Lucene search
K
FreebsdMost viewed

6583 matches found

FreeBSD
FreeBSD
added 2004/02/08 12:0 a.m.39 views

libxml2 stack buffer overflow in URI parsing

Yuuichi Teranishi reported a crash in libxml2's URI handling when a long URL is supplied. The implementation in nanohttp.c and nanoftp.c uses a 4K stack buffer, and longer URLs will overwrite the stack. This could result in denial-of-service or arbitrary code execution in applications using libxm...

7.5CVSS7.2AI score0.24232EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2004/02/01 12:0 a.m.39 views

Courier mail services: remotely exploitable buffer overflows

The Courier set of mail services use a common Unicode library. This library contains buffer overflows in the converters for two popular Japanese character encodings. These overflows may be remotely exploitable, triggered by a maliciously formatted email message that is later processed by one of t...

7.5CVSS6.7AI score0.03257EPSS
Exploits0References5
FreeBSD
FreeBSD
added 2003/11/28 12:0 a.m.39 views

mod_python denial-of-service vulnerability in parse_qs

An attacker may cause Apache with modpython to crash by using a specially constructed query string...

5CVSS6.3AI score0.05497EPSS
Exploits0References2
FreeBSD
FreeBSD
added 1999/07/29 12:0 a.m.39 views

squid -- possible abuse of cachemgr.cgi

The squid patches page notes: This patch adds access controls to the cachemgr.cgi script, preventing it from being abused to reach other servers than allowed in a local configuration file...

7.5CVSS6.2AI score0.116EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2024/07/02 12:0 a.m.38 views

go -- net/http: denial of service due to improper 100-continue handling

The Go project reports: net/http: denial of service due to improper 100-continue handling The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational 200 or higher status. This mishandling could leave a clien...

7.5CVSS6.9AI score0.01414EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2024/04/24 12:0 a.m.38 views

Gitlab -- vulnerabilities

Gitlab reports: GitLab account takeover, under certain conditions, when using Bitbucket as an OAuth provider Path Traversal leads to DoS and Restricted File Read Unauthenticated ReDoS in FileFinder when using wildcard filters in project file search Personal Access Token scopes not honoured by...

8.8CVSS7.2AI score0.25965EPSS
Exploits2References1
FreeBSD
FreeBSD
added 2024/01/08 12:0 a.m.38 views

qt6-webengine -- Multiple vulnerabilities

Qt qtwebengine-chromium repo reports: Backports for 15 security bugs in Chromium: 1505053 High CVE-2023-6345: Integer overflow in Skia 1500856 High CVE-2023-6346: Use after free in WebAudio 1494461 High CVE-2023-6347: Use after free in Mojo 1501326 High CVE-2023-6702: Type Confusion in V8 1502102...

9.6CVSS10AI score0.43238EPSS
Exploits4References1
FreeBSD
FreeBSD
added 2023/11/13 12:0 a.m.38 views

MariaDB -- Denial-of-Service vulnerability

The MariaDB project reports: Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash complete...

4.9CVSS6.4AI score0.01782EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2023/11/08 12:0 a.m.38 views

FreeBSD -- libc stdio buffer overflow

Problem Description: For line-buffered streams the sflush function did not correctly update the FILE object's write space member when the write2 system call returns an error. Impact: Depending on the nature of an application that calls libc's stdio functions and the presence of errors returned fr...

9.8CVSS7.8AI score0.01073EPSS
Exploits0
FreeBSD
FreeBSD
added 2023/07/19 12:0 a.m.38 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This update includes 20 security fixes: 1454086 High CVE-2023-3727: Use after free in WebRTC. Reported by Cassidy Kim@cassidy6564 on 2023-06-12 1457421 High CVE-2023-3728: Use after free in WebRTC. Reported by Zhenghang Xiao @Kipreyyy on 2023-06-23 1453465 High...

8.8CVSS6.9AI score0.01002EPSS
Exploits9References1
FreeBSD
FreeBSD
added 2023/06/22 12:0 a.m.38 views

Grafana -- Account takeover / authentication bypass

Grafana Labs reports: Grafana validates Azure Active Directory accounts based on the email claim. On Azure AD, the profile email field is not unique across Azure AD tenants. This can enable a Grafana account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant...

9.8CVSS7.3AI score0.04094EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2023/06/14 12:0 a.m.38 views

electron23 -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2023-2724. Security: backported fix for CVE-2023-2725. Security: backported fix for CVE-2023-2721. Security: backported fix for CVE-2023-3079. Security: backported fix for CVE-2023-2933...

