Lucene search
K
FreebsdMost viewed

6585 matches found

FreeBSD
FreeBSD
•added 2017/01/05 12:0 a.m.•43 views

tomcat -- information disclosure vulnerability

The Apache Software Foundation reports: Important: Information Disclosure CVE-2016-8745...

7.5CVSS1.4AI score0.16038EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2016/12/06 12:0 a.m.•43 views

RabbitMQ -- Authentication vulnerability

Pivotal.io reports: MQTT MQ Telemetry Transport connection authentication with a username/password pair succeeds if an existing username is provided but the password is omitted from the connection request. Connections that use TLS with a client-provided certificate are not affected...

9.8CVSS2.5AI score0.01378EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2016/08/19 12:0 a.m.•43 views

mailman -- CSRF protection enhancements

Mark Sapiro reports: CSRF protection has been extended to the user options page. This was actually fixed by Tokio Kikuchi as part of the fix for LP: 775294 and intended for Mailman 2.1.15, but that fix wasn't completely merged at the time. The full fix also addresses the admindb, and edithtml pag...

8.8CVSS1.1AI score0.01613EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2016/02/27 12:0 a.m.•43 views

pcre -- heap overflow vulnerability

Mitre reports: The pcrecompile2 function in pcrecompile.c in PCRE 8.38 mishandles the /?:F?+?:^?Ra+"99-?J?'R'?'R'?'RR'?'R'\97?J?J?'R'?'R'\99|:?|?'R'\k'R'|?'R'H'R'RH'R/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service heap-based buffer...

9.8CVSS7.3AI score0.07791EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2016/02/17 12:0 a.m.•43 views

xen-kernel -- VMX: guest user mode may crash guest with non-canonical RIP

The Xen Project reports: VMX refuses attempts to enter a guest with an instruction pointer which doesn't satisfy certain requirements. In particular, the instruction pointer needs to be canonical when entering a guest currently in 64-bit mode. This is the case even if the VM entry information...

5.5CVSS0.2AI score0.00391EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/12/03 12:0 a.m.•43 views

openssl -- multiple vulnerabilities

OpenSSL project reports: BNmodexp may produce incorrect results on x8664 CVE-2015-3193 Certificate verify crash with missing PSS parameter CVE-2015-3194 X509ATTRIBUTE memory leak CVE-2015-3195 Race condition handling PSK identify hint CVE-2015-3196 Anon DH ServerKeyExchange with 0 p parameter...

7.5CVSS7.3AI score0.44016EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2015/11/30 12:0 a.m.•43 views

libraw -- memory objects not properly initialized

ChenQin reports: The LibRaw raw image decoder has multiple vulnerabilities that can cause memory errors which may lead to code execution or other problems. In CVE-2015-8367, LibRaw's phaseonecorrect function does not handle memory initialization correctly, which may cause other problems...

9.8CVSS9.7AI score0.05454EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2015/10/30 12:0 a.m.•43 views

libvirt -- ACL bypass using ../ to access beyond storage pool

Libvit development team reports: Various virStorageVol API operate on user-supplied volume names by concatenating the volume name to the pool location. Note that the virStoragePoolListVolumes API, when used on a storage pool backed by a directory in a file system, will only list volumes immediate...

2.5CVSS5.4AI score0.00451EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/10/16 12:0 a.m.•43 views

mediawiki -- multiple vulnerabilities

MediaWiki reports: Wikipedia user RobinHood70 reported two issues in the chunked upload API. The API failed to correctly stop adding new chunks to the upload when the reported size was exceeded T91203, allowing a malicious users to upload add an infinite number of chunks for a single file upload...

9.8CVSS8.4AI score0.02871EPSS
Exploits1References7
FreeBSD
FreeBSD
•added 2015/10/16 12:0 a.m.•43 views

qemu -- denial of service vulnerabilities in eepro100 NIC support

Prasad J Pandit, Red Hat Product Security Team, reports: Qemu emulator built with the i8255x PRO100 emulation support is vulnerable to an infinite loop issue. It could occur while processing a chain of commands located in the Command Block List CBL. Each Command BlockCB points to the next command...

