Lucene search
K
FreebsdMost viewed

6585 matches found

FreeBSD
FreeBSD
•added 2022/08/09 12:0 a.m.•41 views

Grafana -- Privilege escalation

Grafana Labs reports: On August 9 an internal security review identified a vulnerability in the Grafana which allows an escalation from Admin privileges to Server Admin when Auth proxy authentication is used. Auth proxy allows to authenticate a user by only providing the username or email in a...

6.6CVSS6.4AI score0.01302EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2022/07/08 12:0 a.m.•41 views

mat2 -- directory traversal/arbitrary file read during ZIP file processing

mat2 aka metadata anonymisation toolkit before 0.13.0 allows ../ directory traversal during the ZIP archive cleaning process. This primarily affects mat2 web instances, in which clients could obtain sensitive information via a crafted archive...

7.5CVSS4.3AI score0.02103EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2022/04/14 12:0 a.m.•41 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 2 security fixes, including: 1315901 High CVE-2022-1364: Type Confusion in V8. Reported by Clément Lecigne of Google's Threat Analysis Group on 2022-0-13...

8.8CVSS0.9AI score0.1372EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2022/04/06 12:0 a.m.•41 views

FreeBSD -- mpr/mps/mpt driver ioctl heap out-of-bounds write

Problem Description: Handlers for CFGPAGE read / write ioctls in the mpr, mps, and mpt drivers allocated a buffer of a caller-specified size, but copied to it a fixed size header. Other heap content would be overwritten if the specified size was too small. Impact: Users with access to the mpr, mp...

9.8CVSS2.3AI score0.00447EPSS
Exploits0
FreeBSD
FreeBSD
•added 2022/03/31 12:0 a.m.•41 views

dnsmasq -- heap use-after-free in dhcp6_no_relay

Petr Menšík reports: Possible vulnerability ... found in latest dnsmasq. It was found with help of oss-fuzz Google project by me and short after that independently also by Richard Johnson of Trellix Threat Labs. It is affected only by DHCPv6 requests, which could be crafted to modify already free...

7.5CVSS0.9AI score0.01487EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2021/12/01 12:0 a.m.•41 views

NSS -- Memory corruption

The Mozilla project reports: Memory corruption in NSS via DER-encoded DSA and RSA-PSS signatures Critical NSS Network Security Services versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling...

9.8CVSS1.6AI score0.17563EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2021/11/04 12:0 a.m.•41 views

jenkins -- multiple vulnerabilities

Jenkins Security Advisory: Description Critical SECURITY-2455 / CVE-2021-21685, CVE-2021-21686, CVE-2021-21687, CVE-2021-21688, CVE-2021-21689, CVE-2021-21690, CVE-2021-21691, CVE-2021-21692, CVE-2021-21693, CVE-2021-21694, CVE-2021-21695 Multiple vulnerabilities allow bypassing path filtering of...

9.8CVSS9.1AI score0.02451EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2021/09/30 12:0 a.m.•41 views

Gitlab -- vulnerabilities

Gitlab reports: Stored XSS in merge request creation page Denial-of-service attack in Markdown parser Stored Cross-Site Scripting vulnerability in the GitLab Flavored Markdown DNS Rebinding vulnerability in Gitea importer Exposure of trigger tokens on project exports Improper access control for...

8.7CVSS1AI score0.01227EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2021/08/30 12:0 a.m.•41 views

Python -- multiple vulnerabilities

Python reports: bpo-42278: Replaced usage of tempfile.mktemp with TemporaryDirectory to avoid a potential race condition. bpo-41180: Add auditing events to the marshal module, and stop raising code.init events for every unmarshalled code object. Directly instantiated code objects will continue to...

6.8CVSS1.4AI score0.19433EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2021/08/30 12:0 a.m.•41 views

Python -- multiple vulnerabilities

Python reports: bpo-42278: Replaced usage of tempfile.mktemp with TemporaryDirectory to avoid a potential race condition. bpo-44394: Update the vendored copy of libexpat to 2.4.1 from 2.2.8 to get the fix for the CVE-2013-0340 "Billion Laughs" vulnerability. This copy is most used on Windows and...

