Lucene search
K
FreebsdMost viewed

6578 matches found

FreeBSD
FreeBSD
added 2020/08/07 12:0 a.m.108 views

Apache httpd -- Multiple vulnerabilities

The Apache httpd projec reports: modhttp2: Important: Push Diary Crash on Specifically Crafted HTTP/2 Header CVE-2020-9490 A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards...

9.8CVSS0.5AI score0.90039EPSS
Exploits4References2
FreeBSD
FreeBSD
added 2024/02/06 12:0 a.m.107 views

DNSSEC validators -- denial-of-service/CPU exhaustion from KeyTrap and NSEC3 vulnerabilities

Simon Kelley reports: If DNSSEC validation is enabled, then an attacker who can force a DNS server to validate a specially crafted signed domain can use a lot of CPU in the validator. This only affects dnsmasq installations with DNSSEC enabled. Stichting NLnet Labs reports: The KeyTrap...

7.5CVSS7.1AI score0.99995EPSS
Exploits1References5
FreeBSD
FreeBSD
added 2023/08/01 12:0 a.m.107 views

FreeBSD -- Potential remote code execution via ssh-agent forwarding

Problem Description: The server may cause ssh-agent to load shared libraries other than those required for PKCS11 support. These shared libraries may have side effects that occur on load and unload dlopen and dlclose. Impact: An attacker with access to a server that accepts a forwarded ssh-agent...

9.8CVSS7.3AI score0.76768EPSS
Exploits10
FreeBSD
FreeBSD
added 2016/01/26 12:0 a.m.107 views

nginx -- multiple vulnerabilities

Maxim Dounin reports: Several problems in nginx resolver were identified, which might allow an attacker to cause worker process crash, or might have potential other impact if the "resolver" directive is used in a configuration file...

9.8CVSS7.6AI score0.81958EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2020/04/30 12:0 a.m.106 views

Gitlab -- Multiple Vulnerabilities

Gitlab reports: Path Traversal in NuGet Package Registry Workhorse Bypass Leads to File Disclosure OAuth Application Client Secrets Revealed Code Owners Approval Rules Are Not Updated for Existing Merge Requests When Source Branch Changes Code Owners Protection Not Enforced from Web UI Repository...

7.5CVSS7.2AI score0.53336EPSS
Exploits2References1
FreeBSD
FreeBSD
added 2011/05/09 12:0 a.m.106 views

Postfix -- memory corruption vulnerability

The Postfix SMTP server has a memory corruption error, when the Cyrus SASL library is used with authentication mechanisms other than PLAIN and LOGIN ANONYMOUS is not affected, but should not be used for other reasons. This memory corruption is known to result in a program crash SIGSEV...

6.8CVSS1.9AI score0.21646EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2018/08/20 12:0 a.m.105 views

grafana -- LDAP and OAuth login vulnerability

Grafana Labs reports: On the 20th of August at 1800 CEST we were contacted about a potential security issue with the “remember me” cookie Grafana sets upon login. The issue targeted users without a local Grafana password LDAP & OAuth users and enabled a potential attacker to generate a valid cook...

7.3AI score
Exploits0References1
FreeBSD
FreeBSD
added 2016/08/01 12:0 a.m.105 views

openssh -- sshd -- remote valid user discovery and PAM /bin/login attack

The OpenSSH project reports: sshd8: Mitigate timing differences in password authentication that could be used to discern valid from invalid account names when long passwords were sent and particular password hashing algorithms are in use on the server. CVE-2016-6210, reported by EddieEzra.Harari ...

7.8CVSS7.2AI score0.88944EPSS
Exploits12References1
FreeBSD
FreeBSD
added 2022/04/06 12:0 a.m.104 views

FreeBSD -- zlib compression out-of-bounds write

Problem Description: Certain inputs can cause zlib's compression routine to overwrite an internal buffer with compressed data. This issue may require the use of uncommon or non-default compression parameters. Impact: The out-of-bounds write may result in memory corruption and an application crash...

