42 matches found
FreeBSD-SA-26:31.arm64
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:31.arm64 Security Advisory The FreeBSD Project Topic: Arm CPU errata may bypass page table permission changes Category: core Module: arm64 Announced:...
FreeBSD Security Advisory - FreeBSD-SA-26:35.openssl
FreeBSD Security Advisory - Multiple issues have been reported as part of this advisory with different issues affecting different OpenSSL versions and therefore different FreeBSD versions...
FreeBSD : Mozilla -- Incorrect boundary conditions in the WebRTC component (27c3930a-4307-11f1-a627-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 27c3930a-4307-11f1-a627-b42e991fc52e advisory. https://bugzilla.mozilla.org/showbug.cgi?id=2021768 reports: Incorrect boundary conditions in the WebRT...
FreeBSD : Mozilla -- Multiple vulnerabilities (15f4e0f6-1338-11f1-a55d-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 15f4e0f6-1338-11f1-a55d-b42e991fc52e advisory. CVE-2026-2809: Memory safety bug in the JavaScript: WebAssembly component. CVE-2026-2808:...
CVE-2005-1399
FreeBSD 4.6 to 4.11 and 5.x to 5.4 uses insecure default permissions for the /dev/iir device, which allows local users to execute restricted ioctl calls to read or modify data on hardware that is controlled by the iir driver...
CVE-2020-7457
In FreeBSD 12.1-STABLE before r359565, 12.1-RELEASE before p7, 11.4-STABLE before r362975, 11.4-RELEASE before p1, and 11.3-RELEASE before p11, missing synchronization in the IPV62292PKTOPTIONS socket option set handler contained a race condition allowing a malicious application to modify memory...
FreeBSD : Firefox -- Sandbox escape (f3550d26-ab7d-11f0-b961-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f3550d26-ab7d-11f0-b961-b42e991fc52e advisory. [email protected] reports: Sandbox excape due to integer overflow in the Graphics: Canvas2D componen...
EUVD-2016-2982
Malware in sbrugna...
EUVD-2014-3886
Malware in sbrugna...
EUVD-2003-1220
Malware in sbrugna...
EUVD-2004-0434
Malware in sbrugna...
EUVD-2020-18257
Malware in sbrugna...
CVE-2020-25582
In FreeBSD 12.2-STABLE before r369334, 11.4-STABLE before r369335, 12.2-RELEASE before p4 and 11.4-RELEASE before p8 when a process, such as jexec8 or killall1, calls jailattach2 to enter a jail, the jailed root can attach to it using ptrace2 before the current working directory is changed...
CVE-2005-2068
FreeBSD 4.x through 4.11 and 5.x through 5.4 allows remote attackers to modify certain TCP options via a TCP packet with the SYN flag set for an already established session...
FreeBSD : git -- multiple vulnerabilities (3445e4b6-d2b8-11ef-9ff3-43c2b5d6c4c8)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 3445e4b6-d2b8-11ef-9ff3-43c2b5d6c4c8 advisory. Git development team reports: CVE-2024-50349: Printing unsanitized URLs when asking for...
UBUNTU-CVE-2021-29629
In FreeBSD 13.0-STABLE before n245765-bec0d2c9c841, 12.2-STABLE before r369859, 11.4-STABLE before r369866, 13.0-RELEASE before p1, 12.2-RELEASE before p7, and 11.4-RELEASE before p10, missing message validation in libradius3 could allow malicious clients or servers to trigger denial of service i...
FreeBSD-SA-21:10.jail_mount
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-21:10.jailmount Security Advisory The FreeBSD Project Topic: jail escape possible by mounting over jail root Category: core Module: jail Announced: 2021-04-06...
CVE-2020-7468
In FreeBSD 12.2-STABLE before r365772, 11.4-STABLE before r365773, 12.1-RELEASE before p10, 11.4-RELEASE before p4 and 11.3-RELEASE before p14 a ftpd8 bug in the implementation of the file system sandbox, combined with capabilities available to an authenticated FTP user, can be used to escape the...
CVE-2018-6921
In FreeBSD before 11.1-STABLEr332066 and 11.1-RELEASE-p10, due to insufficient initialization of memory copied to userland in the network subsystem, small amounts of kernel memory may be disclosed to userland processes. Unprivileged authenticated local users may be able to access small amounts of...
CVE-2015-1416
Larry Wall's patch; patch in FreeBSD 10.2-RC1 before 10.2-RC1-p1, 10.2 before 10.2-BETA2-p2, and 10.1 before 10.1-RELEASE-p16; Bitrig; GNU patch before 2.2.5; and possibly other patch variants allow remote attackers to execute arbitrary shell commands via a crafted patch file...