Lucene search
K
FreebsdMost viewed

6585 matches found

FreeBSD
FreeBSD
•added 2012/06/04 12:0 a.m.•46 views

dns/bind9* -- zero-length RDATA can cause named to terminate, reveal memory

ISC reports: Processing of DNS resource records where the rdata field is zero length may cause various issues for the servers handling them. Processing of these records may lead to unexpected outcomes. Recursive servers may crash or disclose some portion of memory to the client. Secondary servers...

8.5CVSS8.7AI score0.13405EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2012/03/12 12:0 a.m.•46 views

OpenSSL -- CMS and S/MIME Bleichenbacher attack

The OpenSSL Team reports: A weakness in the OpenSSL CMS and PKCS 7 code can be exploited using Bleichenbacher's attack on PKCS 1 v1.5 RSA padding also known as the million message attack MMA. Only users of CMS, PKCS 7, or S/MIME decryption operations are affected. A successful attack needs on...

5CVSS8.1AI score0.13075EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2012/01/30 12:0 a.m.•46 views

sudo -- format string vulnerability

Todd Miller reports: Sudo 1.8.0 introduced simple debugging support that was primarily intended for use when developing policy or I/O logging plugins. The sudodebug function contains a flaw where the program name is used as part of the format string passed to the fprintf function. The program nam...

7.2CVSS7.5AI score0.02992EPSS
Exploits5References1
FreeBSD
FreeBSD
•added 2011/12/16 12:0 a.m.•46 views

phpMyAdmin -- Multiple XSS

The phpMyAdmin development team reports: Using crafted url parameters, it was possible to produce XSS on the export panels in the server, database and table sections. Crafted values entered in the setup interface can produce XSS; also, if the config directory exists and is writeable, the XSS...

5.9AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2011/03/07 12:0 a.m.•46 views

postfix -- plaintext command injection with SMTP over TLS

Wietse Venema has discovered a software flaw that allows an attacker to inject client commands into an SMTP session during the unprotected plaintext SMTP protocol phase, such that the server will execute those commands during the SMTP- over-TLS protocol phase when all communication is supposed to...

6.8CVSS3AI score0.16334EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2010/04/09 12:0 a.m.•46 views

sudo -- Privilege escalation with sudoedit

Todd Miller reports: Sudo's command matching routine expects actual commands to include one or more slash '/' characters. The flaw is that sudo's path resolution code did not add a "./" prefix to commands found in the current working directory. This creates an ambiguity between a "sudoedit" comma...

6.9CVSS6.7AI score0.00402EPSS
Exploits2References2
FreeBSD
FreeBSD
•added 2010/02/08 12:0 a.m.•46 views

otrs -- SQL injection

OTRS Security Advisory reports: Missing security quoting for SQL statements allows agents and customers to manipulate SQL queries. So it's possible for authenticated users to inject SQL queries via string manipulation of statements. A malicious user may be able to manipulate SQL queries to read o...

6.5CVSS6.6AI score0.01928EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2009/11/24 12:0 a.m.•46 views

libvorbis -- multiple vulnerabilities

The Ubuntu security team reports: It was discovered that libvorbis did not correctly handle certain malformed vorbis files. If a user were tricked into opening a specially crafted vorbis file with an application that uses libvorbis, an attacker could cause a denial of service or possibly execute...

9.7AI score
Exploits0
FreeBSD
FreeBSD
•added 2009/05/05 12:0 a.m.•46 views

cups -- remote code execution and DNS rebinding

Gentoo security team summarizes: The following issues were reported in CUPS: iDefense reported an integer overflow in the cupsImageReadTIFF function in the "imagetops" filter, leading to a heap-based buffer overflow CVE-2009-0163. Aaron Siegel of Apple Product Security reported that the CUPS web...

