Lucene search
K
FreebsdMost viewed

6585 matches found

FreeBSD
FreeBSD
•added 2012/04/19 12:0 a.m.•44 views

OpenSSL -- integer conversions result in memory corruption

OpenSSL security team reports: A potentially exploitable vulnerability has been discovered in the OpenSSL function asn1d2ireadbio. Any application which uses BIO or FILE based functions to read untrusted DER format data is vulnerable. Affected functions are of the form d2ibio or d2ifp, for exampl...

7.5CVSS8.7AI score0.48298EPSS
Exploits8References2
FreeBSD
FreeBSD
•added 2010/08/04 12:0 a.m.•44 views

openoffice.org -- Multiple vulnerabilities

OpenOffice.org Security Team reports: Fixed in OpenOffice.org 3.3 CVE-2010-2935 / CVE-2010-2936: Security Vulnerability in OpenOffice.org related to PowerPoint document processing CVE-2010-3450: Security Vulnerability in OpenOffice.org related to Extensions and filter package files CVE-2010-3451 ...

9.3CVSS7.2AI score0.10731EPSS
Exploits2References2
FreeBSD
FreeBSD
•added 2008/04/12 12:0 a.m.•44 views

png -- unknown chunk processing uninitialized memory access

Secunia reports: Tavis Ormandy has reported a vulnerability in libpng, which can be exploited by malicious people to cause a Denial of Service, disclose potentially sensitive information, or potentially compromise an application using the library. The vulnerability is caused due to the improper...

7.5CVSS7.3AI score0.05514EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2008/01/06 12:0 a.m.•44 views

postgresql -- multiple vulnerabilities

The PostgreSQL developers report: PostgreSQL allows users to create indexes on the results of user-defined functions, known as "expression indexes". This provided two vulnerabilities to privilege escalation: 1 index functions were executed as the superuser and not the table owner during VACUUM an...

6.5CVSS9.4AI score0.03844EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2007/11/14 12:0 a.m.•44 views

gtar -- GNU TAR safer_name_suffix Remote Denial of Service Vulnerability

SecurityFocus reports: GNUs tar and cpio utilities are prone to a denial-of-service vulnerability because of insecure use of the alloca function. Successfully exploiting this issue allows attackers to crash the affected utilities and possibly to execute code but this has not been confirmed...

7.5CVSS7.6AI score0.14902EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2005/05/23 12:0 a.m.•44 views

net-snmp -- fixproc insecure temporary file creation

A Gentoo advisory reports: Net-SNMP creates temporary files in an insecure manner, possibly allowing the execution of arbitrary code. A malicious local attacker could exploit a race condition to change the content of the temporary files before they are executed by fixproc, possibly leading to the...

10CVSS6.4AI score0.0864EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2004/07/16 12:0 a.m.•44 views

apache13-modssl -- format string vulnerability in proxy support

A OpenPKG Security Advisory reports: Triggered by a report to Packet Storm from Virulent, a format string vulnerability was found in modssl, the Apache SSL/TLS interface to OpenSSL, version up to and including 2.8.18 for Apache 1.3. The modssl in Apache 2.x is not affected. The vulnerability coul...

7.5CVSS6.2AI score0.05802EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2004/05/19 12:0 a.m.•44 views

subversion date parsing vulnerability

Stefan Esser reports: Subversion versions up to 1.0.2 are vulnerable to a date parsing vulnerability which can be abused to allow remote code execution on Subversion servers and therefore could lead to a repository compromise. NOTE: This vulnerability is similar to the date parsing issue that...

7.5CVSS7AI score0.7525EPSS
Exploits8References1
FreeBSD
FreeBSD
•added 2024/07/10 12:0 a.m.•43 views

Gitlab -- vulnerabilities

Gitlab reports: An attacker can run pipeline jobs as an arbitrary user Developer user with admincomplianceframework permission can change group URL Admin push rules custom role allows creation of project level deploy token Package registry vulnerable to manifest confusion User with admingroupmemb...

