Lucene search
K
FreebsdMost viewed

6585 matches found

FreeBSD
FreeBSD
•added 2021/01/13 12:0 a.m.•36 views

go -- cmd/go: packages using cgo can cause arbitrary code execution at build time; crypto/elliptic: incorrect operations on the P-224 curve

The Go project reports: The go command may execute arbitrary code at build time when cgo is in use on Windows. This may occur when running "go get", or any other command that builds code. Only users who build untrusted code and don't execute it are affected. In addition to Windows users, this can...

8.1AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2020/12/01 12:0 a.m.•36 views

xorg-server -- Multiple input validation failures in X server XKB extension

The X.org project reports: These issues can lead to privileges elevations for authorized clients on systems where the X server is running privileged. Insufficient checks on the lengths of the XkbSetMap request can lead to out of bounds memory accesses in the X server. Insufficient checks on input...

7.8CVSS2.4AI score0.00393EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/10/06 12:0 a.m.•36 views

chromium -- multiple vulnerabilities

Chrome releases reports: This release contains 35 security fixes, including: 1127322 Critical CVE-2020-15967: Use after free in payments. Reported by Man Yue Mo of GitHub Security Lab on 2020-09-11 1126424 High CVE-2020-15968: Use after free in Blink. Reported by Anonymous on 2020-09-09 1124659...

8.8CVSS1AI score0.02553EPSS
Exploits4References1
FreeBSD
FreeBSD
•added 2020/09/02 12:0 a.m.•36 views

FreeBSD -- SCTP socket use-after-free bug

Problem Description: Due to improper handling in the kernel, a use-after-free bug can be triggered by sending large user messages from multiple threads on the same socket. Impact: Triggering the use-after-free situation may result in unintended kernel behaviour including a kernel panic...

5.5CVSS0.1AI score0.00399EPSS
Exploits0
FreeBSD
FreeBSD
•added 2020/09/01 12:0 a.m.•36 views

Mbed TLS -- Local side channel attack on classical CBC decryption in (D)TLS

Manuel Pégourié-Gonnard reports: When decrypting/authenticating DTLS record in a connection using a CBC ciphersuite without the Encrypt-then-Mac extension RFC 7366, Mbed TLS used dummy rounds of the compression function associated with the hash used for HMAC in order to hide the length of the...

5.5CVSS2.8AI score0.00368EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/07/27 12:0 a.m.•36 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This update contains 8 security fixes, including: 1105318 High CVE-2020-6537: Type Confusion in V8. Reported by Alphalaab on 2020-07-14 1096677 High CVE-2020-6538: Inappropriate implementation in WebView. Reported by Yongke Wang@Rudykewang and Aryb1n@aryb1n of Tencent...

8.8CVSS8.7AI score0.22868EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/04/20 12:0 a.m.•36 views

malicious URLs can cause git to send a stored credential to wrong server

git security advisory reports: Git uses external "credential helper" programs to store and retrieve passwords or other credentials from secure storage provided by the operating system. Specially-crafted URLs that are considered illegal as of the recently published Git versions can cause Git to se...

7.5CVSS2AI score0.03899EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/04/14 12:0 a.m.•36 views

Gitlab -- Multiple Vulnerabilities

Gitlab reports: NuGet Package and File Disclosure through GitLab Workhorse Job Artifact Uploads and File Disclosure through GitLab Workhorse Incorrect membership following group removal Logging of Praefect tokens Update Rack dependency Update OpenSSL dependency...

7.5CVSS2.9AI score0.01174EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/03/31 12:0 a.m.•36 views

GnuTLS -- flaw in DTLS protocol implementation

The GnuTLS project reports: It was found that GnuTLS 3.6.3 introduced a regression in the DTLS protocol implementation. This caused the DTLS client to not contribute any randomness to the DTLS negotiation breaking the security guarantees of the DTLS protocol...

7.4CVSS3AI score0.03388EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/03/30 12:0 a.m.•36 views

glpi -- weak csrf tokens

MITRE Corporation reports: In GLPI after version 0.83.3 and before version 9.4.6, the CSRF tokens are generated using an insecure algorithm. The implementation uses rand and uniqid and MD5 which does not provide secure values. This is fixed in version 9.4.6...

9.3CVSS3.7AI score0.00782EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2020/03/19 12:0 a.m.•36 views

FreeBSD -- Incorrect user-controlled pointer use in epair

Problem Description: Incorrect use of a potentially user-controlled pointer in the kernel allowed vnet jailed users to panic the system and potentially execute aribitrary code in the kernel. Impact: Users with root level access or the PRIVNETIFCREATE privilege can panic the system, or potentially...