7.5CVSS2.9AI score0.51733EPSS
Exploits1
FreeBSD
FreeBSD
added 2019/03/06 12:0 a.m.104 views

OpenSSL -- ChaCha20-Poly1305 nonce vulnerability

The OpenSSL project reports: Low: ChaCha20-Poly1305 with long nonces CVE-2019-1543 ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value IV should be 96 bits 12 bytes. OpenSSL allows a variable nonce length a...

7.4CVSS1.2AI score0.05701EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2016/11/11 12:0 a.m.104 views

jenkins -- Remote code execution vulnerability in remoting module

Jenkins Security Advisory: An unauthenticated remote code execution vulnerability allowed attackers to transfer a serialized Java object to the Jenkins CLI, making Jenkins connect to an attacker-controlled LDAP server, which in turn can send a serialized payload leading to code execution, bypassi...

9.8CVSS4.5AI score0.96943EPSS
Exploits5References1
FreeBSD
FreeBSD
added 2022/04/27 12:0 a.m.102 views

redis -- Multiple vulnerabilities

Aviv Yahav reports: CVE-2022-24735 By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis can inject Lua code that will execute with the potentially higher privileges of another Redis user. CVE-2022-24736 An attacker attempting to load a specially craft...

7.8CVSS2.7AI score0.02189EPSS
Exploits2References1
FreeBSD
FreeBSD
added 2021/10/05 12:0 a.m.102 views

Apache httpd -- Multiple vulnerabilities

The Apache http server project reports: moderate: null pointer dereference in h2 fuzzing CVE-2021-41524 important: Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49 CVE-2021-41773...

9.8CVSS1.4AI score0.99992EPSS
Exploits148References1
FreeBSD
FreeBSD
added 2019/06/18 12:0 a.m.102 views

mozilla -- multiple vulnerabilities

Mozilla Foundation reports: CVE-2019-11707: Type confusion in Array.pop A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw...

8.8CVSS1.9AI score0.37951EPSS
Exploits7References1
FreeBSD
FreeBSD
added 2021/09/16 12:0 a.m.101 views

Apache httpd -- multiple vulnerabilities

The Apache project reports: moderate: Request splitting via HTTP/2 method injection and modproxy CVE-2021-33193 moderate: NULL pointer dereference in httpd core CVE-2021-34798 moderate: modproxyuwsgi out of bound read CVE-2021-36160 low: apescapequotes buffer overflow CVE-2021-39275 high: modprox...

9.8CVSS2AI score0.99999EPSS
Exploits6References1
FreeBSD
FreeBSD
added 2019/10/15 12:0 a.m.101 views

sudo -- Potential bypass of Runas user restrictions

Todd C. Miller reports: When sudo is configured to allow a user to run commands as an arbitrary user via the ALL keyword in a Runas specification, it is possible to run commands as root by specifying the user ID -1 or 4294967295. This can be used by a user with sufficient sudo privileges to run...

9CVSS3.2AI score0.63917EPSS
Exploits10References1
FreeBSD
FreeBSD
added 2014/03/28 12:0 a.m.100 views

postfixadmin -- SQL injection vulnerability

Thijs Kinkhorst reports: Postfixadmin has an SQL injection vulnerability. This vulnerability is only exploitable by authenticated users able to create new aliases...

6.5CVSS7.5AI score0.01848EPSS
Exploits2References2
FreeBSD
FreeBSD
added 2022/10/22 12:0 a.m.99 views

traefik -- Use of vulnerable Go module x/net/http2

The Go project reports: A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, whi...

7.5CVSS0.4AI score0.01814EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2021/11/02 12:0 a.m.98 views

Grafana -- Incorrect Access Control

Grafana Labs reports: When the fine-grained access control beta feature is enabled and there is more than one organization in the Grafana instance, Grafana 8.0 introduced a mechanism which allowed users with the Organization Admin role to list, add, remove, and update users’ roles in other...

9.1CVSS4AI score0.02834EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2021/06/09 12:0 a.m.98 views

Apache httpd -- Multiple vulnerabilities

The Apache httpd reports: moderate: modproxywstunnel tunneling of non Upgraded connections CVE-2019-17567 moderate: Improper Handling of Insufficient Privileges CVE-2020-13938 low: modproxyhttp NULL pointer dereference CVE-2020-13950 low: modauthdigest possible stack overflow by one nul byte...