6.8CVSS2AI score0.19433EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2021/08/30 12:0 a.m.•41 views

Python -- multiple vulnerabilities

Python reports: bpo-44394: Update the vendored copy of libexpat to 2.4.1 from 2.2.8 to get the fix for the CVE-2013-0340 "Billion Laughs" vulnerability. This copy is most used on Windows and macOS. bpo-43124: Made the internal putcmd function in smtplib sanitize input for presence of \r and \n...

6.8CVSS3.7AI score0.19433EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2021/05/07 12:0 a.m.•41 views

tomcat -- HTTP request smuggling in multiple versions

Bahruz Jabiyev, Steven Sprecher and Kaan Onarlioglu of NEU seclab reports: Apache Tomcat did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy. Specifically: Tomcat incorrectly ignored...

5.3CVSS6.4AI score0.75353EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2021/04/28 12:0 a.m.•41 views

Gitlab -- Vulnerabilities

Gitlab reports: Read API scoped tokens can execute mutations Pull mirror credentials were exposed Denial of Service when querying repository branches API Non-owners can set systemnotetimestamp when creating / updating issues DeployToken will impersonate a User with the same ID when using Dependen...

7.5CVSS3.3AI score0.0115EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2021/03/24 12:0 a.m.•41 views

samba -- Multiple Vulnerabilities

The Samba Team reports: CVE-2020-27840: An anonymous attacker can crash the Samba AD DC LDAP server by sending easily crafted DNs as part of a bind request. More serious heap corruption is likely also possible. CVE-2021-20277: User-controlled LDAP filter strings against the AD DC LDAP server may...

7.5CVSS1.2AI score0.04328EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2021/01/13 12:0 a.m.•41 views

jenkins -- multiple vulnerabilities

Jenkins Security Advisory: Description Medium SECURITY-1452 / CVE-2021-21602 Arbitrary file read vulnerability in workspace browsers High SECURITY-1889 / CVE-2021-21603 XSS vulnerability in notification bar High SECURITY-1923 / CVE-2021-21604 Improper handling of REST API XML deserialization erro...

8CVSS2AI score0.02226EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/07/14 12:0 a.m.•41 views

VirtualBox -- Multiple vulnerabilities

Oracle reports: Vulnerabilities in VirtualBox core can allow users with logon access to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of these vulnerabilities can result in unauthorized access to critical data, access to all Oracle V...

8.2CVSS2.1AI score0.00565EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/07/06 12:0 a.m.•41 views

php72 -- use of freed hash key

grigoritchy at gmail dot com reports: The pharparsezipfile function had use-after-free vulnerability because of mishandling of the actualalias variable...

4.8CVSS1.7AI score0.01661EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2020/07/04 12:0 a.m.•41 views

The Bouncy Castle Crypto APIs -- EC math vulnerability

The Bouncy Castle team reports:: Bouncy Castle BC Java before 1.66 has a timing issue within the EC math library that can expose information about the private key when an attacker is able to observe timing information for the generation of multiple deterministic ECDSA signatures...

5.9CVSS1.6AI score0.01522EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/05/18 12:0 a.m.•41 views

libexif -- multiple vulnerabilities

Release notes: Lots of fixes exposed by fuzzers like AFL, ClusterFuzz, OSSFuzz and others: CVE-2016-6328: fixed integer overflow when parsing maker notes CVE-2017-7544: fixed buffer overread CVE-2018-20030: Fix for recursion DoS CVE-2019-9278: replaced integer overflow checks the compiler could...