9.1CVSS6.4AI score0.01834EPSS
Exploits0
FreeBSD
FreeBSD
•added 2019/12/10 12:0 a.m.•36 views

dovecot -- null pointer deref in notify with empty headers

Aki Tuomi reports Mail with group address as sender will cause a signal 11 crash in push notification drivers. Group address as recipient can cause crash in some drivers...

5.3CVSS1.3AI score0.02476EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/12/10 12:0 a.m.•36 views

samba -- multiple vulnerabilities

The Samba Team reports: CVE-2019-14861: An authenticated user can crash the DCE/RPC DNS management server by creating records with matching the zone name. CVE-2019-14870: The DelegationNotAllowed Kerberos feature restriction was not being applied when processing protocol transition requests...

6.4CVSS2.8AI score0.02783EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/10/12 12:0 a.m.•36 views

cacti -- multiple vulnerabilities

The cacti developers reports: When viewing graphs, some input variables are not properly checked SQL injection possible. Multiple instances of lib/functions.php are affected by unsafe deserialization of user-controlled data to populate arrays. An authenticated attacker could use this to influence...

4.1AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2019/09/25 12:0 a.m.•36 views

go -- invalid headers are normalized, allowing request smuggling

The Go project reports: net/http through net/textproto used to accept and normalize invalid HTTP/1.1 headers with a space before the colon, in violation of RFC 7230. If a Go server is used behind a reverse proxy that accepts and forwards but doesn't normalize such invalid headers, the reverse pro...

7.5CVSS1.4AI score0.05157EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/08/07 12:0 a.m.•36 views

asterisk -- Remote Crash Vulnerability in audio transcoding

The Asterisk project reports: When audio frames are given to the audio transcoding support in Asterisk the number of samples are examined and as part of this a message is output to indicate that no samples are present. A change was done to suppress this message for a particular scenario in which...

7.5CVSS0.9AI score0.21924EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/08/06 12:0 a.m.•36 views

FreeBSD -- Multiple vulnerabilities in bzip2

Problem Description: The decompressor used in bzip2 contains a bug which can lead to an out-of-bounds write when processing a specially crafted bzip21 file. bzip2recover contains a heap use-after-free bug which can be triggered when processing a specially crafted bzip21 file. Impact: An attacker...

1.6AI score
Exploits0
FreeBSD
FreeBSD
•added 2019/05/08 12:0 a.m.•36 views

drupal -- Drupal core - Moderately critical

Drupal Security Team reports: CVE-2019-11831: By-passing protection of Phar Stream Wrapper Interceptor. In order to intercept file invocations like fileexists or stat on compromised Phar archives the base name has to be determined and checked before allowing to be handled by PHP Phar stream...

9.8CVSS0.7AI score0.05586EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/12/01 12:0 a.m.•36 views

couchdb -- administrator privilege escalation

Apache CouchDB PMC reports: Database Administrator could achieve privilege escalation to the account that CouchDB runs under, by abusing insufficient validation in the HTTP API, escaping security controls implemented in previous releases...

7.2CVSS1.9AI score0.03228EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/06/11 12:0 a.m.•36 views

asterisk -- PJSIP endpoint presence disclosure when using ACL

The Asterisk project reports: When endpoint specific ACL rules block a SIP request they respond with a 403 forbidden. However, if an endpoint is not identified then a 401 unauthorized response is sent. This vulnerability just discloses which requests hit a defined endpoint. The ACL rules cannot b...

1.5AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2018/04/16 12:0 a.m.•36 views

patch -- multiple vulnerabilities

NVD reports: An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuitdifftype function in pch.c, aka a "mangled rename" issue. A double free exists in the anotherhunk function in pch...

9.3CVSS7.3AI score0.08585EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2018/04/14 12:0 a.m.•36 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 4 security fixes in this release: 835887 Critical: Chain leading to sandbox escape. Reported by Anonymous on 2018-04-23 836858 High CVE-2018-6121: Privilege Escalation in extensions 836141 High CVE-2018-6122: Type confusion in V8 833721 High CVE-2018-6120: Heap...

8.8CVSS1.6AI score0.02422EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/04/14 12:0 a.m.•36 views

perl -- multiple vulnerabilities

perldelta: CVE-2018-6797: heap-buffer-overflow WRITE of size 1 in Sregatom regcomp.c A crafted regular expression could cause a heap buffer write overflow, with control over the bytes written. perl 132227 CVE-2018-6798: Heap-buffer-overflow in Perlbytedumpstring utf8.c Matching a crafted locale...

9.8CVSS1.5AI score0.10866EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2018/04/12 12:0 a.m.•36 views

chromium -- vulnerability

Google Chrome Releases reports: 3 security fixes in this release: 831963 Critical CVE-2018-6118: Use after free in Media Cache. Reported by Ned Williamson on 2018-04-12 837635 Various fixes from internal audits, fuzzing and other initiatives...