9.8CVSS7AI score0.06036EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2024/07/04 12:0 a.m.•43 views

Apache httpd -- source code disclosure

The Apache httpd project reports: isource code disclosure with handlers configured via AddType CVE-2024-39884 Important. A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under so...

6.2CVSS6.9AI score0.00889EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/11/13 12:0 a.m.•43 views

varnish -- HTTP/2 Rapid Reset Attack

Varnish Cache Project reports: A denial of service attack can be performed on Varnish Cache servers that have the HTTP/2 protocol turned on. An attacker can create a large volume of streams and immediately reset them without ever reaching the maximum number of concurrent streams allowed for the...

7.5CVSS7.4AI score0.99999EPSS
Exploits19References1
FreeBSD
FreeBSD
•added 2023/09/13 12:0 a.m.•43 views

curl -- HTTP headers eat all memory

selmelc on hackerone reports: When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large headers it would accept in a response, allowing a malicious server to stre...

7.5CVSS6.9AI score0.62246EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2023/05/11 12:0 a.m.•43 views

postgresql-server -- Row security policies disregard user ID changes after inlining

PostgreSQL Project reports While CVE-2016-2193 fixed most interaction between row security and user ID changes, it missed a scenario involving function inlining. This leads to potentially incorrect policies being applied in cases where role-specific policies are used and a given query is planned...

5.4CVSS7AI score0.00694EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/04/05 12:0 a.m.•43 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This update includes 16 security fixes: 1414018 High CVE-2023-1810: Heap buffer overflow in Visuals. Reported by Weipeng Jiang @Krace of VRI on 2023-02-08 1420510 High CVE-2023-1811: Use after free in Frames. Reported by Thomas Orlita on 2023-03-01 1418224 Medium...

8.8CVSS8.6AI score0.01077EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/04/04 12:0 a.m.•43 views

go -- multiple vulnerabilities

The Go project reports: go/parser: infinite loop in parsing Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow. html/template: backticks not treated as string delimiters Templates di...

9.8CVSS7.8AI score0.02281EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/02/16 12:0 a.m.•43 views

FreeBSD -- OpenSSH pre-authentication double free

Problem Description: A flaw in the backwards-compatibility key exchange route allows a pointer to be freed twice. Impact: A remote, unauthenticated attacker may be able to cause a denial of service, or possibly remote code execution. Note that FreeBSD 12.3 and FreeBSD 13.1 include older versions ...

6.5CVSS7.8AI score0.89955EPSS
Exploits10
FreeBSD
FreeBSD
•added 2022/11/24 12:0 a.m.•43 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 1 security fix: 1392715 High CVE-2022-4135: Heap buffer overflow in GPU. Reported by Clement Lecigne of Google's Threat Analysis Group on 2022-11-22 Google is aware that an exploit for CVE-2022-4135 exists in the wild...

9.6CVSS1.2AI score0.31864EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2022/09/26 12:0 a.m.•43 views

unbound -- Non-Responsive Delegation Attack

A vulnerability named 'Non-Responsive Delegation Attack' NRDelegation Attack has been discovered in various DNS resolving software. The NRDelegation Attack works by having a malicious delegation with a considerable number of non responsive nameservers. The attack starts by querying a resolver for...

7.5CVSS3.2AI score0.01293EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2022/09/07 12:0 a.m.•43 views

Grafana -- Data source and plugin proxy endpoints leaking authentication tokens to some destination plugins

Grafana Labs reports: On September 7th as a result of an internal security audit we have discovered that Grafana could leak the authentication cookie of users to plugins. After further analysis the vulnerability impacts data source and plugin proxy endpoints under certain conditions. We believe...

7.8CVSS6.4AI score0.01228EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2022/08/16 12:0 a.m.•43 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 11 security fixes, including: 1349322 Critical CVE-2022-2852: Use after free in FedCM. Reported by Sergei Glazunov of Google Project Zero on 2022-08-02 1337538 High CVE-2022-2854: Use after free in SwiftShader. Reported by Cassidy Kim of Amber Securi...