6.5CVSS8AI score0.00393EPSS
Exploits0References4
FreeBSD
FreeBSD
•added 2015/09/23 12:0 a.m.•43 views

Git -- Execute arbitrary code

Git release notes: Some protocols like git-remote-ext can execute arbitrary code found in the URL. The URLs that submodules use may come from arbitrary sources e.g., .gitmodules files in a remote repository, and can hurt those who blindly enable recursive fetch. Restrict the allowed protocols to...

9.8CVSS9.3AI score0.20144EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2015/09/08 12:0 a.m.•43 views

Joomla! -- Core - XSS Vulnerability

The JSST and the Joomla! Security Center report: 20150908 - Core - XSS Vulnerability Inadequate escaping leads to XSS vulnerability in login module...

4.3CVSS5.9AI score0.02948EPSS
Exploits3References2
FreeBSD
FreeBSD
•added 2015/09/05 12:0 a.m.•43 views

ffmpeg -- multiple vulnerabilities

NVD reports: The decodeihdrchunk function in libavcodec/pngdec.c in FFmpeg before 2.7.2 does not enforce uniqueness of the IHDR aka image header chunk in a PNG image, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact vi...

7.5CVSS9.3AI score0.02412EPSS
Exploits0References10
FreeBSD
FreeBSD
•added 2015/08/05 12:0 a.m.•43 views

adminer -- XSS vulnerability

Jakub Vrana reports: Fix XSS in alter table...

1.3AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2015/04/29 12:0 a.m.•43 views

clamav -- multiple vulnerabilities

ClamAV project reports: ClamAV 0.98.7 is here! This release contains new scanning features and bug fixes. Fix infinite loop condition on crafted y0da cryptor file. Identified and patch suggested by Sebastian Andrzej Siewior. CVE-2015-2221. Fix crash on crafted petite packed file. Reported and pat...

6.8CVSS8AI score0.0837EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2015/02/05 12:0 a.m.•43 views

chromium -- multiple vulnerabilities

Chrome Releases reports: 11 security fixes in this release, including: 447906 High CVE-2015-1209: Use-after-free in DOM. Credit to Maksymillian. 453979 High CVE-2015-1210: Cross-origin-bypass in V8 bindings. Credit to anonymous. 453982 High CVE-2015-1211: Privilege escalation using service worker...

7.5CVSS6.8AI score0.02854EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/01/08 12:0 a.m.•43 views

rabbitmq -- Security issues in management plugin

The RabbitMQ project reports: Some user-controllable content was not properly HTML-escaped before being presented to a user in the management web UI: When a user unqueued a message from the management UI, message details header names, arguments, etc. were displayed unescaped. An attacker could...

3.5CVSS7AI score0.01152EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2014/12/16 12:0 a.m.•43 views

file -- multiple vulnerabilities

RedHat reports: Thomas Jarosch of Intra2net AG reported a number of denial of service issues resource consumption in the ELF parser used by file1. These issues were fixed in the 5.21 release of file1, but by mistake are missing from the changelog...

5CVSS7.5AI score0.14013EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2014/11/10 12:0 a.m.•43 views

dbus -- incomplete fix for CVE-2014-3636 part A

Simon McVittie reports: The patch issued by the D-Bus maintainers for CVE-2014-3636 was based on incorrect reasoning, and does not fully prevent the attack described as "CVE-2014-3636 part A", which is repeated below. Preventing that attack requires raising the system dbus-daemon's RLIMITNOFILE...

1.9CVSS6.5AI score0.00528EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2014/06/23 12:0 a.m.•43 views

samba -- multiple vulnerabilities

The samba project reports: A malformed packet can cause the nmbd server to loop the CPU and prevent any further NetBIOS name service. Valid unicode path names stored on disk can cause smbd to crash if an authenticated client attempts to read them using a non-unicode request...

