for FreeRADIUS 0.9.3 and earlier allows remote attackers to execute arbitrary code via a long User-Password attribute. | ||||
| CVE-2003-0967 | 2 Freeradius, Redhat | 2 Freeradius, Enterprise Linux | 2026-04-16 | N/A |
| rad_decode in FreeRADIUS 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a short RADIUS string attribute with a tag, which causes memcpy to be called with a -1 length argument, as demonstrated using the Tunnel-Password attribute. | ||||
| CVE-2004-0961 | 2 Freeradius, Redhat | 3 Freeradius, Enterprise Linux, Fedora Core | 2026-04-16 | N/A |
| Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (memory exhaustion) via a series of Access-Request packets with (1) Ascend-Send-Secret, (2) Ascend-Recv-Secret, or (3) Tunnel-Password attributes. | ||||
| CVE-2024-3596 | 5 Broadcom, Freeradius, Ietf and 2 more | 12 Brocade Sannav, Fabric Operating System, Freeradius and 9 more | 2025-11-04 | 9 Critical |
| RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature. | ||||
| CVE-2022-41861 | 2 Freeradius, Redhat | 2 Freeradius, Enterprise Linux | 2025-11-03 | 6.5 Medium |
| A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash. | ||||
| CVE-2022-41860 | 2 Freeradius, Redhat | 2 Freeradius, Enterprise Linux | 2025-11-03 | 7.5 High |
| In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionaries. This lookup will fail, but the SIM code will not check for that failure. Instead, it will dereference a NULL pointer, and cause the server to crash. | ||||
| CVE-2022-41859 | 2 Freeradius, Redhat | 2 Freeradius, Enterprise Linux | 2025-11-03 | 7.5 High |
| In freeradius, the EAP-PWD function compute_password_element() leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack. | ||||
| CVE-2017-9148 | 2 Freeradius, Redhat | 2 Freeradius, Enterprise Linux | 2025-04-20 | N/A |
| The TLS session cache in FreeRADIUS 2.1.1 through 2.1.7, 3.0.x before 3.0.14, 3.1.x before 2017-02-04, and 4.0.x before 2017-02-04 fails to reliably prevent resumption of an unauthenticated session, which allows remote attackers (such as malicious 802.1X supplicants) to bypass authentication via PEAP or TTLS. | ||||
| CVE-2017-10981 | 2 Freeradius, Redhat | 2 Freeradius, Enterprise Linux | 2025-04-20 | N/A |
| An FR-GV-204 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memory leak in fr_dhcp_decode()" and a denial of service. | ||||