9.1CVSS5AI score0.04059EPSS
Exploits1References10
FreeBSD
FreeBSD
•added 2020/02/10 12:0 a.m.•41 views

Squid -- multiple vulnerabilities

The Squid developers reports: Improper Input Validation issues in HTTP Request processing CVE-2020-8449, CVE-2020-8450. Information Disclosure issue in FTP Gateway CVE-2019-12528. Buffer Overflow issue in extlmgroupacl helper CVE-2020-8517...

7.5CVSS1.4AI score0.7179EPSS
Exploits0References5
FreeBSD
FreeBSD
•added 2019/11/19 12:0 a.m.•41 views

unbound -- parsing vulnerability

Unbound Security Advisories: Recent versions of Unbound contain a vulnerability that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with --enable-ipsecmod support, and ipsecmod is enabled and used in the...

7.3CVSS4.8AI score0.03212EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2019/09/25 12:0 a.m.•41 views

jenkins -- multiple vulnerabilities

Jenkins Security Advisory: Description Medium SECURITY-1498 / CVE-2019-10401 Stored XSS vulnerability in expandable textbox form control Medium SECURITY-1525 / CVE-2019-10402 XSS vulnerability in combobox form control Medium SECURITY-1537 1 / CVE-2019-10403 Stored XSS vulnerability in SCM tag...

5.4CVSS5.2AI score0.65753EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/09/11 12:0 a.m.•41 views

curl -- multiple vulnerabilities

curl security problems: CVE-2019-5481: FTP-KRB double-free libcurl can be told to use kerberos over FTP to a server, as set with the CURLOPTKRBLEVEL option. During such kerberos FTP data transfer, the server sends data to curl in blocks with the 32 bit size of each block first and then that amoun...

9.8CVSS1.4AI score0.17939EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2019/07/24 12:0 a.m.•41 views

FreeBSD -- telnet(1) client multiple vulnerabilities

Problem Description: Insufficient validation of environment variables in the telnet client supplied in FreeBSD can lead to stack-based buffer overflows. A stack- based overflow is present in the handling of environment variables when connecting via the telnet client to remote telnet servers. This...

7.8CVSS2.8AI score0.00587EPSS
Exploits2
FreeBSD
FreeBSD
•added 2019/06/20 12:0 a.m.•41 views

PostgreSQL -- Stack-based buffer overflow via setting a password

The PostgreSQL project reports: An authenticated user could create a stack-based buffer overflow by changing their own password to a purpose-crafted value. In addition to the ability to crash the PostgreSQL server, this could be further exploited to execute arbitrary code as the PostgreSQL...

9CVSS2.4AI score0.03711EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/03/18 12:0 a.m.•41 views

PowerDNS -- Insufficient validation in the HTTP remote backend

PowerDNS developers report: An issue has been found in PowerDNS Authoritative Server when the HTTP remote backend is used in RESTful mode without post=1 set, allowing a remote user to cause the HTTP backend to connect to an attacker-specified host instead of the configured one, via a crafted DNS...

8.8CVSS3.4AI score0.1286EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2019/03/13 12:0 a.m.•41 views

Rails -- Action View vulnerabilities

Ruby on Rails blog: Rails 4.2.11.1, 5.0.7.2, 5.1.6.2, 5.2.2.1, and 6.0.0.beta3 have been released! These contain the following important security fixes. It is recommended that users upgrade as soon as possible: CVE-2019-5418 File Content Disclosure in Action View CVE-2019-5419 Denial of Service...

7.8CVSS4.6AI score0.98507EPSS
Exploits19References1
FreeBSD
FreeBSD
•added 2018/06/27 12:0 a.m.•41 views

py-yaml -- arbitrary code execution

pyyaml reports: the PyYAML.load function could be easily exploited to call any Python function. That means it could call any system command using os.system...

9.8CVSS3.1AI score0.06031EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2018/06/13 12:0 a.m.•41 views

botan2 -- ECDSA side channel

botan2 developers report: A side channel in the ECDSA signature operation could allow a local attacker to recover the secret key. Found by Keegan Ryan of NCC Group. Bug introduced in 2.5.0, fixed in 2.7.0. The 1.10 branch is not affected...