3.3CVSS8.9AI score0.20481EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2014/05/14 12:0 a.m.•43 views

gnutls -- client-side memory corruption

GnuTLS project reports: This vulnerability affects the client side of the gnutls library. A server that sends a specially crafted ServerHello could corrupt the memory of a requesting client...

6.8CVSS7.7AI score0.11221EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2014/04/24 12:0 a.m.•43 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports belatedly: 9 security fixes in this release, including: 354967 High CVE-2014-1730: Type confusion in V8. Credit to Anonymous. 349903 High CVE-2014-1731: Type confusion in DOM. Credit to John Butler. 359802 High CVE-2014-1736: Integer overflow in V8. Credit to SkyLin...

7.8CVSS1.3AI score0.03252EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2013/11/22 12:0 a.m.•43 views

ruby -- Heap Overflow in Floating Point Parsing

Ruby developers report: Any time a string is converted to a floating point value, a specially crafted string can cause a heap overflow. This can lead to a denial of service attack via segmentation faults and possibly arbitrary code execution. Any program that converts input of unknown origin to...

6.8CVSS7.4AI score0.34968EPSS
Exploits3References2
FreeBSD
FreeBSD
•added 2013/07/10 12:0 a.m.•43 views

PHP5 -- Heap corruption in XML parser

The PHP development team reports: ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified other impact via a crafted document that is processed by the...

6.8CVSS7AI score0.05186EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2013/06/04 12:0 a.m.•43 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 242322 Medium CVE-2013-2855: Memory corruption in dev tools API. Credit to "daniel.zulla". 242224 High CVE-2013-2856: Use-after-free in input handling. Credit to miaubiz. 240124 High CVE-2013-2857: Use-after-free in image handling. Credit to miaubiz. 239897 High...

10CVSS2.4AI score0.03585EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2013/04/24 12:0 a.m.•43 views

phpMyAdmin -- Multiple security vulnerabilities

The phpMyAdmin development team reports: In some PHP versions, the pregreplace function can be tricked into executing arbitrary PHP code on the server. This is done by passing a crafted argument as the regular expression, containing a null byte. phpMyAdmin does not correctly sanitize an argument...

6.7AI score
Exploits0
FreeBSD
FreeBSD
•added 2012/12/06 12:0 a.m.•43 views

libarchive -- multiple vulnerabilities

MITRE reports: Integer signedness error in the archivewritezipdata function in archivewritesetformatzip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service crash via unspecified vectors, which triggers an improper...

6.4CVSS7.5AI score0.0489EPSS
Exploits1References7
FreeBSD
FreeBSD
•added 2012/10/07 12:0 a.m.•43 views

apache22 -- several vulnerabilities

Apache HTTP SERVER PROJECT reports: low: XSS due to unescaped hostnames CVE-2012-3499 Various XSS flaws due to unescaped hostnames and URIs HTML output in modinfo, modstatus, modimagemap, modldap, and modproxyftp. moderate: XSS in modproxybalancer CVE-2012-4558 A XSS flaw affected the...

4.3CVSS6.1AI score0.22913EPSS
Exploits3
FreeBSD
FreeBSD
•added 2012/07/31 12:0 a.m.•43 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: Linux only 125225 Medium CVE-2012-2846: Cross-process interference in renderers. Credit to Google Chrome Security Team Julien Tinnes. 127522 Low CVE-2012-2847: Missing re-prompt to user upon excessive downloads. Credit to Matt Austin of Aspect Security. 127525 Medi...

7.5CVSS0.7AI score0.01444EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2012/02/15 12:0 a.m.•43 views

linux-flashplugin -- multiple vulnerabilities

These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system...