8.8CVSS0.7AI score0.04493EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2022/02/14 12:0 a.m.•43 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 11 security fixes, including: 1290008 High CVE-2022-0603: Use after free in File Manager. Reported by Chaoyuan Peng @ret2happy on 2022-01-22 1273397 High CVE-2022-0604: Heap buffer overflow in Tab Groups. Reported by Krace on 2021-11-24 1286940 High...

8.8CVSS0.23546EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2022/01/10 12:0 a.m.•43 views

Node.js -- January 2022 Security Releases

Node.js reports: Improper handling of URI Subject Alternative Names MediumCVE-2021-44531 Accepting arbitrary Subject Alternative Name SAN types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js was accepting URI SAN...

8.2CVSS1.5AI score0.21514EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2021/10/19 12:0 a.m.•43 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 19 security fixes, including: 1246631 High CVE-2021-37981: Heap buffer overflow in Skia. Reported by Yangkang @dnpushme of 360 ATA on 2021-09-04 1248661 High CVE-2021-37982: Use after free in Incognito. Reported by Weipeng Jiang @Krace from Codesafe...

9.6CVSS1.2AI score0.01EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2021/02/24 12:0 a.m.•43 views

FreeBSD -- Xen grant mapping error handling issues

Problem Description: Grant mapping operations often occur in batch hypercalls, where a number of operations are done in a single hypercall, the success or failure of each one reported to the backend driver, and the backend driver then loops over the results, performing follow-up actions based on...

5.5CVSS6.6AI score0.00346EPSS
Exploits0
FreeBSD
FreeBSD
•added 2021/02/16 12:0 a.m.•43 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 10 security fixes, including: 1138143 High CVE-2021-21149: Stack overflow in Data Transfer. Reported by Ryoya Tsukasaki on 2020-10-14 1172192 High CVE-2021-21150: Use after free in Downloads. Reported by Woojin Oh@pwnexpoit of STEALIEN on 2021-01-29...

9.6CVSS0.7AI score0.09458EPSS
Exploits8References1
FreeBSD
FreeBSD
•added 2021/01/06 12:0 a.m.•43 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This release includes 16 security fixes, including: 1148749 High CVE-2021-21106: Use after free in autofill. Reported by Weipeng Jiang @Krace from Codesafe Team of Legendsec at Qi'anxin Group on 2020-11-13 1153595 High CVE-2021-21107: Use after free in drag and drop...

9.6CVSS0.6AI score0.03095EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/10/27 12:0 a.m.•43 views

ImageMagick7 -- multiple vulnerabilities

CVE reports: Several vulnerabilities have been discovered in ImageMagick: CVE-2021-20313: A flaw was found in ImageMagick in versions before 7.0.11. A potential cipher leak when the calculate signatures in TransformSignature is possible. CVE-2021-20312: A flaw was found in ImageMagick in versions...

7.8CVSS3.7AI score0.07508EPSS
Exploits1
FreeBSD
FreeBSD
•added 2020/03/31 12:0 a.m.•43 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: This update contains 8 security fixes. 1062247 High CVE-2020-6450: Use after free in WebAudio. Reported by Man Yue Mo of Semmle Security Research Team on 2020-03-17 1061018 High CVE-2020-6451: Use after free in WebAudio. Reported by Man Yue Mo of Semmle Security...

8.8CVSS1.6AI score0.01814EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2020/01/30 12:0 a.m.•43 views

tauthon -- Regular Expression Denial of Service

The :class:urllib.request.AbstractBasicAuthHandler class of the :mod:urllib.request module uses an inefficient regular expression which can be exploited by an attacker to cause a denial of service...

7.1CVSS4.6AI score0.06617EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2020/01/30 12:0 a.m.•43 views

sudo -- Potential bypass of Runas user restrictions

Todd C. Miller reports: Sudo's pwfeedback option can be used to provide visual feedback when the user is inputting their password. For each key press, an asterisk is printed. This option was added in response to user confusion over how the standard Password: prompt disables the echoing of key...