8.8CVSS7AI score0.32724EPSS
Exploits5References11
FreeBSD
FreeBSD
added 2023/06/14 12:0 a.m.38 views

electron22 -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2023-2724. Security: backported fix for CVE-2023-2723. Security: backported fix for CVE-2023-2725. Security: backported fix for CVE-2023-2721. Security: backported fix for CVE-2023-3079...

8.8CVSS7AI score0.32724EPSS
Exploits5References11
FreeBSD
FreeBSD
added 2023/05/30 12:0 a.m.38 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This update includes 16 security fixes: 1410191 High CVE-2023-2929: Out of bounds write in Swiftshader. Reported by Jaehun Jeong@n3sk of Theori on 2023-01-25 1443401 High CVE-2023-2930: Use after free in Extensions. Reported by asnine on 2023-05-08 1444238 High...

8.8CVSS7.5AI score0.23855EPSS
Exploits2References1
FreeBSD
FreeBSD
added 2023/04/20 12:0 a.m.38 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This update includes 8 security fixes: 1429197 High CVE-2023-2133: Out of bounds memory access in Service Worker API. Reported by Rong Jian of VRI on 2023-03-30 1429201 High CVE-2023-2134: Out of bounds memory access in Service Worker API. Reported by Rong Jian of VRI on...

9.6CVSS9.4AI score0.05786EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2023/01/01 12:0 a.m.38 views

Grafana -- Stored XSS in text panel plugin

Grafana Labs reports: During an internal audit of Grafana on January 1, a member of the security team found a stored XSS vulnerability affecting the core text plugin. The stored XSS vulnerability requires several user interactions in order to be fully exploited. The vulnerability was possible due...

6.4CVSS5.3AI score0.01562EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2022/12/01 12:0 a.m.38 views

xrdp -- multiple vulnerabilities

xrdp project reports: This update is recommended for all xrdp users and provides following important security fixes: CVE-2022-23468 CVE-2022-23477 CVE-2022-23478 CVE-2022-23479 CVE-2022-23480 CVE-2022-23481 CVE-2022-23483 CVE-2022-23482 CVE-2022-23484 CVE-2022-23493 These security issues are...

9.8CVSS3.2AI score0.00892EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2022/07/21 12:0 a.m.38 views

Grafana -- Unauthorized file disclosure

Grafana Labs reports: On July 21, an internal security review identified an unauthorized file disclosure vulnerability in the Grafana Image Renderer plugin when HTTP remote rendering is used. The Chromium browser embedded in the Grafana Image Renderer allows for “printing” of unauthorized files i...

8.3CVSS1.1AI score0.00903EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2022/02/09 12:0 a.m.38 views

jenkins -- DoS vulnerability in bundled XStream library

Jenkins Security Advisory: Description Medium SECURITY-2602 / CVE-2021-43859 upstream issue, CVE-2022-0538 Jenkins-specific converters DoS vulnerability in bundled XStream library...

7.5CVSS2.4AI score0.07934EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2021/05/10 12:0 a.m.38 views

RabbitMQ -- Denial of Service via improper input validation

Jonathon Knudsen of Synopsys Cybersecurity Research Center reports: All versions prior to 3.8.16 are prone to a denial of service vulnerability due to improper input validation in AMQP 1.0 client connection endpoint. A malicious client can exploit the vulnerability by sending malicious AMQP...

7.5CVSS4.2AI score0.01387EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2021/05/05 12:0 a.m.38 views

asterisk -- pjproject/pjsip: crash when SSL socket destroyed during handshake

The Asterisk project reports: Depending on the timing, it's possible for Asterisk to crash when using a TLS connection if the underlying socket parent/listener gets destroyed during the handshake...

5.9CVSS1.1AI score0.02082EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2021/04/14 12:0 a.m.38 views

Gitlab -- Vulnerabilities

GitLab Team reports: Remote code execution when uploading specially crafted image files Update Rexml...

7.5CVSS7.1AI score0.05061EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2021/04/13 12:0 a.m.38 views

asterisk -- Remote crash when using IAX2 channel driver

The Asterisk project reports: If the IAX2 channel driver receives a packet that contains an unsupported media format it can cause a crash to occur in Asterisk...

7.5CVSS2.7AI score0.0911EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2021/03/24 12:0 a.m.38 views

tomcat -- Remote Denial of Service in multiple versions

rbeaudry reports: A vulnerability in Apache Tomcat allows an attacker to remotely trigger a denial of service. An error introduced as part of a change to improve error handling during non-blocking I/O meant that the error flag associated with the Request object was not reset between requests. Thi...

7.5CVSS2.7AI score0.06889EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2021/03/17 12:0 a.m.38 views

py-pygments -- multiple DoS vulnerabilities

Red Hat reports: An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML SML source file, as demonstrated by input that only contains the "exception" keyword. Ben Caller reports: In pygments 1.1+, fixed in...