9.8CVSS1.5AI score0.68067EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2021/04/06 12:0 a.m.98 views

Node.js -- April 2021 Security Releases

Node.js reports: OpenSSL - CA certificate check bypass with X509VFLAGX509STRICT High CVE-2021-3450 This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20210325.txt OpenSSL - NULL pointer deref in...

9.8CVSS0.6AI score0.69062EPSS
Exploits5References3
FreeBSD
FreeBSD
added 2015/10/21 12:0 a.m.98 views

ntp -- 13 low- and medium-severity vulnerabilities

ntp.org reports: NTF's NTP Project has been notified of the following 13 low- and medium-severity vulnerabilities that are fixed in ntp-4.2.8p4, released on Wednesday, 21 October 2015: Bug 2941 CVE-2015-7871 NAK to the Future: Symmetric association authentication bypass via crypto-NAK Cisco ASIG...

9.8CVSS6.8AI score0.81762EPSS
Exploits8References1
FreeBSD
FreeBSD
added 2022/07/05 12:0 a.m.97 views

OpenSSL -- AES OCB fails to encrypt some bytes

The OpenSSL project reports: AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special...

5.3CVSS1.6AI score0.04425EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2022/05/11 12:0 a.m.97 views

curl -- Multiple vulnerabilities

The curl project reports: CVE-2022-27778: curl removes wrong file on error CVE-2022-27779: cookie for trailing dot TLD CVE-2022-27780: percent-encoded path separator in URL host CVE-2022-27781: CERTINFO never-ending busy-loop CVE-2022-27782: TLS and SSH connection too eager reuse CVE-2022-30115:...

8.1CVSS1.1AI score0.03453EPSS
Exploits6References1
FreeBSD
FreeBSD
added 2019/08/13 12:0 a.m.97 views

nghttp2 -- multiple vulnerabilities

nghttp2 GitHub releases: This release fixes CVE-2019-9511 "Data Dribble" and CVE-2019-9513 "Resource Loop" vulnerability in nghttpx and nghttpd. Specially crafted HTTP/2 frames cause Denial of Service by consuming CPU time. Check out...

7.8CVSS1.1AI score0.82017EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2006/09/06 12:0 a.m.97 views

openssl -- Incorrect PKCS#1 v1.5 padding validation in crypto(3)

Problem Description When verifying a PKCS1 v1.5 signature, OpenSSL ignores any bytes which follow the cryptographic hash being signed. In a valid signature there will be no such bytes. Impact OpenSSL will incorrectly report some invalid signatures as valid. When an RSA public exponent of 3 is use...

4.3CVSS7.9AI score0.04894EPSS
Exploits1
FreeBSD
FreeBSD
added 2022/03/14 12:0 a.m.96 views

Apache httpd -- Multiple vulnerabilities

The Apache httpd project reports: modlua: Use of uninitialized value of in r:parsebody moderate CVE-2022-22719A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. HTTP request smuggling vulnerability important CVE-2022-22720 httpd fails...

9.8CVSS0.3AI score0.69803EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2017/09/18 12:0 a.m.96 views

Apache -- HTTP OPTIONS method can leak server memory

The Fuzzing Project reports: Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x...

7.5CVSS2AI score0.94999EPSS
Exploits9References1
FreeBSD
FreeBSD
added 2016/02/26 12:0 a.m.96 views

PuTTY - old-style scp downloads may allow remote code execution

Simon G. Tatham reports: Many versions of PSCP prior to 0.67 have a stack corruption vulnerability in their treatment of the 'sink' direction i.e. downloading from server to client of the old-style SCP protocol. In order for this vulnerability to be exploited, the user must connect to a malicious...

9.8CVSS1.6AI score0.34216EPSS
Exploits4References2
FreeBSD
FreeBSD
added 2012/08/27 12:0 a.m.96 views

mediawiki -- multiple vulnerabilities

Mediawiki reports: Bug 39700 Wikipedia administrator Writ Keeper discovered a stored XSS HTML injection vulnerability. This was possible due to the handling of link text on File: links for nonexistent files. MediaWiki 1.16 and later is affected. Bug 39180 User Fomafix reported several DOM-based X...