7.8CVSS2.3AI score0.19426EPSS
Exploits13References1
FreeBSD
FreeBSD
•added 2020/01/13 12:0 a.m.•43 views

Payara -- path trasversal flaw via either loc/con parameters in Eclipse Mojarra

Payara Releases reports: The following is a list of tracked Common Vulnerabilities and Exposures that have been reported and analyzed, which can or have impacted Payara Server across releases: CVE-2020-6950 Eclipse Mojarra vulnerable to path trasversal flaw via either loc/con parameters...

6.5CVSS4.2AI score0.10124EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/10/24 12:0 a.m.•43 views

Python -- CRLF injection via the host part of the url passed to urlopen()

Python reports: An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n specifically in the host component...

6.1CVSS3AI score0.03513EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2019/02/08 12:0 a.m.•43 views

webkit-gtk -- Multiple vulnerabilities

The Webkitgtk project reports: CVE-2019-6212 - Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling. CVE-2019-6215 - Processing maliciously crafted web content may lead to arbitrary code...

8.8CVSS2.6AI score0.09755EPSS
Exploits3References1
FreeBSD
FreeBSD
•added 2018/07/24 12:0 a.m.•43 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 42 security fixes in this release, including: 850350 High CVE-2018-6153: Stack buffer overflow in Skia. Reported by Zhen Zhou of NSFOCUS Security Team on 2018-06-07 848914 High CVE-2018-6154: Heap buffer overflow in WebGL. Reported by Omair on 2018-06-01 842265 Hig...

9.6CVSS8.6AI score0.03296EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/02/23 12:0 a.m.•43 views

wireshark -- multiple security issues

wireshark developers reports: wnpa-sec-2018-05. IEEE 802.11 dissector crash. CVE-2018-7335 wnpa-sec-2018-06. Large or infinite loops in multiple dissectors. CVE-2018-7321 through CVE-2018-7333 wnpa-sec-2018-07. UMTS MAC dissector crash. CVE-2018-7334 wnpa-sec-2018-08. DOCSIS dissector crash...

7.5CVSS8AI score0.02743EPSS
Exploits2References11
FreeBSD
FreeBSD
•added 2018/02/21 12:0 a.m.•43 views

isc-dhcp -- Multiple vulnerabilities

ISC reports: Failure to properly bounds check a buffer used for processing DHCP options allows a malicious server or an entity masquerading as a server to cause a buffer overflow and resulting crash in dhclient by sending a response containing a specially constructed options section. A malicious...

8.1AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2017/12/08 12:0 a.m.•43 views

OpenJPEG -- multiple vulnerabilities

OpenJPEG reports: Multiple vulnerabilities have been found in OpenJPEG, the opensource JPEG 2000 codec. Please consult the CVE list for further details. CVE-2017-17479 and CVE-2017-17480 were fixed in r477112. CVE-2018-5785 was fixed in r480624. CVE-2018-6616 was fixed in r489415...

9.8CVSS1.4AI score0.05135EPSS
Exploits2References4
FreeBSD
FreeBSD
•added 2017/12/06 12:0 a.m.•43 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 37 security fixes in this release, including: 778505 Critical CVE-2017-15407: Out of bounds write in QUIC. Reported by Ned Williamson on 2017-10-26 762374 High CVE-2017-15408: Heap buffer overflow in PDFium. Reported by Ke Liu of Tencent's Xuanwu LAB on 2017-09-06...

8.8CVSS8.2AI score0.02963EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2017/10/13 12:0 a.m.•43 views

solr -- Code execution via entity expansion

Solr developers report: Lucene XML parser does not explicitly prohibit doctype declaration and expansion of external entities which leads to arbitrary HTTP requests to the local SOLR instance and to bypass all firewall restrictions. Solr "RunExecutableListener" class can be used to execute...

9.8CVSS9.6AI score0.91896EPSS
Exploits11References2
FreeBSD
FreeBSD
•added 2017/09/19 12:0 a.m.•43 views

perl -- multiple vulnerabilities

Meta CPAN reports: CVE-2017-12814: $ENV$key stack buffer overflow on Windows A possible stack buffer overflow in the %ENV code on Windows has been fixed by removing the buffer completely since it was superfluous anyway. CVE-2017-12837: Heap buffer overflow in regular expression compiler Compiling...

