36 matches found
FreeBSD : rclone -- Unauthenticated command execution in `rclone rcd --rc-serve` via inline remote instantiation (0f3342e3-73ba-11f1-910d-3c7c3fba4204)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 0f3342e3-73ba-11f1-910d-3c7c3fba4204 advisory. https://github.com/rclone/rclone/security/advisories/GHSA-qw24-gh76-8rvv reports: Rclone is a...
FreeBSD : nginx -- multiple vulnerabilities (46b654f8-6b28-11f1-b8e5-3497f65b111b)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 46b654f8-6b28-11f1-b8e5-3497f65b111b advisory. The nginx developers report: A heap memory buffer overflow vulnerability when using the...
FreeBSD-SA-26:29.ip6_multicast
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:29.ip6multicast Security Advisory The FreeBSD Project Topic: Use-after-free bug in the IPV6MSFILTER socket option handler Category: core Module: ip6multicast...
FreeBSD Security Advisory - FreeBSD-SA-26:31.arm64
FreeBSD Security Advisory - Some Arm CPUs have errata where the ordering of stores and the TLBI+DSB sequence may be incorrect. If one CPU stores to a virtual address while another CPU invalidates the translation for that address, the second CPU's TLBI+DSB may complete before the first CPU's store...
CVE-2026-4748
creationtimestamp| type| source ---|---|--- 2026-03-27 13:50:17+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/freebsd-security-advisory-av26-291 2026-04-01 08:40:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3migc73qfpe2i 2026-04-01 16:30:00+00:00| seen|...
FreeBSD Security Advisory - FreeBSD-SA-26:07.nvmf
FreeBSD Security Advisory - On a system exposing an NVMe/TCP target, a remote client can trigger a kernel panic by sending a CONNECT command for an I/O queue with a bogus or stale CNTLID...
CVE-2025-15576
creationtimestamp| type| source ---|---|--- 2026-02-27 16:51:02+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/freebsd-security-advisory-av26-179 2026-02-28 16:20:03+00:00| seen| https://bsky.app/profile/thedailytechfeed.com/post/3mfwmwwxhm22q...
FreeBSD : mail/mailpit -- Cross-Site WebSocket Hijacking (d822839e-ee4f-11f0-b53e-0897988a1c07)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the d822839e-ee4f-11f0-b53e-0897988a1c07 advisory. Mailpit author reports: The Mailpit WebSocket server is configured to accept connections from any origi...
FreeBSD : Forgejo -- Symbolic Link (Symlink) Following (963f4e9d-e4d5-11f0-984f-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 963f4e9d-e4d5-11f0-984f-b42e991fc52e advisory. https://codeberg.org/forgejo/forgejo/src/branch/forgejo/release-notes-published/13.0.2.md reports:...
FreeBSD-SA-25:12.rtsold
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-25:12.rtsold Security Advisory The FreeBSD Project Topic: Remote code execution via ND6 Router Advertisements Category: core Module: rtsold Announced: 2025-12-1...
FreeBSD Security Advisory - FreeBSD-SA-25:12.rtsold
FreeBSD Security Advisory - The rtsol8 and rtsold8 programs do not validate the domain search list options provided in router advertisement messages; the option body is passed to resolvconf8 unmodified. resolvconf8 is a shell script which does not validate its input. A lack of quoting meant that...
FreeBSD Security Advisory - FreeBSD-SA-25:10.unbound
FreeBSD Security Advisory - Promiscuous NS RRSets that complement DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone. Usually these RRSets are used to update the resolver's knowledge of the zone's name servers. If a malicious...
FreeBSD : unbound -- Possible domain hijacking via promiscuous records in the authority section (ea1c485f-b025-11f0-bce7-bc2411002f50)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ea1c485f-b025-11f0-bce7-bc2411002f50 advisory. [email protected] reports: NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possib...
EUVD-2016-7480
Malware in sbrugna...
FreeBSD : dnsdist -- Denial of service via crafted DoH exchange (c2253bff-9952-11f0-b6e2-6805ca2fa271)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c2253bff-9952-11f0-b6e2-6805ca2fa271 advisory. [email protected] reports: In some circumstances, when DNSdist is configured to use the nghttp2...
FreeBSD : Mozilla -- memory safety bugs (07335fb9-7eb1-11f0-ba14-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 07335fb9-7eb1-11f0-ba14-b42e991fc52e advisory. [email protected] reports: Memory safety bugs present in Firefox 141 and Thunderbird 141. Some of...
FreeBSD : p5-Authen-SASL -- Insecure source of randomness (defe9a20-781e-11f0-97c4-40b034429ecf)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the defe9a20-781e-11f0-97c4-40b034429ecf advisory. p5-Authen-SASL project reports: Authen::SASL::Perl::DIGESTMD5 versions 2.04 through 2.1800 for Perl...
PlayStation: Use-after-free in setsockopt IPV6_2292PKTOPTIONS (CVE-2020-7457)
The PS5 is vulnerable to https://hackerone.com/reports/826026 which easily grants kernel access to an attacker. This vulnerability had been reported by me for the PS4 2 years ago when the PS5 did not yet exist, thus this should be considered as a new report and not a duplicate. I was able to use...
Slackware: Security Advisory (SSA:2006-257-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD Ports: ImageMagick, ImageMagick-nox11
The remote host is missing an update to the system as announced in the referenced advisory. VID b6cad7f3-fb59-11d8-9837-000c41e2cdad OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...