6.8CVSS1.2AI score0.04246EPSS
Exploits3References1
FreeBSD
FreeBSD
•added 2009/04/16 12:0 a.m.•46 views

xpdf -- multiple vulnerabilities

Secunia reports: Some vulnerabilities have been reported in Xpdf, which can be exploited by malicious people to potentially compromise a user's system. A boundary error exists when decoding JBIG2 symbol dictionary segments. This can be exploited to cause a heap-based buffer overflow and potential...

7.5CVSS8.8AI score0.07347EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2008/12/28 12:0 a.m.•46 views

xterm -- DECRQSS remote command execution vulnerability

SecurityFocus reports: The xterm program is prone to a remote command-execution vulnerability because it fails to sufficiently validate user input. Successfully exploiting this issue would allow an attacker to execute arbitrary commands on an affected computer in the context of the affected...

9.3CVSS7.2AI score0.04974EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2008/12/04 12:0 a.m.•46 views

php -- multiple vulnerabilities

Secunia reports: Some vulnerabilities have been reported in PHP, where some have an unknown impact and others can potentially be exploited by malicious people to cause a DoS Denial of Service or compromise a vulnerable system. An input validation error exists within the "ZipArchive::extractTo"...

7.5CVSS7.1AI score0.06847EPSS
Exploits6References5
FreeBSD
FreeBSD
•added 2008/10/05 12:0 a.m.•46 views

dovecot -- ACL plugin bypass vulnerabilities

Timo Sirainen reports in dovecot 1.1.4 release notes: ACL plugin fixes: Negative rights were actually treated as positive rights. 'k' right didn't prevent creating parent/child/child mailbox. ACL groups weren't working...

5CVSS6.5AI score0.01679EPSS
Exploits0
FreeBSD
FreeBSD
•added 2008/04/10 12:0 a.m.•46 views

python -- Integer Signedness Error in zlib Module

Justin Ferguson reports: Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow...

7.5CVSS6.2AI score0.22621EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2008/03/21 12:0 a.m.•46 views

php -- integer overflow vulnerability

CVE reports: Integer overflow in PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service and possibly have unspecified other impact via a printf format parameter with a large width specifier, related to the phpsprintfappendstring function in formattedprint.c and...

5CVSS6.8AI score0.02139EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2007/09/18 12:0 a.m.•46 views

mozilla -- code execution via Quicktime media-link files

The Mozilla Foundation reports a vulnerability within the mozilla browser. This vulnerability also affects various other browsers like firefox and seamonkey. The vulnerability is caused by QuickTime Media-Link files that contain a qtnext attribute. This could allow an attacker to start the browse...

5CVSS6.5AI score0.12383EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2006/07/10 12:0 a.m.•46 views

samba -- memory exhaustion DoS in smbd

The Samba Team reports: The smbd daemon maintains internal data structures used track active connections to file and printer shares. In certain circumstances an attacker may be able to continually increase the memory usage of an smbd process by issuing a large number of share connection requests...

5CVSS6.3AI score0.05503EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2006/05/18 12:0 a.m.•46 views

drupal -- multiple vulnerabilities

The Drupal team reports: Vulnerability: XSS Vulnerability in taxonomy module It is possible for a malicious user to insert and execute XSS into terms, due to lack of validation on output of the page title. The fix wraps the display of terms in checkplain...

2.6CVSS5.8AI score0.02536EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2006/05/02 12:0 a.m.•46 views

MySQL -- Information Disclosure and Buffer Overflow Vulnerabilities

Secunia reports: MySQL have some vulnerabilities, which can be exploited by malicious users to disclose potentially sensitive information and compromise a vulnerable system. 1 An error within the code that generates an error response to an invalid COMTABLEDUMP packet can be exploited by an...

6.5CVSS6.9AI score0.35984EPSS
Exploits0References7
FreeBSD
FreeBSD
•added 2005/06/29 12:0 a.m.•46 views

pear-XML_RPC -- arbitrary remote code execution

GulfTech Security Research Team reports: PEAR XMLRPC is vulnerable to a very high risk php code injection vulnerability due to unsanatized data being passed into an eval call...