9.8CVSS9AI score0.06981EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2017/07/14 12:0 a.m.•43 views

krb5 -- Multiple vulnerabilities

MIT reports: CVE-2017-11368: In MIT krb5 1.7 and later, an authenticated attacker can cause an assertion failure in krb5kdc by sending an invalid S4U2Self or S4U2Proxy request. CVE-2017-11462: RFC 2744 permits a GSS-API implementation to delete an existing security context on a second or subseque...

9.8CVSS6.8AI score0.05481EPSS
Exploits0References6
FreeBSD
FreeBSD
•added 2017/01/27 12:0 a.m.•43 views

mysql -- denial of service vulnerability

Openwall reports: C client library for MySQL libmysqlclient.so has use-after-free defect which can cause crash of applications using that MySQL client...

7.5CVSS7.8AI score0.04905EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/01/05 12:0 a.m.•43 views

tomcat -- information disclosure vulnerability

The Apache Software Foundation reports: Important: Information Disclosure CVE-2016-8745...

7.5CVSS1.4AI score0.16038EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2016/12/06 12:0 a.m.•43 views

RabbitMQ -- Authentication vulnerability

Pivotal.io reports: MQTT MQ Telemetry Transport connection authentication with a username/password pair succeeds if an existing username is provided but the password is omitted from the connection request. Connections that use TLS with a client-provided certificate are not affected...

9.8CVSS2.5AI score0.01378EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2016/08/19 12:0 a.m.•43 views

mailman -- CSRF protection enhancements

Mark Sapiro reports: CSRF protection has been extended to the user options page. This was actually fixed by Tokio Kikuchi as part of the fix for LP: 775294 and intended for Mailman 2.1.15, but that fix wasn't completely merged at the time. The full fix also addresses the admindb, and edithtml pag...

8.8CVSS1.1AI score0.01613EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2016/02/27 12:0 a.m.•43 views

pcre -- heap overflow vulnerability

Mitre reports: The pcrecompile2 function in pcrecompile.c in PCRE 8.38 mishandles the /?:F?+?:^?Ra+"99-?J?'R'?'R'?'RR'?'R'\97?J?J?'R'?'R'\99|:?|?'R'\k'R'|?'R'H'R'RH'R/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service heap-based buffer...

9.8CVSS7.3AI score0.07791EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2016/02/17 12:0 a.m.•43 views

xen-kernel -- VMX: guest user mode may crash guest with non-canonical RIP

The Xen Project reports: VMX refuses attempts to enter a guest with an instruction pointer which doesn't satisfy certain requirements. In particular, the instruction pointer needs to be canonical when entering a guest currently in 64-bit mode. This is the case even if the VM entry information...

5.5CVSS0.2AI score0.00391EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/12/03 12:0 a.m.•43 views

openssl -- multiple vulnerabilities

OpenSSL project reports: BNmodexp may produce incorrect results on x8664 CVE-2015-3193 Certificate verify crash with missing PSS parameter CVE-2015-3194 X509ATTRIBUTE memory leak CVE-2015-3195 Race condition handling PSK identify hint CVE-2015-3196 Anon DH ServerKeyExchange with 0 p parameter...

7.5CVSS7.3AI score0.44016EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2015/11/30 12:0 a.m.•43 views

libraw -- memory objects not properly initialized

ChenQin reports: The LibRaw raw image decoder has multiple vulnerabilities that can cause memory errors which may lead to code execution or other problems. In CVE-2015-8367, LibRaw's phaseonecorrect function does not handle memory initialization correctly, which may cause other problems...

9.8CVSS9.7AI score0.05454EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2015/10/30 12:0 a.m.•43 views

libvirt -- ACL bypass using ../ to access beyond storage pool

Libvit development team reports: Various virStorageVol API operate on user-supplied volume names by concatenating the volume name to the pool location. Note that the virStoragePoolListVolumes API, when used on a storage pool backed by a directory in a file system, will only list volumes immediate...

2.5CVSS5.4AI score0.00451EPSS
Exploits0References1
Total number of security vulnerabilities5000