5.9CVSS4.1AI score0.00499EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2018/06/07 12:0 a.m.•41 views

gnupg -- unsanitized output (CVE-2018-12020)

GnuPG reports: GnuPG did not sanitize input file names, which may then be output to the terminal. This could allow terminal control sequences or fake status messages to be injected into the output...

7.5CVSS1.6AI score0.08654EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2018/02/21 12:0 a.m.•41 views

drupal -- Drupal Core - Multiple Vulnerabilities

Drupal Security Team reports: CVE-2017-6926: Comment reply form allows access to restricted content CVE-2017-6927: JavaScript cross-site scripting prevention is incomplete CVE-2017-6928: Private file access bypass - Moderately Critical CVE-2017-6929: jQuery vulnerability with untrusted domains -...

8.1CVSS6.7AI score0.01644EPSS
Exploits1
FreeBSD
FreeBSD
•added 2018/01/31 12:0 a.m.•41 views

quagga -- several security issues

Quagga reports: The Quagga BGP daemon, bgpd, does not properly bounds check the data sent with a NOTIFY to a peer, if an attribute length is invalid. Arbitrary data from the bgpd process may be sent over the network to a peer and/or it may crash. The Quagga BGP daemon, bgpd, can double-free memor...

9.8CVSS7.3AI score0.74599EPSS
Exploits0References4
FreeBSD
FreeBSD
•added 2016/12/19 12:0 a.m.•41 views

ikiwiki -- multiple vulnerabilities

Mitre reports: ikiwiki 3.20161219 does not properly check if a revision changes the access permissions for a page on sites with the git and recentchanges plugins and the CGI interface enabled, which allows remote attackers to revert certain changes by leveraging permissions to change the page...

7.5CVSS7.1AI score0.02129EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2016/11/19 12:0 a.m.•41 views

tiff -- multiple vulnerabilities

libtiff project reports: Multiple flaws have been discovered in libtiff library and utilities...

9.8CVSS8.7AI score0.04767EPSS
Exploits3References1
FreeBSD
FreeBSD
•added 2016/09/29 12:0 a.m.•41 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 3 security fixes in this release, including: 642496 High CVE-2016-5177: Use after free in V8. Credit to Anonymous 651092 CVE-2016-5178: Various fixes from internal audits, fuzzing and other initiatives...

9.8CVSS2AI score0.01836EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2016/07/21 12:0 a.m.•41 views

gd -- multiple vulnerabilities

Pierre Joye reports: fix php bug 72339, Integer Overflow in gd2GetHeader CVE-2016-5766 gd: Buffer over-read issue when parsing crafted TGA file CVE-2016-6132 Integer overflow error within gdContributionsAlloc CVE-2016-6207 fix php bug 72494, invalid color index not handled, can lead to crash...

8.8CVSS2.4AI score0.07495EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2016/07/21 12:0 a.m.•41 views

perl -- local arbitrary code execution

Sawyer X reports: Perl 5.x before 5.22.3-RC2 and 5.24 before 5.24.1-RC2 do not properly remove . period characters from the end of the includes directory array, which might allow local users to gain privileges via a Trojan horse module under the current working directory...

7.8CVSS7.8AI score0.00779EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2016/07/07 12:0 a.m.•41 views

samba -- client side SMB2/3 required signing can be downgraded

Samba team reports: A man in the middle attack can disable client signing over SMB2/3, even if enforced by configuration parameters...

7.5CVSS3.8AI score0.03097EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2016/06/21 12:0 a.m.•41 views

Apache Commons FileUpload -- denial of service

Jochen Wiedmann reports: A malicious client can send file upload requests that cause the HTTP server using the Apache Commons Fileupload library to become unresponsive, preventing the server from servicing other requests...

7.8CVSS1.5AI score0.35927EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2016/06/01 12:0 a.m.•41 views

openssl -- denial of service

Mitre reports: OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service integer overflow and application crash or possibly have unspecified other impact by leveraging unexpected malloc behavior,...