8.8CVSS2AI score0.01495EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/03/16 12:0 a.m.•36 views

SQLite -- Corrupt DB can cause a NULL pointer dereference

MITRE reports: SQLite databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c...

7.5CVSS1.1AI score0.08186EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/12/08 12:0 a.m.•36 views

OpenJPEG -- integer overflow

NVD reports: In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the opjt1encodecblks function openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file...

6.5CVSS5.7AI score0.01894EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2017/10/05 12:0 a.m.•36 views

mercurial -- multiple issues

mercurial developers reports: Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks...

8.7AI score
Exploits0References3
FreeBSD
FreeBSD
•added 2017/08/08 12:0 a.m.•36 views

Flash Player -- multiple vulnerabilities

Adobe reports: These updates resolve security bypass vulnerability that could lead to information disclosure CVE-2017-3085. These updates resolve type confusion vulnerability that could lead to remote code execution CVE-2017-3106...

9.3CVSS8.4AI score0.22311EPSS
Exploits3References1
FreeBSD
FreeBSD
•added 2017/07/24 12:0 a.m.•36 views

webkit2-gtk3 -- multiple vulnerabilities

The Webkit gtk team reports: Please reference CVE/URL list for details...

9.3CVSS1.7AI score0.095EPSS
Exploits49References1
FreeBSD
FreeBSD
•added 2017/06/21 12:0 a.m.•36 views

poppler -- multiple denial of service issues

Poppler developers report: Poppler is prone to a stack-based buffer-overflow vulnerability. Successful exploits may allow attackers to crash the affected application, resulting in denial-of-service condition. Due to the nature of this issue, arbitrary code execution may be possible but this has n...

6.4AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2017/05/09 12:0 a.m.•36 views

miniupnpc -- integer signedness error

Tintinweb reports: An integer signedness error was found in miniupnp's miniwget allowing an unauthenticated remote entity typically located on the local network segment to trigger a heap corruption or an access violation in miniupnp's http response parser when processing a specially crafted...

9.8CVSS0.8AI score0.24027EPSS
Exploits6References1
FreeBSD
FreeBSD
•added 2017/01/03 12:0 a.m.•36 views

icoutils -- check_offset overflow on 64-bit systems

Choongwoo Han reports: An exploitable crash exists in the wrestool utility on 64-bit systems where the result of subtracting two pointers exceeds the size of int...

8.2AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2016/11/17 12:0 a.m.•36 views

hdf5 -- multiple vulnerabilities

Talos Security reports: CVE-2016-4330 TALOS-2016-0176 - HDF5 Group libhdf5 H5TARRAY Code Execution Vulnerability CVE-2016-4331 TALOS-2016-0177 - HDF5 Group libhdf5 H5ZNBIT Code Execution Vulnerability CVE-2016-4332 TALOS-2016-0178 - HDF5 Group libhdf5 Shareable Message Type Code Execution...

8.6CVSS1.9AI score0.00812EPSS
Exploits8References1
FreeBSD
FreeBSD
•added 2016/11/16 12:0 a.m.•36 views

Drupal Code -- Multiple Vulnerabilities

The Drupal development team reports: Inconsistent name for term access query Less critical - Drupal 7 and Drupal 8 Drupal provides a mechanism to alter database SELECT queries before they are executed. Contributed and custom modules may use this mechanism to restrict access to certain entities by...

0.4AI score
Exploits0
FreeBSD
FreeBSD
•added 2016/11/01 12:0 a.m.•36 views

chromium -- out-of-bounds memory access

Google Chrome Releases reports: 659475 High CVE-2016-5198: Out of bounds memory access in V8. Credit to Tencent Keen Security Lab, working with Trend Micro's Zero Day Initiative...

8.8CVSS1.6AI score0.34703EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2016/09/26 12:0 a.m.•36 views

django -- CSRF protection bypass on a site with Google Analytics

Django Software Foundation reports: An interaction between Google Analytics and Django's cookie parsing could allow an attacker to set arbitrary cookies leading to a bypass of CSRF protection...

7.5CVSS5.6AI score0.0613EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2016/09/06 12:0 a.m.•36 views

Pillow -- multiple vulnerabilities

Pillow reports: Pillow prior to 3.3.2 may experience integer overflow errors in map.c when reading specially crafted image files. This may lead to memory disclosure or corruption. Pillow prior to 3.3.2 and PIL 1.1.7 at least do not check for negative image sizes in ImagingNew in Storage.c. A...

5.5CVSS3.2AI score0.01861EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2016/07/18 12:0 a.m.•36 views

bind -- denial of service vulnerability

ISC reports: A query name which is too long can cause a segmentation fault in lwresd...

