Lucene search
K
FreebsdMost viewed

6585 matches found

FreeBSD
FreeBSD
added 2016/09/30 12:0 a.m.20 views

kde-runtime -- kdesu: displayed command truncated by unicode string terminator

Albert Aastals Cid reports: A maliciously crafted command line for kdesu can result in the user only seeing part of the commands that will actually get executed as super user...

4.9CVSS1.7AI score0.01661EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2016/07/26 12:0 a.m.20 views

codeigniter -- multiple vulnerabilities

The CodeIgniter changelog reports: Fixed an SQL injection in the ‘odbc’ database driver. Updated setrealpath Path Helper function to filter-out php:// wrapper inputs...

1.1AI score
Exploits0References1
FreeBSD
FreeBSD
added 2016/06/23 12:0 a.m.20 views

icingaweb2 -- remote code execution

Eric Lippmann reports: Possibility of remote code execution via the remote command transport...

4AI score
Exploits0References1
FreeBSD
FreeBSD
added 2016/05/17 12:0 a.m.20 views

FreeBSD -- Incorrect argument handling in sendmsg(2)

Problem Description: Incorrect argument handling in the socket code allows malicious local user to overwrite large portion of the kernel memory. Impact: Malicious local user may crash kernel or execute arbitrary code in the kernel, potentially gaining superuser privileges...

7.8CVSS3.1AI score0.01111EPSS
Exploits2
FreeBSD
FreeBSD
added 2016/03/03 12:0 a.m.20 views

php5 -- multiple vulnerabilities

The PHP Group reports: Phar: Fixed bug 71498 Out-of-Bound Read in pharparsezipfile. WDDX: Fixed bug 71587 Use-After-Free / Double-Free in WDDX Deserialize...

1.9AI score
Exploits0References2
FreeBSD
FreeBSD
added 2016/01/13 12:0 a.m.21 views

go -- information disclosure vulnerability

Jason Buberel reports: A security-related issue has been reported in Go's math/big package. The issue was introduced in Go 1.5. We recommend that all users upgrade to Go 1.5.3, which fixes the issue. Go programs must be recompiled with Go 1.5.3 in order to receive the fix. The Go team would like ...

7.5CVSS7.3AI score0.02627EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2015/07/20 12:0 a.m.20 views

gnutls -- double free in certificate DN decoding

gnutls.org reports: Kurt Roeckx reported that decoding a specific certificate with very long DistinguishedName DN entries leads to double free, which may result to a denial of service. Since the DN decoding occurs in almost all applications using certificates it is recommended to upgrade the late...

5CVSS7.3AI score0.1903EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2015/04/08 12:0 a.m.20 views

arj -- multiple vulnerabilities

Several vulnerabilities: symlink directory traversal, absolute path directory traversal and buffer overflow were discovered in the arj archiver...

7.5CVSS7AI score0.05889EPSS
Exploits2
FreeBSD
FreeBSD
added 2014/06/24 12:0 a.m.20 views

FreeBSD -- iconv(3) NULL pointer dereference and out-of-bounds array access

Problem Description: A NULL pointer dereference in the initialization code of the HZ module and an out of bounds array access in the initialization code of the VIQR module make iconvopen3 calls involving HZ or VIQR result in an application crash. Impact: Services where an attacker can control the...

5CVSS6.5AI score0.01752EPSS
Exploits0
FreeBSD
FreeBSD
added 2014/04/15 12:0 a.m.20 views

pivotx -- Multiple unrestricted file upload vulnerabilities

Pivotx reports: Multiple unrestricted file upload vulnerabilities in fileupload.php in PivotX before 2.3.9 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a 1 .php or 2 .php extension, and then accessing it via unspecified vectors...

3.5CVSS6.9AI score0.01909EPSS
Exploits2
FreeBSD
FreeBSD
added 2013/10/05 12:0 a.m.20 views

gnupg -- possible infinite recursion in the compressed packet parser

Werner Koch reports: Special crafted input data may be used to cause a denial of service against GPG GnuPG's OpenPGP part and some other OpenPGP implementations. All systems using GPG to process incoming data are affected...

5CVSS7.4AI score0.0503EPSS
Exploits0
FreeBSD
FreeBSD
added 2013/09/23 12:0 a.m.20 views

py-suds -- vulnerable to symlink attacks

SUSE reports: cache.py in Suds 0.4, when tempdir is set to None, allows local users to redirect SOAP queries and possibly have other unspecified impact via a symlink attack on a cache file with a predictable name in /tmp/suds/...