7.5CVSS6.8AI score0.79071EPSS
Exploits5References2
FreeBSD
FreeBSD
•added 2005/06/28 12:0 a.m.•46 views

wordpress -- multiple vulnerabilities

GulfTech Security Research reports: There are a number of vulnerabilities in WordPress that may allow an attacker to ultimately run arbitrary code on the vulnerable system. These vulnerabilities include SQL Injection, Cross Site Scripting, and also issues that may aid an attacker in social...

7.5CVSS6.9AI score0.0932EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2005/03/17 12:0 a.m.•46 views

lsh -- multiple vulnerabilities

Secunia reports: A vulnerability has been reported in LSH, which potentially can be exploited by malicious people to cause a DoS Denial of Service...

7.5CVSS6.3AI score0.11818EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2005/02/10 12:0 a.m.•46 views

awstats -- arbitrary command execution

Several input validation errors exist in AWStats that allow a remote unauthenticated attacker to execute arbitrary commands with the priviliges of the web server. These programming errors involve CGI parameters including loadplugin, logfile, pluginmode, update, and possibly others. Additionally,...

7.5CVSS7.2AI score0.07365EPSS
Exploits3References4
FreeBSD
FreeBSD
•added 2004/10/21 12:0 a.m.•46 views

xpdf -- integer overflow vulnerabilities

Chris Evans discovered several integer arithmetic overflows in the xpdf 2 and xpdf 3 code bases. The flaws have impacts ranging from denial-of-service to arbitrary code execution...

7.1AI score
Exploits0References3
FreeBSD
FreeBSD
•added 2004/08/11 12:0 a.m.•46 views

qt -- image loader vulnerabilities

Qt contains several vulnerabilities related to image loading, including possible crashes when loading corrupt GIF, BMP, or JPEG images. Most seriously, Chris Evans reports that the BMP crash is actually due to a heap buffer overflow. It is believed that an attacker may be able to construct a BMP...

7.5AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2023/12/19 12:0 a.m.•45 views

FreeBSD -- Prefix Truncation Attack in the SSH protocol

Problem Description: The SSH protocol executes an initial handshake between the server and the client. This protocol handshake includes the possibility of several extensions allowing different options to be selected. Validation of the packets in the handshake is done through sequence numbers...

5.9CVSS7.4AI score0.93305EPSS
Exploits4
FreeBSD
FreeBSD
•added 2023/08/31 12:0 a.m.•45 views

Gitlab -- Vulnerabilities

Gitlab reports: Privilege escalation of "external user" to internal access through group service account Maintainer can leak sentry token by changing the configured URL fix bypass Google Cloud Logging private key showed in plain text in GitLab UI leaking to other group owners Information disclosu...

7.5CVSS6.3AI score0.00703EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/08/01 12:0 a.m.•45 views

FreeBSD -- Remote denial of service in IPv6 fragment reassembly

Problem Description: Each fragment of an IPv6 packet contains a fragment header which specifies the offset of the fragment relative to the original packet, and each fragment specifies its length in the IPv6 header. When reassembling the packet, the kernel calculates the complete IPv6 payload...

7.5CVSS7AI score0.0054EPSS
Exploits0
FreeBSD
FreeBSD
•added 2023/03/21 12:0 a.m.•45 views

curl -- multiple vulnerabilities

Wei Chong Tan, Harry Sintonen, and Hiroki Kurosawa reports: This update fixes 4 security vulnerabilities: Medium CVE-2023-28319: UAF in SSH sha256 fingerprint check. Reported by Wei Chong Tan on 2023-03-21 Low CVE-2023-28320: siglongjmp race condition. Reported by Harry Sintonen on 2023-04-02 Low...

7.5CVSS7AI score0.02658EPSS
Exploits4References4
FreeBSD
FreeBSD
•added 2022/11/29 12:0 a.m.•45 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 28 security fixes, including: 1379054 High CVE-2022-4174: Type Confusion in V8. Reported by Zhenghang Xiao @Kipreyyy on 2022-10-27 1381401 High CVE-2022-4175: Use after free in Camera Capture. Reported by Leecraso and Guang Gong of 360 Alpha Lab on...