5.9CVSS2.9AI score0.63346EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2016/06/07 12:0 a.m.•36 views

wireshark -- multiple vulnerabilities

Wireshark development team reports: The following vulnerabilities have been fixed: wnpa-sec-2016-29 The SPOOLS dissector could go into an infinite loop. Discovered by the CESG. wnpa-sec-2016-30 The IEEE 802.11 dissector could crash. Bug 11585 wnpa-sec-2016-31 The IEEE 802.11 dissector could crash...

7.5CVSS1.4AI score0.02776EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2016/05/11 12:0 a.m.•36 views

jenkins -- multiple vulnerabilities

Jenkins Security Advisory: Description SECURITY-170 / CVE-2016-3721 Arbitrary build parameters are passed to build scripts as environment variables SECURITY-243 / CVE-2016-3722 Malicious users with multiple user accounts can prevent other users from logging in SECURITY-250 / CVE-2016-3723...

7.4CVSS3.1AI score0.02388EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2016/03/20 12:0 a.m.•36 views

tiff -- denial of service

Aladdin Mubaied reports: Buffer-overflow in gif2tiff utility...

6.2CVSS2.9AI score0.02492EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2016/01/26 12:0 a.m.•36 views

mozilla -- multiple vulnerabilities

Mozilla Foundation reports: MFSA 2016-01 Miscellaneous memory safety hazards rv:44.0 / rv:38.6 MFSA 2016-02 Out of Memory crash when parsing GIF format images MFSA 2016-03 Buffer overflow in WebGL after out of memory allocation MFSA 2016-04 Firefox allows for control characters to be set in cooki...

10CVSS8.4AI score0.05992EPSS
Exploits0References8
FreeBSD
FreeBSD
•added 2016/01/05 12:0 a.m.•36 views

isc-dhcpd -- Denial of Service

ISC reports: A badly formed packet with an invalid IPv4 UDP length field can cause a DHCP server, client, or relay program to terminate abnormally...

6.5CVSS6.6AI score0.7645EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/11/10 12:0 a.m.•36 views

hostapd and wpa_supplicant -- multiple vulnerabilities

Jouni Malinen reports: wpasupplicant unauthorized WNM Sleep Mode GTK control. 2015-6 - CVE-2015-5310 EAP-pwd missing last fragment length validation. 2015-7 - CVE-2015-5315 EAP-pwd peer error path failure on unexpected Confirm message. 2015-8 - CVE-2015-5316...

5.9CVSS5.9AI score0.03249EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2015/10/29 12:0 a.m.•36 views

xen-kernel -- Long latency populate-on-demand operation is not preemptible

The Xen Project reports: When running an HVM domain in Populate-on-Demand mode, Xen would sometimes search the domain for memory to reclaim, in response to demands for population of other pages in the same domain. This search runs without preemption. The guest can, by suitable arrangement of its...

4.9CVSS7.3AI score0.00436EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/10/01 12:0 a.m.•36 views

VirtualBox -- undisclosed vulnerabilities

Oracle reports reports: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 4.0.34, 4.1.42, 4.2.34, 4.3.32, and 5.0.8, when using a Windows guest, allows local users to affect availability via unknown vectors related to Core. Unspecified...

6.3AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2015/08/10 12:0 a.m.•36 views

mediawiki -- multiple vulnerabilities

MediaWiki reports: Internal review discovered that Special:DeletedContributions did not properly protect the IP of autoblocked users. This fix makes the functionality of Special:DeletedContributions consistent with Special:Contributions and Special:BlockList. Internal review discovered that...

7.5CVSS6.3AI score0.02747EPSS
Exploits0References5
FreeBSD
FreeBSD
•added 2015/08/03 12:0 a.m.•36 views

Botan BER Decoder vulnerabilities

The botan developers reports: Excess memory allocation in BER decoder - The BER decoder would allocate a fairly arbitrary amount of memory in a length field, even if there was no chance the read request would succeed. This might cause the process to run out of memory or invoke the OOM killer. Cra...

8.3AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2015/08/03 12:0 a.m.•36 views

qemu, xen-tools -- QEMU leak of uninitialized heap memory in rtl8139 device model

The Xen Project reports: The QEMU model of the RTL8139 network card did not sufficiently validate inputs in the C+ mode offload emulation. This results in uninitialized memory from the QEMU process's heap being leaked to the domain as well as to the network. A guest may be able to read sensitive...

9.3CVSS6.7AI score0.13288EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2015/07/10 12:0 a.m.•36 views

Adobe Flash Player -- critical vulnerabilities

Adobe reports: Critical vulnerabilities CVE-2015-5122, CVE-2015-5123 have been identified. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system. Adobe is aware of reports that exploits targeting these vulnerabilities have been...

10CVSS6.7AI score0.93688EPSS
Exploits5References1
Total number of security vulnerabilities5000