1.2CVSS6.1AI score0.00558EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2012/10/17 12:0 a.m.20 views

bogofilter -- heap corruption by invalid base64 input

David Relson reports: Fix a heap corruption in base64 decoder on invalid input. Analysis and patch by Julius Plenz, FU Berlin, Germany...

7.5CVSS6.7AI score0.06259EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2012/01/31 12:0 a.m.20 views

bugzilla -- multiple vulnerabilities

A Bugzilla Security Advisory reports: The following security issues have been discovered in Bugzilla: Account Impersonation: When a user creates a new account, Bugzilla doesn't correctly reject email addresses containing non-ASCII characters, which could be used to impersonate another user accoun...

6.6AI score
Exploits0References2
FreeBSD
FreeBSD
added 2011/12/21 12:0 a.m.20 views

plib -- buffer overflow

Secunia reports: A vulnerability has been discovered in PLIB, which can be exploited by malicious people to compromise an application using the library. The vulnerability is caused due to a boundary error within the "ulSetError" function src/util/ulError.cxx when creating the error message, which...

9.3CVSS6.9AI score0.12795EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2011/11/02 12:0 a.m.20 views

caml-light -- insecure use of temporary files

caml-light uses mktemp insecurely, and also does unsafe things in /tmp during make install...

9.8CVSS9.2AI score0.01831EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2011/10/23 12:0 a.m.20 views

phpLDAPadmin -- Remote PHP code injection vulnerability

EgiX n0b0d13s at gmail dot com reports: The $sortby parameter passed to 'masort' function in file lib/functions.php isn't properly sanitized before being used in a call to createfunction at line 1080. This can be exploited to inject and execute arbitrary PHP code. The only possible attack vector ...

1.5AI score
Exploits0References2
FreeBSD
FreeBSD
added 2011/04/07 12:0 a.m.20 views

VLC -- Heap corruption in MP4 demultiplexer

VideoLAN project reports: When parsing some MP4 MPEG-4 Part 14 files, insufficient buffer size might lead to corruption of the heap...

2.5AI score
Exploits0References1
FreeBSD
FreeBSD
added 2011/01/23 12:0 a.m.20 views

maradns -- denial of service when resolving a long DNS hostname

MaraDNS developer Sam Trenholme reports: ... a mistake in allocating an array of integers, allocating it in bytes instead of sizeofint units. This resulted in a buffer being too small, allowing it to be overwritten. The impact of this programming error is that MaraDNS can be crashed by sending...

7.5CVSS3AI score0.05169EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2010/11/16 12:0 a.m.20 views

wordpress -- SQL injection vulnerability

Vendor reports: SQL injection vulnerability in the dotrackbacks function in wp-includes/comment.php in WordPress before 3.0.2 allows remote authenticated users to execute arbitrary SQL commands via the Send Trackbacks field...

6CVSS7.9AI score0.03139EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2010/09/28 12:0 a.m.20 views

horde-imp -- XSS vulnerability

The Horde team reports: Thanks to Naumann IT Security Consulting for reporting the XSS vulnerability. The major changes compared to IMP version H3 4.3.7 are: Fixed an XSS vulnerability in the Fetchmail configuration...

2.2AI score
Exploits0References2
FreeBSD
FreeBSD
added 2010/07/08 12:0 a.m.20 views

redmine -- multiple vulnerabilities

Eric Davis reports: This security release addresses some security vulnerabilities found in the advanced subversion integration module Redmine.pm perl script...

1.6AI score
Exploits0References1
FreeBSD
FreeBSD
added 2010/06/28 12:0 a.m.20 views

bogofilter -- heap underrun on malformed base64 input

Julius Plenz reports: I found a bug in the base64decode function which may cause memory corruption when the function is executed on a malformed base64 encoded string. If a string starting with an equal-sign is passed to the base64decode function it triggers a memory corruption that in some cases...

5CVSS6.6AI score0.03441EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2010/03/09 12:0 a.m.20 views

egroupware -- two vulnerabilities

Egroupware Team report: Nahuel Grisolia from CYBSEC S.A. Security Systems found two security problems in EGroupware: Serious remote command execution allowing to run arbitrary command on the web server by simply issuing a HTTP request!. A reflected cross-site scripting XSS. Both require NO valid...

1AI score
Exploits0References2
FreeBSD
FreeBSD
added 2008/10/03 12:0 a.m.20 views

openx -- sql injection vulnerability

Secunia reports: OpenX can be exploited by malicious people to conduct SQL injection attacks. Input passed to the "bannerid" parameter in www/delivery/ac.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code...

3.2AI score
Exploits0References2
FreeBSD
FreeBSD
added 2008/08/05 12:0 a.m.20 views

twiki -- Arbitrary code execution in session files

Th1nk3r reports: The version of TWiki installed on the remote host allows access to the 'configure' script and fails to sanitize the 'image' parameter of that script of directory traversal sequences before returning the file contents when the 'action' parameter is set to 'image'. An unauthenticat...

