Lucene search
K
FreebsdMost viewed

6583 matches found

FreeBSD
FreeBSD
•added 2021/03/31 12:0 a.m.•40 views

curl -- Automatic referer leaks credentials

Daniel Stenberg reports: libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request. libcurl...

5.3CVSS6.3AI score0.05301EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2021/03/24 12:0 a.m.•40 views

spamassassin -- Malicious rule configuration (.cf) files can be configured to run system commands

The Apache SpamAssassin project reports: Apache SpamAssassin 3.4.5 was recently released 1, and fixes an issue of security note where malicious rule configuration .cf files can be configured to run system commands. In Apache SpamAssassin before 3.4.5, exploits can be injected in a number of...

10CVSS1.2AI score0.06132EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2021/03/12 12:0 a.m.•40 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This release includes 5 security fixes, including: 1167357 High CVE-2021-21191: Use after free in WebRTC. Reported by raven @raidakame on 2021-01-15 1181387 High CVE-2021-21192: Heap buffer overflow in tab groups. Reported by Abdulrahman Alqabandi, Microsoft Browser...

8.8CVSS1.3AI score0.0987EPSS
Exploits3References1
FreeBSD
FreeBSD
•added 2020/08/25 12:0 a.m.•40 views

libX11 -- Doublefree in locale handlng code

The X.org project reports: There is an integer overflow and a double free vulnerability in the way LibX11 handles locales. The integer overflow is a necessary precursor to the double free...

7.8CVSS2.9AI score0.00575EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2020/07/14 12:0 a.m.•40 views

VirtualBox -- Multiple vulnerabilities

Oracle reports: Vulnerabilities in VirtualBox core can allow users with logon access to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of these vulnerabilities can result in unauthorized access to critical data, access to all Oracle V...

8.2CVSS2.1AI score0.00565EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/05/27 12:0 a.m.•40 views

Gitlab -- Multiple Vulnerabilities

Gitlab reports: User Email Verification Bypass OAuth Flow Missing Email Verification Checks Notification Email Verification Bypass Undisclosed Vulnerability on a Third-Party Rendering Engine Group Sign-Up Restriction Bypass Mirror Project Owner Impersonation Missing Permission Check on Fork...

2AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2020/04/30 12:0 a.m.•40 views

salt -- multiple vulnerabilities in salt-master process

F-Secure reports: CVE-2020-11651 - Authentication bypass vulnerabilities The ClearFuncs class processes unauthenticated requests and unintentionally exposes the sendpub method, which can be used to queue messages directly on the master publish server. Such messages can be used to trigger minions ...

9.8CVSS2.2AI score0.96405EPSS
Exploits25References6
FreeBSD
FreeBSD
•added 2020/04/28 12:0 a.m.•40 views

nested filters leads to stack overflow

Howard Chu reports: nested filters leads to stack overflow...

7.5CVSS3.4AI score0.04423EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2020/04/20 12:0 a.m.•40 views

mailman -- arbitrary content injection vulnerability via options or private archive login pages

Mark Sapiro reports: A content injection vulnerability via the options login page has been discovered and reported by Vishal Singh. An issue similar to CVE-2018-13796 exists at different endpoint & param. It can lead to a phishing attack. added 2020-05-07 This is essentially the same as...

6.5CVSS6.6AI score0.02541EPSS
Exploits0References4
FreeBSD
FreeBSD
•added 2020/02/12 12:0 a.m.•40 views

ansible - win_unzip path normalization

Borja Tarraso reports: A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the winunzip module as the extracted files are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by...

7.8CVSS4.1AI score0.00362EPSS
Exploits0References5
FreeBSD
FreeBSD
•added 2020/01/28 12:0 a.m.•40 views

OpenSMTPd -- critical LPE / RCE vulnerability

OpenSMTPD developers report: An incorrect check allows an attacker to trick mbox delivery into executing arbitrary commands as root and lmtp delivery into executing arbitrary commands as an unprivileged user...

10CVSS7AI score0.98946EPSS
Exploits27References1
FreeBSD
FreeBSD
•added 2020/01/21 12:0 a.m.•40 views

libxml -- multiple vulnerabilities

CVE mitre reports: CVE-2019-20388 xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak. CVE-2020-7595 xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation. CVE-2020-24977 GNOME project libxml2...

7.5CVSS2.7AI score0.07836EPSS
Exploits1References3
FreeBSD
FreeBSD
•added 2019/11/19 12:0 a.m.•40 views

unbound -- parsing vulnerability

Unbound Security Advisories: Recent versions of Unbound contain a vulnerability that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with --enable-ipsecmod support, and ipsecmod is enabled and used in the...

7.3CVSS4.8AI score0.03212EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2019/09/01 12:0 a.m.•40 views

samba -- combination of parameters and permissions can allow user to escape from the share path definition

The samba project reports: On a Samba SMB server for all versions of Samba from 4.9.0 clients are able to escape outside the share root directory if certain configuration parameters set in the smb.conf file...