10CVSS6.5AI score0.9203EPSS
Exploits13References1
FreeBSD
FreeBSD
•added 2011/05/26 12:0 a.m.•43 views

BIND -- Large RRSIG RRsets and Negative Caching DoS

ISC reports: A BIND 9 DNS server set up to be a caching resolver is vulnerable to a user querying a domain with very large resource record sets RRSets when trying to negatively cache a response. This can cause the BIND 9 DNS server named process to crash...

5CVSS8.6AI score0.24638EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2010/07/20 12:0 a.m.•43 views

mozilla -- multiple vulnerabilities

The Mozilla Project reports: MFSA 2010-34 Miscellaneous memory safety hazards rv:1.9.2.7/ 1.9.1.11 MFSA 2010-35 DOM attribute cloning remote code execution vulnerability MFSA 2010-36 Use-after-free error in NodeIterator MFSA 2010-37 Plugin parameter EnsureCachedAttrParamArrays remote code executi...

9.8CVSS10.4AI score0.43382EPSS
Exploits27References14
FreeBSD
FreeBSD
•added 2010/04/13 12:0 a.m.•43 views

KDM -- local privilege escalation vulnerability

KDE Security Advisory reports: KDM contains a race condition that allows local attackers to make arbitrary files on the system world-writeable. This can happen while KDM tries to create its control socket during user login. A local attacker with a valid local account can under certain circumstanc...

6.9CVSS9.6AI score0.00279EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2010/03/11 12:0 a.m.•43 views

dojo -- cross-site scripting and other vulnerabilities

The Dojo Toolkit team reports: Some PHP files did not properly escape input. Some files could operate like "open redirects". A bad actor could form an URL that looks like it came from a trusted site, but the user would be redirected or load content from the bad actor's site. A file exposed a more...

7.3AI score
Exploits0References5
FreeBSD
FreeBSD
•added 2009/08/11 12:0 a.m.•43 views

GnuTLS -- improper SSL certificate verification

GnuTLS reports: By using a NUL byte in CN/SAN fields, it was possible to fool GnuTLS into 1 not printing the entire CN/SAN field value when printing a certificate and 2 cause incorrect positive matches when matching a hostname against a certificate...

7.5CVSS5AI score0.02151EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2009/08/03 12:0 a.m.•43 views

libxml -- Multiple use-after-free vulnerabilities

Multiple use-after-free vulnerabilities in libxml 1.8.17 that allow context-dependent attackers to cause a denial of service application crash via crafted 1 Notation or 2 Enumeration attribute types in an XML file...

6.5CVSS5.4AI score0.01793EPSS
Exploits2
FreeBSD
FreeBSD
•added 2008/08/14 12:0 a.m.•43 views

joomla -- flaw in the reset token validation

Joomla project reports: A flaw in the reset token validation mechanism allows for non-validating tokens to be forged. This will allow an unauthenticated, unauthorized user to reset the password of the first enabled user lowest id. Typically, this is an administrator user. Note, that changing the...

7.5CVSS6.4AI score0.09399EPSS
Exploits0
FreeBSD
FreeBSD
•added 2008/02/20 12:0 a.m.•43 views

opera -- multiple vulnerabilities

Opera Software ASA reports about multiple security fixes: Fixed an issue where simulated text inputs could trick users into uploading arbitrary files, as reported by Mozilla. Image properties can no longer be used to execute scripts, as reported by Max Leonov. Fixed an issue where the...

6.5AI score
Exploits0References4
FreeBSD
FreeBSD
•added 2007/11/14 12:0 a.m.•43 views

mysql -- privilege escalation and overwrite of the system table information

MySQL reports: Using RENAME TABLE against a table with explicit DATA DIRECTORY and INDEX DIRECTORY options can be used to overwrite system table information by replacing the symbolic link points. the file to which the symlink points...

7.1CVSS6.3AI score0.1426EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2007/11/11 12:0 a.m.•43 views

phpmyadmin -- cross-site scripting vulnerability

The DigiTrust Group reports: When creating a new database, a malicious user can use a client-side Web proxy to place malicious code in the db parameter of the POST request. Since dbcreate.php does not properly sanitize user-supplied input, an administrator could face a persistent XSS attack when...

