15872 matches found
FreeBSD -- Integer overflow in vt(4) CONS_HISTORY ioctl
Problem Description: The CONSHISTORY ioctl handler did not adequately validate the requested history size. A large value caused an integer overflow in the buffer size calculation, resulting in a heap allocation smaller than expected. Subsequent initialization of the buffer wrote beyond the end of...
FreeBSD -- Multiple vulnerabilities in OpenSSL
Problem Description: Multiple issues have been reported as part of this advisory with different issues affecting different OpenSSL versions and therefore different FreeBSD versions. Instead of exhaustively listing detailed writeups for each issue, please see the referenced advisory from OpenSSL...
FreeBSD : Weechat -- Multiple vulnerabilities (d31259c0-624d-11f1-8607-8447094a420f)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the d31259c0-624d-11f1-8607-8447094a420f advisory. The Weechat project reports: See links for detail. Tenable has extracted the preceding description bloc...
FreeBSD : Weechat -- Multiple vulnerabilities (df803002-624e-11f1-8607-8447094a420f)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the df803002-624e-11f1-8607-8447094a420f advisory. The Weechat project reports: See links for detail. Tenable has extracted the preceding description bloc...
FreeBSD : Apache httpd -- DoS exploit in HTTP/2 (0d6d9d9b-5feb-11f1-8607-8447094a420f)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 0d6d9d9b-5feb-11f1-8607-8447094a420f advisory. Calif security reports: Remote DoS in modhttp2 Tenable has extracted the preceding description block...
FreeBSD : xorg-server -- Multiple vulnerabilities (592ced15-5e20-11f1-86a2-589cfc10a551)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 592ced15-5e20-11f1-86a2-589cfc10a551 advisory. X.Org project reports: Multiple issues have been found in the X server and Xwayland...
FreeBSD : xwayland -- Multiple vulnerabilities (36cb0ced-5e23-11f1-86a2-589cfc10a551)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 36cb0ced-5e23-11f1-86a2-589cfc10a551 advisory. X.Org project reports: Multiple issues have been found in the X server and Xwayland...
FreeBSD : chromium -- security fixes (e725f5d5-5c24-11f1-b189-a8a1599412c6)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the e725f5d5-5c24-11f1-b189-a8a1599412c6 advisory. Chrome Releases reports: This update includes 151 security fixes: Tenable has extracted the...
CVE-2026-45158
OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.8, unsanitized user input is passed to the DHCP configuration of the configured interface, which is processed by a shell script, allowing remote code execution as root on the underlying operating system. This vulnerability i...
FreeBSD : MariaDB -- Multiple vulnerabilities (2eb8a9ab-5b5d-11f1-8607-8447094a420f)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 2eb8a9ab-5b5d-11f1-8607-8447094a420f advisory. The MariaDB project reports: Multiple vulnerabilities in MariaDB Cluster Galera Tenable has...
FreeBSD : www/gohugo -- CWE-79: XSS vulnerabilities (20d59b47-5ba3-11f1-bf1b-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 20d59b47-5ba3-11f1-bf1b-b42e991fc52e advisory. https://go.dev/issue/78913 reports: CVE-2026-27142 fixed a vulnerability in which URLs were no...
FreeBSD : mail/mailpit -- memory-exhaustion DoS via unbounded JSON body (7ae38fde-5ab6-11f1-a242-10ffe07f9334)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7ae38fde-5ab6-11f1-a242-10ffe07f9334 advisory. Mailpit author reports: Sibling-endpoint memory-exhaustion DoS via unbounded JSON body on...
FreeBSD : Erlang/OTP -- OCSP responder certificate accepted after expiry in public_key (9357d6fb-5a54-11f1-b886-4c526214c986)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 9357d6fb-5a54-11f1-b886-4c526214c986 advisory. https://github.com/erlang/otp/security/advisories/GHSA-cjxj-wj6x-3fff reports: Erlang/OTP's publickey...
FreeBSD : Erlang/OTP -- TLS hostname verification bypass via Subject CommonName fallback and name constraints (93576148-5a54-11f1-b886-4c526214c986)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 93576148-5a54-11f1-b886-4c526214c986 advisory. https://github.com/erlang/otp/security/advisories/GHSA-22cw-4ph4-6447 reports: Erlang/OTP's TLS hostnam...
FreeBSD : OpenEXR -- 3.4.12 fixes multiple vulnerabilities (ca91c020-5820-11f1-b38d-9be2e6022e28)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the ca91c020-5820-11f1-b38d-9be2e6022e28 advisory. Cary Phillips reports: The OpenEXR 3.4.12 release addresses the following security...
FreeBSD : Erlang/OTP -- public_key accepts non-CA certificate as intermediate issuer (9357a450-5a54-11f1-b886-4c526214c986)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 9357a450-5a54-11f1-b886-4c526214c986 advisory. https://github.com/erlang/otp/security/advisories/GHSA-c99q-jmpx-v8qq reports: Erlang/OTP's publickey...
FreeBSD : Grafana -- Grafana Testdata datasource can issue unbounded memory allocations (62717c0f-5901-11f1-b525-3c7c3fba4204)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 62717c0f-5901-11f1-b525-3c7c3fba4204 advisory. https://grafana.com/security/security-advisories/cve-2026-28375 reports: A testdata data-source can be...
FreeBSD : Grafana -- OpenFeature evaluation API reads input data with no bounds (138319f3-5901-11f1-b525-3c7c3fba4204)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 138319f3-5901-11f1-b525-3c7c3fba4204 advisory. https://grafana.com/security/security-advisories/cve-2026-27880 reports: The OpenFeature feature toggle...
FreeBSD : Grafana -- Public Dashboards time range restriction on annotations can be bypassed (83cd53f7-58ff-11f1-b525-3c7c3fba4204)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 83cd53f7-58ff-11f1-b525-3c7c3fba4204 advisory. https://grafana.com/security/security-advisories/cve-2026-21722 reports: Public dashboards with...
FreeBSD : Grafana -- Query resampling can cause unbounded memory allocations (c079e809-5900-11f1-b525-3c7c3fba4204)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c079e809-5900-11f1-b525-3c7c3fba4204 advisory. https://grafana.com/security/security-advisories/cve-2026-27879 reports: A resample query can be used t...