6.8CVSS6.5AI score0.0828EPSS
Exploits6References4
FreeBSD
FreeBSD
added 2008/06/10 12:0 a.m.20 views

Courier Authentication Library -- SQL Injection

Secunia reports: A vulnerability has been reported in the Courier Authentication Library, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via e.g. the username to the library is not properly sanitised before being used in SQL queries. This can be exploite...

2.9AI score
Exploits0References1
FreeBSD
FreeBSD
added 2008/01/08 12:0 a.m.20 views

geeklog xss vulnerability

Geeklog reports: MustLive pointed out a possible XSS in the form to email an article to a friend that we're fixing with this release. Please note that this problem only exists in Geeklog 1.4.0 - neither Geeklog 1.4.1 nor any older versions 1.3.x series have that problem...

4.3CVSS5.9AI score0.01518EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2007/10/17 12:0 a.m.20 views

opera -- multiple vulnerabilities

An advisory from Opera reports: If a user has configured Opera to use an external newsgroup client or e-mail application, specially crafted Web pages can cause Opera to run that application incorrectly. In some cases this can lead to execution of arbitrary code. When accesing frames from differen...

6.6AI score
Exploits0References3
FreeBSD
FreeBSD
added 2007/10/09 12:0 a.m.20 views

ldapscripts -- Command Line User Credentials Disclosure

Ganael Laplanche reports: Up to now, each ldap command was called with the -w parameter, which allows to specify the bind password on the command line. Unfortunately, this could make the password appear to anybody performing a ps during the call. This is now avoided by using the -y parameter and ...

2.1CVSS6.5AI score0.00341EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2006/05/31 12:0 a.m.20 views

dokuwiki -- multiple vulnerabilities

Multiple vulnerabilities have been reported within dokuwiki. dokuwiki is proven vulnerable to: arbitrary PHP code insertion via spellcheck module, XSS attack via "Update your account profile," bypassing of ACL controls when enabled...

3AI score
Exploits0References3
FreeBSD
FreeBSD
added 2006/03/06 12:0 a.m.20 views

freeciv -- Packet Parsing Denial of Service Vulnerability

Secunia reports: Luigi Auriemma has reported a vulnerability in Freeciv, which can be exploited by malicious people to cause a DoS Denial of Service. The vulnerability is caused due to an error within the handling of the packet length in "common/packets.c". This can be exploited to crash the...

5CVSS6.2AI score0.07701EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2006/03/06 12:0 a.m.20 views

pubcookie-login-server -- cross site scripting vulnerability

Nathan Dors of the Pubcookie Project reports: Multiple non-persistent XSS vulnerabilities were found in the Pubcookie login server's compiled binary "index.cgi" CGI program. The CGI program mishandles untrusted data when printing responses to the browser. This makes the program vulnerable to...

0.5AI score
Exploits0
FreeBSD
FreeBSD
added 2006/02/20 12:0 a.m.20 views

coppermine -- File Inclusion Vulnerabilities

Secunia reports: Coppermine Photo Gallery have a vulnerability, which can be exploited by malicious people and by malicious users to compromise a vulnerable system. 1 Input passed to the "lang" parameter in include/init.inc.php isn't properly verified, before it is used to include files. This can...

5CVSS7AI score0.02307EPSS
Exploits2References2
FreeBSD
FreeBSD
added 2005/10/01 12:0 a.m.20 views

cfengine -- arbitrary file overwriting vulnerability

A Debian Security Advisory reports: Javier Fernández-Sanguino Peña discovered several insecure temporary file uses in cfengine, a tool for configuring and maintaining networked machines, that can be exploited by a symlink attack to overwrite arbitrary files owned by the user executing cfengine,...

2.1CVSS6.3AI score0.00428EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2005/07/28 12:0 a.m.20 views

opera -- download dialog spoofing vulnerability

A Secunia Advisory reports: Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to trick users into executing malicious files. The vulnerability is caused due to an error in the handling of extended ASCII codes in the download dialog. This can be...

2.7AI score
Exploits0References2
FreeBSD
FreeBSD
added 2005/06/27 12:0 a.m.20 views

Macromedia flash player -- swf file handling arbitrary code

A Secunia Advisory reports: A vulnerability has been reported in Macromedia Flash Player, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to missing validation of the frame type identifier that is read from a SWF file. This value is used a...