6.4AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2007/10/17 12:0 a.m.•43 views

phpmyadmin -- cross-site scripting vulnerability

The DigiTrust Group discovered serious XSS vulnerability in the phpMyAdmin serverstatus.php script. According to their report vulnerability can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site...

4.3CVSS6.4AI score0.03326EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2007/09/27 12:0 a.m.•43 views

tcl/tk -- buffer overflow in ReadImage function

A Buffer overflow in the ReadImage function in generic/tkImgGIF.c in Tcl/Tk, allows remote attackers to execute arbitrary code via multi-frame interlaced GIF files in which later frames are smaller than the first...

6.8CVSS7.7AI score0.04855EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2007/07/30 12:0 a.m.•43 views

xpdf -- stack based buffer overflow

The KDE Team reports: kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains a vulnerability that can cause a stack based buffer overflow via a PDF file that exploits an integer overflow in StreamPredictor::StreamPredictor. Remotely supplied pdf files can be used to disrupt the kpdf viewe...

6.8CVSS7.6AI score0.08565EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2007/05/15 12:0 a.m.•43 views

png -- DoS crash vulnerability

A Libpng Security Advisory reports: A grayscale PNG image with a malformed bad CRC tRNS chunk will crash some libpng applications. This vulnerability could be used to crash a browser when a user tries to view such a malformed PNG file. It is not known whether the vulnerability could be exploited...

5CVSS9AI score0.05115EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2006/12/06 12:0 a.m.•43 views

FreeBSD -- Kernel memory disclosure in firewire(4)

Problem Description: In the FWGCROM ioctl, a signed integer comparison is used instead of an unsigned integer comparison when computing the length of a buffer to be copied from the kernel into the calling application. Impact: A user in the "operator" group can read the contents of kernel memory...

2.1CVSS6.3AI score0.00398EPSS
Exploits0
FreeBSD
FreeBSD
•added 2006/09/19 12:0 a.m.•43 views

gzip -- multiple vulnerabilities

Problem Description Multiple programming errors have been found in gzip which can be triggered when gzip is decompressing files. These errors include insufficient bounds checks in buffer use, a NULL pointer dereference, and a potential infinite loop. Impact The insufficient bounds checks in buffe...

7.5CVSS6.9AI score0.05641EPSS
Exploits1
FreeBSD
FreeBSD
•added 2005/07/20 12:0 a.m.•43 views

fetchmail -- remote root/code injection from malicious POP3 server

fetchmail's POP3/UIDL code does not truncate received UIDs properly. A malicious or compromised POP3 server can thus corrupt fetchmail's stack and inject code when fetchmail is using UIDL, either through configuration, or as a result of certain server capabilities. Note that fetchmail is run as...

5CVSS6.6AI score0.05882EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2004/10/13 12:0 a.m.•43 views

tiff -- RLE decoder heap overflows

Chris Evans discovered several heap buffer overflows in libtiff's RLE decoder. These overflows could be triggered by a specially-crafted TIFF image file, resulting in an application crash and possibly arbitrary code execution...

7.5CVSS7.1AI score0.08268EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2004/07/22 12:0 a.m.•43 views

mozilla -- POP client heap overflow

zen-parse discovered a heap buffer overflow in Mozilla's POP client implementation. A malicious POP server could exploit this vulnerability to cause Mozilla to execute arbitrary code...

10CVSS7AI score0.05346EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2003/12/31 12:0 a.m.•43 views

mailman XSS in admin script

Dirk Mueller reports: I've found a cross-site scripting vulnerability in the admin interface of mailman 2.1.3 that allows, under certain circumstances, for anyone to retrieve the valid session cookie...

6.8CVSS6.2AI score0.01997EPSS
Exploits0References2
Total number of security vulnerabilities5000