9.1CVSS3.4AI score0.03182EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/04/17 12:0 a.m.•40 views

drupal -- Drupal core - Moderately critical

Drupal Security Team reports: CVE-2019-10909: Escape validation messages in the PHP templating engine. CVE-2019-10910: Check service IDs are valid. CVE-2019-10911: Add a separator in the remember me cookie hash. jQuery 3.4.0 includes a fix for some unintended behavior when using jQuery.extendtrue...

9.8CVSS1.2AI score0.0595EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2019/01/28 12:0 a.m.•40 views

turnserver -- multiple vulnerabilities

Mihály Mészáros reports: We made 4.5.1.0 release public today that fixes many vulnerabilities. It fix the following vulnerabilities: CVE-2018-4056 CVE-2018-4058 CVE-2018-4059 They will be exposed very soon...

10CVSS1.5AI score0.02955EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2019/01/24 12:0 a.m.•40 views

asterisk -- Remote crash vulnerability with SDP protocol violation

The Asterisk project reports: When Asterisk makes an outgoing call, a very specific SDP protocol violation by the remote party can cause Asterisk to crash...

6.5CVSS2.8AI score0.03811EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/05/29 12:0 a.m.•40 views

Libgit2 -- Fixing insufficient validation of submodule names

The Git community reports: Insufficient validation of submodule names...

7.8CVSS2.3AI score0.49188EPSS
Exploits10References1
FreeBSD
FreeBSD
•added 2018/02/21 12:0 a.m.•40 views

phpMyAdmin -- self XSS in central columns feature

The phpMyAdmin team reports: Summary Self XSS in central columns feature Description A self-cross site scripting XSS vulnerability has been reported relating to the central columns feature. Severity We consider this vulnerability to be of moderate severity. Mitigation factor A valid token must be...

5.4CVSS5.5AI score0.01618EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2017/10/04 12:0 a.m.•40 views

xorg-server -- multiple vulnerabilities

Alan Coopersmith reports: X.Org thanks Michal Srb of SuSE for finding these issues and bringing them to our attention, Julien Cristau of Debian for getting the fixes integrated, and Adam Jackson of Red Hat for publishing the release...

6.6AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2017/08/10 12:0 a.m.•40 views

Mercurial -- multiple vulnerabilities

Mercurial Release Notes: CVE-2017-1000115 Mercurial's symlink auditing was incomplete prior to 4.3, and could be abused to write to files outside the repository. CVE-2017-1000116 Mercurial was not sanitizing hostnames passed to ssh, allowing shell injection attacks on clients by specifying a...

10CVSS9.2AI score0.05734EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2017/05/10 12:0 a.m.•40 views

kauth: Local privilege escalation

Albert Astals Cid reports: KAuth contains a logic flaw in which the service invoking dbus is not properly checked. This allows spoofing the identity of the caller and with some carefully crafted calls can lead to gaining root from an unprivileged account...

7.8CVSS4.4AI score0.01805EPSS
Exploits3References2
FreeBSD
FreeBSD
•added 2017/05/09 12:0 a.m.•40 views

ansible -- Input validation flaw in jinja2 templating system

RedHat security team reports: An input validation flaw was found in Ansible, where it fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup calls, they could inject Unicode strings to be parsed by the jinja2 templating system, result in code...

9.8CVSS3.3AI score0.04804EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2017/04/03 12:0 a.m.•40 views

cURL -- potential memory disclosure

The cURL project reports: There were two bugs in curl's parser for the command line option --write-out or -w for short that would skip the end of string zero byte if the string ended in a % percent or \ backslash, and it would read beyond that buffer in the heap memory and it could then potential...

2.4CVSS0.5AI score0.00581EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/01/12 12:0 a.m.•40 views

OpenEXR -- multiple remote code execution and denial of service vulnerabilities

Brandon Perry reports: There is a zip file of EXR images that cause segmentation faults in the OpenEXR library tested against 2.2.0. CVE-2017-9110 In OpenEXR 2.2.0, an invalid read of size 2 in the hufDecode function in ImfHuf.cpp could cause the application to crash. CVE-2017-9111 In OpenEXR...

8.8CVSS1.5AI score0.0331EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2016/12/21 12:0 a.m.•40 views

xen-kernel -- x86 PV guests may be able to mask interrupts

The Xen Project reports: Certain PV guest kernel operations page table writes in particular need emulation, and use Xen's general x86 instruction emulator. This allows a malicious guest kernel which asynchronously modifies its instruction stream to effect the clearing of EFLAGS.IF from the state...