6.5CVSS6.2AI score0.01562EPSS
Exploits2References6
FreeBSD
FreeBSD
added 2021/11/10 12:0 a.m.95 views

samba -- Multiple Vulnerabilities

The Samba Team reports: CVE-2020-25717: A user in an AD Domain could become root on domain members. CVE-2020-25718: Samba AD DC did not correctly sandbox Kerberos tickets issued by an RODC. CVE-2020-25719: Samba AD DC did not always rely on the SID and PAC in Kerberos tickets. CVE-2020-25721:...

9CVSS8.1AI score0.01984EPSS
Exploits0References8
FreeBSD
FreeBSD
added 2019/03/19 12:0 a.m.95 views

mozilla -- multiple vulnerabilities

Mozilla Foundation reports: CVE-2019-9790: Use-after-free when removing in-use DOM elements CVE-2019-9791: Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey CVE-2019-9792: IonMonkey leaks JSOPTIMIZEDOUT magic value to script CVE-2019-9793: Improper...

9.8CVSS0.9AI score0.19762EPSS
Exploits13References2
FreeBSD
FreeBSD
added 2019/02/09 12:0 a.m.95 views

kf5-kauth -- Insecure handling of arguments in helpers

Albert Astals Cid reports: KAuth allows to pass parameters with arbitrary types to helpers running as root over DBus. Certain types can cause crashes and trigger decoding arbitrary images with dynamically loaded plugin...

9.3CVSS3.2AI score0.0235EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2018/06/21 12:0 a.m.95 views

phpmyadmin -- remote code inclusion and XSS scripting

The phpMyAdmin development team reports: Summary XSS in Designer feature Description A Cross-Site Scripting vulnerability was found in the Designer feature, where an attacker can deliver a payload to a user through a specially-crafted database name. Severity We consider this attack to be of...

1.7AI score
Exploits0References2
FreeBSD
FreeBSD
added 2018/12/05 12:0 a.m.94 views

Flash Player -- multiple vulnerabilities

Adobe reports: This update resolves a use-after-free vulnerability that could lead to arbitrary code execution CVE-2018-15982. This update resolves an insecure library loading vulnerability that could lead to privilege escalation CVE-2018-15983...

10CVSS3.2AI score0.81971EPSS
Exploits13References1
FreeBSD
FreeBSD
added 2017/02/01 12:0 a.m.94 views

jenkins -- multiple vulnerabilities

Jenkins Security Advisory: Please reference CVE/URL list for details...

8.8CVSS6.4AI score0.19191EPSS
Exploits2References1
FreeBSD
FreeBSD
added 2016/05/02 12:0 a.m.94 views

gitlab -- privilege escalation via "impersonate" feature

GitLab reports: During an internal code review, we discovered a critical security flaw in the "impersonate" feature of GitLab. Added in GitLab 8.2, this feature was intended to allow an administrator to simulate being logged in as any other user. A part of this feature was not properly secured an...

8.8CVSS3.1AI score0.10143EPSS
Exploits5References2
FreeBSD
FreeBSD
added 2015/11/17 12:0 a.m.94 views

sudo -- potential privilege escalation via symlink misconfiguration

MITRE reports: sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by "/home///file.txt."...

7.2CVSS7.3AI score0.01458EPSS
Exploits5References3
FreeBSD
FreeBSD
added 2023/01/17 12:0 a.m.93 views

Apache httpd -- Multiple vulnerabilities

The Apache httpd project reports: moddav out of bounds read, or write of zero byte CVE-2006-20001 moderate modproxyajp Possible request smuggling CVE-2022-36760 moderate modproxy prior to 2.4.55 allows a backend to trigger HTTP response splitting CVE-2022-37436 moderate...

9CVSS7.6AI score0.57941EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2020/04/21 12:0 a.m.93 views

OpenSSL remote denial of service vulnerability

Problem Description: Server or client applications that call the SSLcheckchain function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signaturealgorithmscert" TLS extension. The crash occurs if an invalid or unrecognized...