3.9AI score
Exploits0References3
FreeBSD
FreeBSD
added 2005/04/14 12:0 a.m.20 views

oops -- format string vulnerability

A RST/GHC Advisory reports that there is an format string vulnerability in oops. The vulnerability can be found in the MySQL/PgSQL authentication module. Succesful exploitation may allow execution of arbitrary code...

5CVSS6.9AI score0.02298EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2005/02/28 12:0 a.m.20 views

phpbb -- Insuffient check against HTML code in usercp_register.php

Neo Security Team reports: If we specify a variable in the html code any type: hidden, text, radio, check, etc with the name allowhtml, allowbbcode or allowsmilies, is going to be on the html, bbcode and smilies in our signature. This is a low risk vulnerability that allows users to bypass...

2.9AI score
Exploits0References2
FreeBSD
FreeBSD
added 2005/01/20 12:0 a.m.20 views

gforge -- directory traversal vulnerability

An STG Security Advisory reports: GForge CVS module made by Dragos Moinescu and another module made by Ronald Petty have a directory traversal vulnerability. ... malicious attackers can read arbitrary directory lists...

5CVSS6.6AI score0.01713EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2005/01/18 12:0 a.m.20 views

newsgrab -- directory traversal vulnerability

The newsgrab script creates files by using the names provided in the newsgroup messages in a perl open call. This is done without performing any security checks to prevent a directory traversal. A specially crafted newsgroup message could cause newsgrab to drop an attachment anywhere on the file...

1.9AI score
Exploits2References2
FreeBSD
FreeBSD
added 2005/01/05 12:0 a.m.20 views

kstars -- exploitable set-user-ID application fliccd

A KDE Security Advisory explains: Overview KStars includes support for the Instrument Neutral Distributed Interface INDI. The build system of this extra 3rd party software contained an installation hook to install fliccd part of INDI as SUID root application. Erik Sjölund discovered that the code...

10CVSS7AI score0.04924EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2004/12/15 12:0 a.m.20 views

libxine -- buffer-overflow vulnerability in aiff support

Due to a buffer overflow in the openaifffile function in demuxaiff.c, a remote attacker is able to execute arbitrary code via a modified AIFF file...

10CVSS6.4AI score0.09107EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2004/10/19 12:0 a.m.20 views

gaim -- MSN denial-of-service vulnerabilities

The Gaim team discovered denial-of-service vulnerabilities in the MSN protocol handler: After accepting a file transfer request, Gaim will attempt to allocate a buffer of a size equal to the entire filesize, this allocation attempt will cause Gaim to crash if the size exceeds the amount of...

1AI score
Exploits0References2
FreeBSD
FreeBSD
added 2004/10/18 12:0 a.m.20 views

sudo -- environmental variable CDPATH is not cleared

A sudo bug report says: sudo doesn't unset the CDPATH variable, which leads to possible security problems...

1.8AI score
Exploits0References2
FreeBSD
FreeBSD
added 2004/10/06 12:0 a.m.20 views

horde -- cross-site scripting vulnerability in help window

A Horde Team announcement states that a potential cross-site scripting vulnerability in the help window has been corrected. The vulnerability appears to involve the handling of the topic and module parameters of the help window template...

2.2AI score
Exploits0References1
FreeBSD
FreeBSD
added 2004/09/15 12:0 a.m.20 views

php -- php_variables memory disclosure

Stefano Di Paola reports: Bad array parsing in phpvariables.c could lead to show arbitrary memory content such as pieces of php code and other data. This affects all GET, POST or COOKIES variables...

3.5AI score
Exploits0References1
FreeBSD
FreeBSD
added 2004/08/25 12:0 a.m.20 views

tor -- remote DoS and loss of anonymity

Tor has various remote crashes which could lead to a remote denial-of-service and be used to defeat clients anonymity. It is not expected that these vulnerabilities are exploitable for arbitrary code execution...

2.3AI score
Exploits0References2
FreeBSD
FreeBSD
added 2004/02/15 12:0 a.m.20 views

mnGoSearch buffer overflow in UdmDocToTextBuf()

Jedi/Sector One reported the following on the full-disclosure list: Every document is stored in multiple parts according to its sections description, body, etc in databases. And when the content has to be sent to the client, UdmDocToTextBuf concatenates those parts together and skips metadata...

6.1AI score
Exploits0References1
FreeBSD
FreeBSD
added 2004/02/09 12:0 a.m.20 views

Samba 3.0.x password initialization bug

From the Samba 3.0.2 release notes: Security Announcement: It has been confirmed that previous versions of Samba 3.0 are susceptible to a password initialization bug that could grant an attacker unauthorized access to a user account created by the mksmbpasswd.sh shell script...

7.5CVSS6.2AI score0.03497EPSS
Exploits0References1
Total number of security vulnerabilities5000