6CVSS6.6AI score0.0043EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2016/12/15 12:0 a.m.•40 views

exim -- DKIM private key leak

The Exim project reports: Exim leaks the private DKIM signing key to the log files. Additionally, if the build option EXPERIMENTALDSNINFO=yes is used, the key material is included in the bounce message...

5.9CVSS1.7AI score0.03098EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2016/11/29 12:0 a.m.•40 views

subversion -- Unrestricted XML entity expansion in mod_dontdothat and Subversionclients using http(s)

The Apache Software Foundation reports: The moddontdothat module of subversion and subversion clients using https:// are vulnerable to a denial-of-service attack, caused by exponential XML entity expansion. The attack targets XML parsers causing targeted process to consume excessive amounts of...

6.5CVSS1.8AI score0.0638EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2016/11/22 12:0 a.m.•40 views

xen-kernel -- guest 32-bit ELF symbol table load leaking host data

The Xen Project reports: Along with their main kernel binary, unprivileged guests may arrange to have their Xen environment load kernel symbol tables for their use. The ELF image metadata created for this purpose has a few unused bytes when the symbol table binary is in 32-bit ELF format. These...

6.5CVSS0.4AI score0.00386EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2016/10/12 12:0 a.m.•40 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 21 security fixes in this release, including: 645211 High CVE-2016-5181: Universal XSS in Blink. Credit to Anonymous 638615 High CVE-2016-5182: Heap overflow in Blink. Credit to Giwan Go of STEALIEN 645122 High CVE-2016-5183: Use after free in PDFium. Credit to...

10CVSS0.2AI score0.01978EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2016/07/20 12:0 a.m.•40 views

MySQL -- Multiple vulnerabilities

Oracle reports: The quarterly Critical Patch Update contains 22 new security fixes for Oracle MySQL 5.5.49, 5.6.30, 5.7.13 and earlier...

8.1CVSS2.1AI score0.3965EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2016/06/27 12:0 a.m.•40 views

libreoffice -- use-after-free vulnerability

Talos reports: An exploitable Use After Free vulnerability exists in the RTF parser LibreOffice. A specially crafted file can cause a use after free resulting in a possible arbitrary code execution. To exploit the vulnerability a malicious file needs to be opened by the user via vulnerable...

7.8CVSS5.3AI score0.02819EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2016/06/09 12:0 a.m.•40 views

expat2 -- denial of service

Adam Maris reports: It was found that original patch for issues CVE-2015-1283 and CVE-2015-2716 used overflow checks that could be optimized out by some compilers applying certain optimization settings, which can cause the vulnerability to remain even after applying the patch...

8.5AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2016/05/09 12:0 a.m.•40 views

xercesi-c3 -- multiple vulnerabilities

Apache reports: The Xerces-C XML parser fails to successfully parse a DTD that is deeply nested, and this causes a stack overflow, which makes a denial of service attack against many applications possible by an unauthenticated attacker. Also, CVE-2016-2099: Use-after-free vulnerability in...

10CVSS6.7AI score0.14138EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2016/04/28 12:0 a.m.•40 views

php -- multiple vulnerabilities

The PHP Group reports: BCMath: Fixed bug 72093 bcpowmod accepts negative scale and corrupts one definition. Exif: Fixed bug 72094 Out of bounds heap read access in exif header processing. GD: Fixed bug 71912 libgd: signedness vulnerability. CVE-2016-3074 Intl: Fixed bug 72061 Out-of-bounds reads ...

9.8CVSS0.6AI score0.36974EPSS
Exploits8References3
FreeBSD
FreeBSD
•added 2016/04/26 12:0 a.m.•40 views

mozilla -- multiple vulnerabilities

Mozilla Foundation reports: MFSA 2016-39 Miscellaneous memory safety hazards rv:46.0 / rv:45.1 / rv:38.8 MFSA 2016-42 Use-after-free and buffer overflow in Service Workers MFSA 2016-44 Buffer overflow in libstagefright with CENC offsets MFSA 2016-45 CSP not applied to pages sent with...

10CVSS2.1AI score0.04841EPSS
Exploits0References7
FreeBSD
FreeBSD
•added 2016/04/13 12:0 a.m.•40 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 20 security fixes in this release, including: 590275 High CVE-2016-1652: Universal XSS in extension bindings. Credit to anonymous. 589792 High CVE-2016-1653: Out-of-bounds write in V8. Credit to Choongwoo Han. 591785 Medium CVE-2016-1651: Out-of-bounds read in Pdfi...

10CVSS1.6AI score0.02573EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2016/02/26 12:0 a.m.•40 views

exim -- local privillege escalation

The Exim development team reports: All installations having Exim set-uid root and using 'perlstartup' are vulnerable to a local privilege escalation. Any user who can start an instance of Exim and this is normally any user can gain root privileges. If you do not use 'perlstartup' you should be sa...

