Lucene search
K

20 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-10103

Malware in sbrugna...

7.8CVSS7.5AI score0.00415EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2012-4504

Malware in sbrugna...

2.1CVSS6.4AI score0.00181EPSS
Exploits0References3
Prion
Prion
added 2019/04/10 8:29 p.m.21 views

Information disclosure

On Junos OS, rpcbind should only be listening to port 111 on the internal routing instance IRI. External packets destined to port 111 should be dropped. Due to an information leak vulnerability, responses were being generated from the source address of the management interface e.g. fxp0 thus...

6.4CVSS8.5AI score0.01922EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/10/10 6:0 p.m.22 views

CVE-2018-0052 Junos OS: Unauthenticated remote root access possible when RSH service is enabled

If RSH service is enabled on Junos OS and if the PAM authentication is disabled, a remote unauthenticated attacker can obtain root access to the device. RSH service is disabled by default on Junos. There is no documented CLI command to enable this service. However, an undocumented CLI command...

7.2CVSS8.2AI score0.0485EPSS
Exploits0References2
NVD
NVD
added 2017/11/16 8:29 p.m.11 views

CVE-2017-1087

In FreeBSD 10.x before 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24 named paths are globally scoped, meaning a process located in one jail can read and modify the content of POSIX shared memory objects created by a process in another jail or the host system. As a result, a malicious user th...

7.8CVSS7.4AI score0.00415EPSS
Exploits0References3
Prion
Prion
added 2017/11/16 8:29 p.m.16 views

Privilege escalation

In FreeBSD 10.x before 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24 named paths are globally scoped, meaning a process located in one jail can read and modify the content of POSIX shared memory objects created by a process in another jail or the host system. As a result, a malicious user th...

4.6CVSS7.3AI score0.00415EPSS
Exploits0References3
NVD
NVD
added 2015/04/10 3:0 p.m.26 views

CVE-2015-1415

The bsdinstall installer in FreeBSD 10.x before 10.1 p9, when configuring full disk encrypted ZFS, uses world-readable permissions for the GELI keyfile /boot/encryption.key, which allows local users to obtain sensitive key information by reading the file...

2.1CVSS5.7AI score0.0035EPSS
Exploits2References4
securityvulns
securityvulns
added 2015/04/08 12:0 a.m.57 views

FreeBSD 10.x ZFS encryption.key disclosure (CVE-2015-1415)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Advisory Information Title: FreeBSD 10.x ZFS encryption.key disclosure CVE-2015-1415 Advisory URL: https://pierrekim.github.io/advisories/CVE-2015-1415.txt.asc Date published: 2015-04-07 Vendors contacted: FreeBSD Release mode: Coordinated release...

2.1CVSS5.8AI score0.0035EPSS
Exploits2
securityvulns
securityvulns
added 2013/11/26 12:0 a.m.39 views

XADV-2013005 FreeBSD 10 <= nand Driver IOCTL Kernel Memory Leak Bug

XADV-2013005 FreeBSD 10 = nand Driver IOCTL Kernel Memory Leak Bug 1. Overview The nand driver in freebsd = 10 has a vulnerability to leak arbitrary kernel memory to the userspace. It's occured at nandioctl kernel function and because no proper initialize the allocated kernel memory. It's the...

0.4AI score
Exploits0
NVD
NVD
added 2013/11/21 4:40 a.m.21 views

CVE-2013-6832

The nandioctl function in sys/dev/nand/nandgeom.c in the nand driver in the kernel in FreeBSD 10 and earlier does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via a crafted ioctl call...

4.9CVSS5.5AI score0.00427EPSS
Exploits1References1
Prion
Prion
added 2013/11/21 4:40 a.m.18 views

Design/Logic Flaw

The qlseioctl function in sys/dev/qlxge/qlsioctl.c in the kernel in FreeBSD 10 and earlier does not validate a certain size parameter, which allows local users to obtain sensitive information from kernel memory via a crafted ioctl call...

4.9CVSS6.1AI score0.0044EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2013/11/21 4:40 a.m.19 views

Design/Logic Flaw

The nandioctl function in sys/dev/nand/nandgeom.c in the nand driver in the kernel in FreeBSD 10 and earlier does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via a crafted ioctl call...

4.9CVSS6AI score0.00427EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2013/11/21 2:0 a.m.21 views

CVE-2013-6833

The qlseioctl function in sys/dev/qlxge/qlsioctl.c in the kernel in FreeBSD 10 and earlier does not validate a certain size parameter, which allows local users to obtain sensitive information from kernel memory via a crafted ioctl call...

5.5AI score0.0044EPSS
Exploits1References1
0day.today
0day.today
added 2013/11/17 12:0 a.m.29 views

FreeBSD 10 nand Driver IOCTL Kernel Memory Leak Bug

The nand driver in FreeBSD versions 10 and below has a vulnerability that leaks arbitrary kernel memory to the userspace. XADV-2013005 FreeBSD 10 site: http://www.x90c.org References: 1 http://www.unix.com/man-page/freebsd/9/malloc/ 2...

6.9AI score
Exploits0
0day.today
0day.today
added 2013/11/17 12:0 a.m.29 views

FreeBSD 10 qlxge/qlxgbe Driver IOCTL Multiple Kernel Memory Leak

The qlxge/qlxgbe driver in FreeBSD versions 10 and below has vulnerabilities that leak arbitrary kernel memory to the userspace. XADV-2013006 FreeBSD site: http://www.x90c.org References: 1 http://fxr.watson.org/fxr/source/dev/qlxge/README.txt?v=FREEBSD10 2...

7.1AI score
Exploits0
NVD
NVD
added 2012/08/21 7:55 p.m.17 views

CVE-2012-4578

The geli encryption provider 7 before r239184 on FreeBSD 10 uses a weak Master Key, which makes it easier for local users to defeat a cryptographic protection mechanism via a brute-force attack...

2.1CVSS6.2AI score0.00181EPSS
Exploits0References2
Prion
Prion
added 2012/08/21 7:55 p.m.14 views

Design/Logic Flaw

The geli encryption provider 7 before r239184 on FreeBSD 10 uses a weak Master Key, which makes it easier for local users to defeat a cryptographic protection mechanism via a brute-force attack...

2.1CVSS6.7AI score0.00181EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2012/08/21 7:0 p.m.46 views

CVE-2012-4578

The CVE-2012-4578 entry describes a vulnerability in the geli encryption provider 7 before r239184 on FreeBSD 10 where a weak Master Key is used. This weakness could allow a local attacker to defeat the cryptographic protection via brute-forcing. Documents identify the affected component as geli ...

2.1CVSS6.5AI score0.00181EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2012/08/21 7:0 p.m.21 views

CVE-2012-4578

The geli encryption provider 7 before r239184 on FreeBSD 10 uses a weak Master Key, which makes it easier for local users to defeat a cryptographic protection mechanism via a brute-force attack...

6.2AI score0.00181EPSS
Exploits0References2
securityvulns
securityvulns
added 2010/11/15 12:0 a.m.64 views

FreeBSD Security Advisory FreeBSD-SA-10:09.pseudofs

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-10:09.pseudofs Security Advisory The FreeBSD Project Topic: Spurious mutex unlock Category: core Module: pseudofs Announced: 2010-11-10 Credits: Przemyslaw Frasun...

7.2CVSS7.7AI score0.01133EPSS
Exploits2
Rows per page
Query Builder