6.7AI score
Exploits0References4
FreeBSD
FreeBSD
added 2020/10/13 12:0 a.m.38 views

Flash Player -- arbitrary code execution

Adobe reports: This update resolves a NULL pointer dereference vulnerability that could lead to arbitrary code execution CVE-2020-9746...

9.3CVSS3.3AI score0.04244EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2020/09/23 12:0 a.m.38 views

dovecot-pigeonhole -- Sieve excessive resource usage

Dovecot team reports reports: Sieve interpreter is not protected against abusive scripts that claim excessive resource usage. Fixed by limiting the user CPU time per single script execution and cumulatively over several script runs within a configurable timeout period. Sufficiently large CPU time...

4.3CVSS1.2AI score0.01968EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2020/09/21 12:0 a.m.38 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This release fixes 10 security issues, including: 1100136 High CVE-2020-15960: Out of bounds read in storage. Reported by Anonymous on 2020-06-28 1114636 High CVE-2020-15961: Insufficient policy enforcement in extensions. Reported by David Erceg on 2020-08-10 1121836 High...

9.6CVSS1.7AI score0.02948EPSS
Exploits6References1
FreeBSD
FreeBSD
added 2020/08/05 12:0 a.m.38 views

Gitlab -- Multiple Vulnerabilities

Gitlab reports: Arbitrary File Read when Moving an Issue Memory Exhaustion via Excessive Logging of Invite Email Error Denial of Service Through Project Import Feature User Controlled Git Configuration Settings Resulting in SSRF Stored XSS in Issue Reference Number Tooltip Stored XSS in Issues Li...

9.8CVSS1.2AI score0.0456EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2020/06/28 12:0 a.m.38 views

kramdown -- template option vulnerability

kramdown news: CVE-2020-14001 is addressed to avoid problems when using the ::options / extension together with the 'template' option...

9.8CVSS2.5AI score0.0456EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2020/06/02 12:0 a.m.38 views

nghttp2 -- DoS vulnerability

nghttp2 security advisories: The overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes 2400 individual settings entries over and over again. The attack causes the CPU...

7.5CVSS2.5AI score0.05316EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2020/05/18 12:0 a.m.38 views

Rails -- multiple vulnerabilities

Ruby on Rails blog: Hi everyone! Rails 5.2.4.3 and 6.0.3.1 have been released! These releases contain important security fixes, so please upgrade when you can. Both releases contain the following fixes: CVE-2020-8162: Circumvention of file size limits in ActiveStorage CVE-2020-8164: Possible Stro...

9.8CVSS1.2AI score0.45732EPSS
Exploits9References6
FreeBSD
FreeBSD
added 2020/05/17 12:0 a.m.38 views

Sane -- Multiple Vulnerabilities

The Sane Project reports: epson2: fixes CVE-2020-12867 GHSL-2020-075 and several memory management issues found while addressing that CVE epsonds: addresses out-of-bound memory access issues to fix CVE-2020-12862 GHSL-2020-082 and CVE-2020-12863 GHSL-2020-083, addresses a buffer overflow fixing...

8.8CVSS2.7AI score0.03044EPSS
Exploits7References1
FreeBSD
FreeBSD
added 2020/05/15 12:0 a.m.38 views

Ansible -- Insecure Temporary File

NVD reports: An incomplete fix was found for the fix of the flaw CVE-2020-1733 ansible: insecure temporary directory when running becomeuser from become directive. The provided fix is insufficient to prevent the race condition on systems using ACLs and FUSE filesystems...

5CVSS2.4AI score0.004EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2020/04/10 12:0 a.m.38 views

FreeRDP -- multiple vulnerabilities

The FreeRDP changelog reports 14 CVEs addressed after 2.0.0-rc4...

8CVSS1.3AI score0.02653EPSS
Exploits6References1
FreeBSD
FreeBSD
added 2020/02/03 12:0 a.m.38 views

Django -- potential SQL injection vulnerability

MITRE CVE reports: Django 1.11 before 1.11.28, 2.2 before 2.2.10, and 3.0 before 3.0.3 allows SQL Injection if untrusted data is used as a StringAgg delimiter e.g., in Django applications that offer downloads of data as a series of rows with a user-specified column delimiter. By passing a suitabl...

9.8CVSS2.8AI score0.65336EPSS
Exploits9References4
FreeBSD
FreeBSD
added 2019/09/30 12:0 a.m.38 views

Gitlab -- Multiple Vulnerabilities

The GitLab Team reports: XSS in Markdown Preview Using Mermaid Bypass Email Verification using Salesforce Authentication Account Takeover using SAML Uncontrolled Resource Consumption in Markdown using Mermaid Disclosure of Private Project Path and Labels Disclosure of Assignees via Milestones...