8.8CVSS0.1AI score0.23918EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2022/09/07 12:0 a.m.•45 views

Grafana -- Improper authentication

Grafana Labs reports: On September 7, as a result of an internal security audit, we discovered a security vulnerability in Grafana’s basic authentication related to the usage of username and email address. n Grafana, a user’s username and email address are unique fields, which means no other user...

7.8CVSS6.5AI score0.01228EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2021/06/01 12:0 a.m.•45 views

Gitlab -- Multiple Vulnerabilities

Gitlab reports: Stealing GitLab OAuth access tokens using XSLeaks in Safari Denial of service through recursive triggered pipelines Unauthenticated CI lint API may lead to information disclosure and SSRF Server-side DoS through rendering crafted Markdown documents Issue and merge request length...

7.7CVSS1.4AI score0.01058EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2021/05/13 12:0 a.m.•45 views

PostgreSQL -- Memory disclosure in partitioned-table UPDATE ... RETURNING

The PostgreSQL project reports: Using an UPDATE ... RETURNING on a purpose-crafted partitioned table, an attacker can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can create prerequisite objects and complete this attack at will. A user lacki...

6.5CVSS2.1AI score0.01398EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2021/02/25 12:0 a.m.•45 views

salt -- multiple vulnerabilities

SaltStack reports multiple security vulnerabilities in Salt CVE-2021-3197: The Salt-API.s SSH client is vulnerable to a shell injection by including ProxyCommand in an argument, or via sshoptions provided in an API request. CVE-2021-25281: The Salt-API does not have eAuth credentials for the...

9.8CVSS3.4AI score0.92312EPSS
Exploits8References1
FreeBSD
FreeBSD
•added 2021/01/26 12:0 a.m.•45 views

jenkins -- Arbitrary file read vulnerability in workspace browsers

Jenkins Security Advisory: Description Medium SECURITY-2197 / CVE-2021-21615 Arbitrary file read vulnerability in workspace browsers...

5.3CVSS3.5AI score0.00899EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/11/02 12:0 a.m.•45 views

Gitlab -- Multiple vulnerabilities

Gitlab reports: Path Traversal in LFS Upload Path traversal allows saving packages in arbitrary location Kubernetes agent API leaks private repos Terraform state deletion API exposes object storage URL Stored-XSS in error message of build-dependencies Git credentials persisted on disk Potential...

8.7CVSS4AI score0.68639EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/07/15 12:0 a.m.•45 views

jenkins -- multiple vulnerabilities

Jenkins Security Advisory: Description High SECURITY-1868 / CVE-2020-2220 Stored XSS vulnerability in job build time trend High SECURITY-1901 / CVE-2020-2221 Stored XSS vulnerability in upstream cause High SECURITY-1902 / CVE-2020-2222 Stored XSS vulnerability in 'keep forever' badge icons High...

5.4CVSS0.2AI score0.01126EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/03/26 12:0 a.m.•45 views

Gitlab -- Multiple Vulnerabilities

Gitlab reports: Arbitrary File Read when Moving an Issue Path Traversal in NPM Package Registry SSRF on Project Import External Users Can Create Personal Snippet Triggers Decription Can be Updated by Other Maintainers in Project Information Disclosure on Confidential Issues Moved to Private...

9.8CVSS2AI score0.01448EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/01/14 12:0 a.m.•45 views

samba -- multiple vulnerabilities

The Samba Team reports: CVE-2019-14902 The implementation of ACL inheritance in the Samba AD DC was not complete, and so absent a 'full-sync' replication, ACLs could get out of sync between domain controllers. CVE-2019-14907 When processing untrusted string input Samba can read past the end of th...

6.5CVSS2.6AI score0.03151EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/11/27 12:0 a.m.•45 views

Gitlab -- Multiple Vulnerabilities

Gitlab reports: Unauthorized access to grafana metrics Update Mattermost dependency...