7CVSS3.1AI score0.05901EPSS
Exploits13References1
FreeBSD
FreeBSD
•added 2016/02/23 12:0 a.m.•40 views

upnp -- multiple vulnerabilities

Matthew Garett reports: Reported this to upstream 8 months ago without response, so: libupnp's default behaviour allows anyone to write to your filesystem. Seriously. Find a device running a libupnp based server Shodan says there's rather a lot, and POST a file to /testfile. Then GET /testfile...

0.7AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2016/01/08 12:0 a.m.•40 views

prosody -- multiple vulnerabilities

The Prosody Team reports: Fix path traversal vulnerability in modhttpfiles CVE-2016-1231 Fix use of weak PRNG in generation of dialback secrets CVE-2016-1232...

7.5CVSS6.4AI score0.02867EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/12/24 12:0 a.m.•40 views

tiff -- out-of-bounds read in tif_getimage.c

LMX of Qihoo 360 Codesafe Team discovered an out-of-bounds read in tifgetimage.c. An attacker could create a specially-crafted TIFF file that could cause libtiff to crash...

5.5CVSS7.3AI score0.02857EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/12/22 12:0 a.m.•40 views

NSS -- MD5 downgrade in TLS 1.2 signatures

The Mozilla Project reports: Security researcher Karthikeyan Bhargavan reported an issue in Network Security Services NSS where MD5 signatures in the server signature within the TLS 1.2 ServerKeyExchange message are still accepted. This is an issue since NSS has officially disallowed the acceptin...

5.9CVSS6.9AI score0.0288EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2015/12/22 12:0 a.m.•40 views

Bugzilla security issues

Bugzilla Security Advisory During the generation of a dependency graph, the code for the HTML image map is generated locally if a local dot installation is used. With escaped HTML characters in a bug summary, it is possible to inject unfiltered HTML code in the map file which the CreateImagemap...

4.7CVSS5.9AI score0.01906EPSS
Exploits2References2
FreeBSD
FreeBSD
•added 2015/12/18 12:0 a.m.•40 views

mediawiki -- multiple vulnerabilities

MediaWiki reports: T117899 SECURITY: $wgArticlePath can no longer be set to relative paths that do not begin with a slash. This enabled trivial XSS attacks. Configuration values such as "http://my.wiki.com/wiki/$1" are fine, as are "/wiki/$1". A value such as "$1" or "wiki/$1" is not and will now...

9.8CVSS7AI score0.01888EPSS
Exploits0References8
FreeBSD
FreeBSD
•added 2015/12/15 12:0 a.m.•40 views

mozilla -- multiple vulnerabilities

The Mozilla Project reports: MFSA 2015-134 Miscellaneous memory safety hazards rv:43.0 / rv:38.5 MFSA 2015-135 Crash with JavaScript variable assignment with unboxed objects MFSA 2015-136 Same-origin policy violation using perfomance.getEntries and history navigation MFSA 2015-137 Firefox allows...

10CVSS9.1AI score0.06058EPSS
Exploits1References16
FreeBSD
FreeBSD
•added 2015/10/20 12:0 a.m.•40 views

java -- multiple vulnerabilities

Oracle reports: This Critical Patch Update contains 25 new security fixes for Oracle Java SE. 24 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password...

10CVSS6.7AI score0.13354EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/10/16 12:0 a.m.•40 views

flash -- remote code execution

Adobe reports: These updates resolve type confusion vulnerabilities that could lead to code execution CVE-2015-7645, CVE-2015-7647, CVE-2015-7648...

10CVSS9AI score0.68396EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/07/16 12:0 a.m.•40 views

elasticsearch -- directory traversal attack via snapshot API

Elastic reports: Vulnerability Summary: Elasticsearch versions from 1.0.0 to 1.6.0 are vulnerable to a directory traversal attack. Remediation Summary: Users should upgrade to 1.6.1 or later, or constrain access to the snapshot API to trusted sources...

5CVSS9.1AI score0.9175EPSS
Exploits7References1
FreeBSD
FreeBSD
•added 2015/07/07 12:0 a.m.•40 views

Adobe Flash Player -- critical vulnerabilities

Adobe reports: Adobe has released security updates for Adobe Flash Player. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system. Adobe is aware of a report that an exploit targeting CVE-2015-5119 has been publicly published...

10CVSS6.6AI score0.99344EPSS
Exploits6References1
FreeBSD
FreeBSD
•added 2015/06/05 12:0 a.m.•40 views

rubygem-paperclip -- validation bypass vulnerability

Jon Yurek reports: Thanks to MORI Shingo of DeNA Co., Ltd. for reporting this. There is an issue where if an HTML file is uploaded with a .html extension, but the content type is listed as being image/jpeg, this will bypass a validation checking for images. But it will also pass the spoof check,...

4.3CVSS9.1AI score0.02121EPSS
Exploits1References3
Total number of security vulnerabilities5000