7.5CVSS1.4AI score0.53336EPSS
Exploits2References1
FreeBSD
FreeBSD
added 2017/10/04 12:0 a.m.93 views

tomcat -- Remote Code Execution

tomcat developers reports: When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled e.g. via setting the readonly initialisation parameter of the Default servlet to false it was possible to upload a JSP file to the serv...

8.1CVSS8.2AI score0.99988EPSS
Exploits23References2
FreeBSD
FreeBSD
added 2019/08/28 12:0 a.m.92 views

RDoc -- multiple jQuery vulnerabilities

Ruby news: There are multiple vulnerabilities about Cross-Site Scripting XSS in jQuery shipped with RDoc which bundled in Ruby. All Ruby users are recommended to update Ruby to the latest release which includes the fixed version of RDoc. The following vulnerabilities have been reported...

6.1CVSS7.3AI score0.29726EPSS
Exploits6References1
FreeBSD
FreeBSD
added 2016/12/26 12:0 a.m.92 views

phpmailer -- Remote Code Execution

Legal Hackers reports: An independent research uncovered a critical vulnerability in PHPMailer that could potentially be used by unauthenticated remote attackers to achieve remote arbitrary code execution in the context of the web server user and remotely compromise the target web application. To...

9.8CVSS9.8AI score0.99714EPSS
Exploits58References2
FreeBSD
FreeBSD
added 2024/07/17 12:0 a.m.91 views

Apache httpd -- Source code disclosure with handlers configured via AddType

The Apache httpd project reports: source code disclosure with handlers configured via AddType CVE-2024-40725 Important: A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar...

6.2CVSS6.8AI score0.04134EPSS
Exploits3References1
FreeBSD
FreeBSD
added 2022/12/23 12:0 a.m.91 views

py39-setuptools -- denial of service vulnerability

SCH227 reports: Python Packaging Authority PyPA's setuptools is a library designed to facilitate packaging Python projects. Setuptools version 65.5.0 and earlier could allow remote attackers to cause a denial of service by fetching malicious HTML from a PyPI package or custom PackageIndex page du...

5.9CVSS6.2AI score0.02617EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2019/07/01 12:0 a.m.91 views

Django -- Incorrect HTTP detection with reverse-proxy connecting via HTTPS

Django security releases issued: When deployed behind a reverse-proxy connecting to Django via HTTPS, django.http.HttpRequest.scheme would incorrectly detect client requests made via HTTP as using HTTPS. This entails incorrect results for issecure, and buildabsoluteuri, and that HTTP requests wou...

5.3CVSS0.8AI score0.01697EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2019/03/13 12:0 a.m.91 views

python 3.7 -- multiple vulnerabilities

Python changelog: bpo-37463: ssl.matchhostname no longer accepts IPv4 addresses with additional text after the address and only quad-dotted notation without trailing whitespaces. Some inetaton implementations ignore whitespace and all data after whitespace, e.g.'127.0.0.1 whatever'. bpo-35907:...

9.1CVSS0.8AI score0.11844EPSS
Exploits2References1
FreeBSD
FreeBSD
added 2017/12/07 12:0 a.m.91 views

OpenSSL -- multiple vulnerabilities

The OpenSSL project reports: Read/write after SSL object in error state CVE-2017-3737 OpenSSL 1.0.2 starting from version 1.0.2b introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediate...

5.9CVSS6.6AI score0.78675EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2016/01/08 12:0 a.m.91 views

activemq -- Unsafe deserialization

Alvaro Muatoz, Matthias Kaiser and Christian Schneider reports: JMS Object messages depends on Java Serialization for marshaling/unmashaling of the message payload. There are a couple of places inside the broker where deserialization can occur, like web console or stomp object message...

9.8CVSS8.7AI score0.38191EPSS
Exploits4References1
FreeBSD
FreeBSD
added 2015/03/18 12:0 a.m.91 views

libzip -- integer overflow

libzip developers report: Avoid integer overflow. Fixed similarly to patch used in PHP copy of libzip...

7.5CVSS7.9AI score0.27869EPSS
Exploits1References3
Total number of security vulnerabilities5000