4.3CVSS2.5AI score0.00764EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/09/10 12:0 a.m.•45 views

OpenSSL -- Multiple vulnerabilities

The OpenSSL project reports: ECDSA remote timing attack CVE-2019-1547 Low Fork Protection CVE-2019-1549 Low OpenSSL 1.1.1 only...

5.3CVSS2.8AI score0.06232EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/08/13 12:0 a.m.•45 views

h2o -- multiple HTTP/2 vulnerabilities

Jonathon Loomey of Netflix reports: HTTP/2 implementations do not robustly handle abnormal traffic and resource exhaustion Recently, a series of DoS attack vulnerabilities have been reported on a broad range of HTTP/2 stacks. Among the vulnerabilities, H2O is exposed to the following: CVE-2019-95...

7.8CVSS1.7AI score0.87806EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2019/05/22 12:0 a.m.•45 views

Vim/NeoVim -- Security vulnerability

Security releases for Vim/NeoVim: Sandbox escape allows for arbitrary code execution...

9.3CVSS3.2AI score0.19111EPSS
Exploits5References1
FreeBSD
FreeBSD
•added 2019/05/17 12:0 a.m.•45 views

Payara -- A Polymorphic Typing issue in FasterXML jackson-databind

Payara Releases reports: The following is a list of tracked Common Vulnerabilities and Exposures that have been reported and analyzed, which can or have impacted Payara Server across releases: CVE-2019-12086 A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9...

7.5CVSS2.6AI score0.21949EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2017/10/16 12:0 a.m.•45 views

WPA packet number reuse with replayed messages and key reinstallation

wpasupplicant developers report: A vulnerability was found in how a number of implementations can be triggered to reconfigure WPA/WPA2/RSN keys TK, GTK, or IGTK by replaying a specific frame that is used to manage the keys...

8.1CVSS7.2AI score0.04575EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2017/08/10 12:0 a.m.•45 views

cvs -- Remote code execution via ssh command injection

Hank Leininger reports: Bugs in Git, Subversion, and Mercurial were just announced and patched which allowed arbitrary local command execution if a malicious name was used for the remote server, such as starting with - to pass options to the ssh client: git clone...

7.5CVSS7.8AI score0.05968EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2016/08/17 12:0 a.m.•45 views

phpmyadmin -- multiple vulnerabilities

The phpmyadmin development team reports: Weakness with cookie encryption Multiple XSS vulnerabilities Multiple XSS vulnerabilities PHP code injection Full path disclosure SQL injection attack Local file exposure Local file exposure through symlinks with UploadDir Path traversal with SaveDir and...

2AI score
Exploits0References27
FreeBSD
FreeBSD
•added 2016/07/26 12:0 a.m.•45 views

xen-kernel -- x86: Missing SMAP whitelisting in 32-bit exception / event delivery

The Xen Project reports: Supervisor Mode Access Prevention is a hardware feature designed to make an Operating System more robust, by raising a pagefault rather than accidentally following a pointer into userspace. However, legitimate accesses into userspace require whitelisting, and the exceptio...

6.2CVSS2.5AI score0.00639EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2016/06/20 12:0 a.m.•45 views

Apache Commons FileUpload -- denial of service (DoS) vulnerability

Mark Thomas reports: CVE-2016-3092 is a denial of service vulnerability that has been corrected in the Apache Commons FileUpload component. It occurred when the length of the multipart boundary was just below the size of the buffer 4096 bytes used to read the uploaded file. This caused the file...

7.8CVSS2AI score0.35927EPSS
Exploits0References4
FreeBSD
FreeBSD
•added 2016/06/09 12:0 a.m.•45 views

wget -- HTTP to FTP redirection file name confusion vulnerability

Giuseppe Scrivano reports: On a server redirect from HTTP to a FTP resource, wget would trust the HTTP server and uses the name in the redirected URL as the destination filename...

8.8CVSS8.7AI score0.45935EPSS
Exploits8References1
Total number of security vulnerabilities5000