9.8CVSS5.6AI score0.44505EPSS
Exploits1References3
FreeBSD
FreeBSD
•added 2016/02/08 12:0 a.m.•41 views

brotli -- buffer overflow

Google Chrome Releases reports: 583607 High CVE-2016-1624: Buffer overflow in Brotli. Credit to lukezli. Mozilla Foundation reports: Security researcher Luke Li reported a pointer underflow bug in the Brotli library's decompression that leads to a buffer overflow. This results in a potentially...

8.8CVSS2.5AI score0.01352EPSS
Exploits0References4
FreeBSD
FreeBSD
•added 2015/12/24 12:0 a.m.•41 views

tiff -- out-of-bounds read in tif_getimage.c

LMX of Qihoo 360 Codesafe Team discovered an out-of-bounds read in tifgetimage.c. An attacker could create a specially-crafted TIFF file that could cause libtiff to crash...

5.5CVSS7.3AI score0.02857EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/12/15 12:0 a.m.•41 views

qemu -- denial of service vulnerability in VMWARE VMXNET3 NIC support

Prasad J Pandit, Red Hat Product Security Team, reports: Qemu emulator built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to a memory leakage flaw. It occurs when a guest repeatedly tries to activate the vmxnet3 device. A privileged guest user could use this flaw to leak...

7.4AI score
Exploits0References4
FreeBSD
FreeBSD
•added 2015/12/08 12:0 a.m.•41 views

xen-kernel -- XENMEM_exchange error handling issues

The Xen Project reports: Error handling in the operation may involve handing back pages to the domain. This operation may fail when in parallel the domain gets torn down. So far this failure unconditionally resulted in the host being brought down due to an internal error being assumed. This is...

4.7CVSS8.4AI score0.00383EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/12/08 12:0 a.m.•41 views

qemu -- denial of service vulnerability in VNC

Prasad J Pandit, Red Hat Product Security Team, reports: Qemu emulator built with the VNC display driver support is vulnerable to an arithmetic exception flaw. It occurs on the VNC server side while processing the 'SetPixelFormat' messages from a client. A privileged remote client could use this...

6.5CVSS7.7AI score0.03115EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2015/11/30 12:0 a.m.•41 views

libraw -- index overflow in smal_decode_segment

ChenQin reports: The LibRaw raw image decoder has multiple vulnerabilities that can cause memory errors which may lead to code execution or other problems. In CVE-2015-8366, LibRaw's smaldecodesegment function does not handle indexes carefully, which can cause an index overflow...

9.8CVSS9.7AI score0.04939EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2015/10/29 12:0 a.m.•41 views

libxslt -- DoS vulnerability due to type confusing error

libxslt maintainer reports: CVE-2015-7995: http://www.openwall.com/lists/oss-security/2015/10/27/10 We need to check that the parent node is an element before dereferencing its namespace...

5CVSS8AI score0.04156EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2015/08/27 12:0 a.m.•41 views

mozilla -- multiple vulnerabilities

The Mozilla Project reports: MFSA 2015-95 Add-on notification bypass through data URLs MFSA 2015-94 Use-after-free when resizing canvas element during restyling...

9.4AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2015/07/23 12:0 a.m.•41 views

qemu -- stack buffer overflow while parsing SCSI commands

Prasad J Pandit, Red Hat Product Security Team, reports: Qemu emulator built with the SCSI device emulation support is vulnerable to a stack buffer overflow issue. It could occur while parsing SCSI command descriptor block with an invalid operation code. A privilegedCAPSYSRAWIO user inside guest...

5.5CVSS6.5AI score0.00434EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2015/06/21 12:0 a.m.•41 views

libav -- divide by zero

Agostino Sarubbo reports: libav: divide-by-zero in ffh263decodemba...

6.5CVSS6.9AI score0.01978EPSS
Exploits0References2
Total number of security vulnerabilities5000