5.5CVSS7.2AI score0.00729EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2019/08/01 12:0 a.m.38 views

Django -- multiple vulnerabilities

Django release notes: CVE-2019-14232: Denial-of-service possibility in django.utils.text.Truncator If django.utils.text.Truncator's chars and words methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a...

9.8CVSS0.6AI score0.47694EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2019/07/03 12:0 a.m.38 views

oniguruma -- multiple vulnerabilities

A use-after-free in onignewdeluxe in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte...

9.8CVSS4.9AI score0.04047EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2019/04/13 12:0 a.m.38 views

Dovecot -- improper input validation

Aki Tuomi reports: Vulnerability Details: IMAP and ManageSieve protocol parsers do not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes. Risk: This vulnerability allows for out-of-bounds writes to objects stored on the heap up to 8096 byte...

9.8CVSS2.8AI score0.62579EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2019/02/12 12:0 a.m.38 views

TightVNC -- Muliple Vulnerabilities

MITRE reports: TightVNC code version 1.3.10 contains global buffer overflow in HandleCoRREBBP macro function, which can potentially result code execution. This attack appear to be exploitable via network connectivity. TightVNC code version 1.3.10 contains global buffer overflow in HandleCoRREBBP...

9.8CVSS5.1AI score0.19461EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2019/02/05 12:0 a.m.38 views

dovecot -- Buffer overflow reading extension header

Aki Tuomi reports: Vulnerability Details: When reading FTS or POP3-UIDL header from dovecot index, the input buffer size is not bound, and data is copied to target structure causing stack overflow. Risk: This can be used for local root privilege escalation or executing arbitrary code in dovecot...

8.8CVSS1.7AI score0.01178EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2018/08/09 12:0 a.m.38 views

PostgreSQL -- two vulnerabilities

The PostgreSQL project reports: CVE-2018-10915: Certain host connection parameters defeat client-side security defenses libpq, the client connection API for PostgreSQL that is also used by other connection libraries, had an internal issue where it did not reset all of its connection state variabl...

8.5CVSS2.1AI score0.05154EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2018/06/06 12:0 a.m.38 views

vlc -- Use after free vulnerability

Mitre reports: VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions...

8CVSS4.2AI score0.40612EPSS
Exploits10References5
FreeBSD
FreeBSD
added 2018/02/21 12:0 a.m.38 views

asterisk -- multiple vulnerabilities

The Asterisk project reports: AST-2018-004 - When processing a SUBSCRIBE request the respjsippubsub module stores the accepted formats present in the Accept headers of the request. This code did not limit the number of headers it processed despite having a fixed limit of 32. If more than 32 Accep...

7.5CVSS6.9AI score0.58284EPSS
Exploits5References2
FreeBSD
FreeBSD
added 2018/01/24 12:0 a.m.38 views

cURL -- Multiple vulnerabilities

The cURL project reports: libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HT...

9.8CVSS8.2AI score0.08031EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2017/12/12 12:0 a.m.38 views

The Bouncy Castle Crypto APIs: CVE-2017-13098 ("ROBOT")

The Legion of the Bouncy Castle reports: Release: 1.59 CVE-2017-13098 "ROBOT", a Bleichenbacher oracle in TLS when RSA key exchange is negotiated. This potentially affected BCJSSE servers and any other TLS servers configured to use JCE for the underlying crypto - note the two TLS implementations...

7.5CVSS6.8AI score0.24282EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2017/11/02 12:0 a.m.38 views

OpenSSL -- Multiple vulnerabilities

The OpenSSL project reports: bnsqrx8xinternal carry bug on x8664 CVE-2017-3736 Severity: Moderate There is a carry propagating bug in the x8664 Montgomery squaring procedure. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very...

6.5CVSS6.9AI score0.17699EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2017/09/12 12:0 a.m.38 views

Flash Player -- multiple vulnerabilities

Adobe reports: These updates resolve memory corruption vulnerabilities that could lead to remote code execution CVE-2017-11281, CVE-2017-11282...

9.8CVSS9.9AI score0.34848EPSS
Exploits8References1
FreeBSD
FreeBSD
added 2017/06/15 12:0 a.m.38 views

chromium -- multiple vulnerabilities

Google Chrome releases reports: 5 security fixes in this release, including: 725032 High CVE-2017-5087: Sandbox Escape in IndexedDB. Reported by Ned Williamson on 2017-05-22 729991 High CVE-2017-5088: Out of bounds read in V8. Reported by Xiling Gong of Tencent Security Platform Department on...

8.8CVSS7.6AI score0.03151EPSS
Exploits0References1
Total number of security vulnerabilities5000