Lucene search
K
FreebsdMost viewed

6583 matches found

FreeBSD
FreeBSD
added 2005/03/29 12:0 a.m.36 views

sylpheed -- MIME-encoded file name buffer overflow vulnerability

Sylpheed is vulnerable to a buffer overflow when displaying emails with attachments that have MIME-encoded file names. This could be used by a remote attacker to crash sylpheed potentially allowing execution of arbitrary code with the permissions of the user running sylpheed...

5.1CVSS7.4AI score0.01827EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2005/02/09 12:0 a.m.36 views

xview -- multiple buffer overflows in xv_parse_one

A Debian Security Advisory reports: Erik Sjölund discovered that programs linked against xview are vulnerable to a number of buffer overflows in the XView library. When the overflow is triggered in a program which is installed setuid root a malicious user could perhaps execute arbitrary code as...

7.2CVSS7.4AI score0.00448EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2005/01/05 12:0 a.m.36 views

exim -- two buffer overflow vulnerabilities

The function hostaton can overflow a buffer if it is presented with an illegal IPv6 address that has more than 8 components. 2. The second report described a buffer overflow in the function spabase64tobits, which is part of the code for SPA authentication...

6.9AI score
Exploits0References2
FreeBSD
FreeBSD
added 2004/12/10 12:0 a.m.36 views

mplayer -- multiple vulnerabilities

iDEFENSE and the MPlayer Team have found multiple vulnerabilities in MPlayer: Potential heap overflow in Real RTSP streaming code Potential stack overflow in MMST streaming code Multiple buffer overflows in BMP demuxer Potential heap overflow in pnm streaming code Potential buffer overflow in...

10CVSS3.6AI score0.05178EPSS
Exploits0References8
FreeBSD
FreeBSD
added 2004/11/08 12:0 a.m.36 views

isc-dhcpd -- format string vulnerabilities

The ISC DHCP programs are vulnerable to several format string vulnerabilities which may allow a remote attacker to execute arbitrary code with the permissions of the DHCP programs, typically root for the DHCP server...

10CVSS7.4AI score0.07968EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2004/10/14 12:0 a.m.36 views

acroread5 -- mailListIsPdf() buffer overflow vulnerability

An iDEFENSE Security Advisory reports: Remote exploitation of a buffer overflow in version 5.09 of Adobe Acrobat Reader for Unix could allow for execution of arbitrary code. The vulnerability specifically exists in a the function mailListIsPdf. This function checks if the input file is an email...

10CVSS3.3AI score0.08272EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2004/10/02 12:0 a.m.36 views

mpg123 -- buffer overflow in URL handling

Carlos Barros reports that mpg123 contains two buffer overflows. These vulnerabilities can potentially lead to execution of arbitrary code. The first buffer overflow can occur when mpg123 parses a URL with a user-name/password field that is more than 256 characters long. This problem can be...

10CVSS7.1AI score0.06527EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2004/09/30 12:0 a.m.36 views

Boundary checking errors in syscons

The syscons CONSSCRSHOT ioctl2 does insufficient validation of its input arguments. In particular, negative coordinates or large coordinates may cause unexpected behavior. It may be possible to cause the CONSSCRSHOT ioctl to return portions of kernel memory. Such memory might contain sensitive...

4.6CVSS5.9AI score0.00422EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2004/09/15 12:0 a.m.36 views

apache -- apr_uri_parse IPv6 address handling vulnerability

The Apache Software Foundation Security Team discovered a programming error in the apr-util library function apruriparse. When parsing IPv6 literal addresses, it is possible that a length is incorrectly calculated to be negative, and this value is passed to memcpy. This may result in an exploitab...

5CVSS6.4AI score0.21769EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2004/05/12 12:0 a.m.36 views

URI handler vulnerabilities in several browsers

Karol Wiesek and Greg MacManus reported via iDEFENSE that the Opera web browser contains a flaw in the handling of certain URIs. When presented with these URIs, Opera would invoke external commands to process them after some validation. However, if the hostname component of a URI begins with a -'...

7.5CVSS6.5AI score0.07778EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2004/05/05 12:0 a.m.36 views

heimdal kadmind remote heap buffer overflow

An input validation error was discovered in the kadmind code that handles the framing of Kerberos 4 compatibility administration requests. The code assumed that the length given in the framing was always two or more bytes. Smaller lengths will cause kadmind to read an arbitrary amount of data int...

10CVSS7.1AI score0.07159EPSS
Exploits0
FreeBSD
FreeBSD
added 2004/03/24 12:0 a.m.36 views

Buffer overflows and format string bugs in Emil

Ulf Härnhammar reports multiple buffer overflows in Emil, some of which are triggered during the parsing of attachment filenames. In addition, some format string bugs are present in the error reporting code. Depending upon local configuration, these vulnerabilities may be exploited using speciall...

7.5CVSS7.3AI score0.04146EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2004/02/17 12:0 a.m.36 views

file disclosure in phpMyAdmin

Lack of proper input validation in phpMyAdmin may allow an attacker to obtain the contents of any file on the target system that is readable by the web server...

5CVSS6.2AI score0.09332EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2024/11/08 12:0 a.m.35 views

electron32 -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2024-10230. Security: backported fix for CVE-2024-10231. Security: backported fix for CVE-2024-10229. Security: backported fix for CVE-2024-10487...

8.8CVSS7.4AI score0.00653EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2024/09/24 12:0 a.m.35 views

expat -- multiple vulnerabilities

libexpat reports: CVE-2024-45490: Calling function XMLParseBuffer with len 0 without noticing and then calling XMLGetBuffer will have XMLParseBuffer fail to recognize the problem and XMLGetBuffer corrupt memory. With the fix, XMLParseBuffer now complains with error XMLERRORINVALIDARGUMENT just li...

9.8CVSS7.1AI score0.01686EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2024/03/05 12:0 a.m.35 views

chromium -- multiple security fixes

Chrome Releases reports: This update includes 3 security fixes: 325893559 High CVE-2024-2173: Out of bounds memory access in V8. Reported by 5fceb6172bbf7e2c5a948183b53565b9 on 2024-02-19 325866363 High CVE-2024-2174: Inappropriate implementation in V8. Reported by 5f46f4ee2e17957ba7b39897fb376be...

8.8CVSS7.7AI score0.13556EPSS
Exploits3References1
FreeBSD
FreeBSD
added 2024/01/16 12:0 a.m.35 views

chromium -- multiple security fixes

Chrome Releases reports: This update includes 4 security fixes: 1515930 High CVE-2024-0517: Out of bounds write in V8. Reported by Toan suto Pham of Qrious Secure on 2024-01-06 1507412 High CVE-2024-0518: Type Confusion in V8. Reported by Ganjiang Zhou@refrainareu of ChaMd5-H1 team on 2023-12-03...

8.8CVSS7.5AI score0.21697EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2023/11/20 12:0 a.m.35 views

strongSwan -- vulnerability in charon-tkm

strongSwan reports: A vulnerability in charon-tkm related to processing DH public values was discovered in strongSwan that can result in a buffer overflow and potentially remote code execution. All versions since 5.3.0 are affected...

9.8CVSS8.3AI score0.0229EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2023/10/31 12:0 a.m.35 views

Gitlab -- Vulnerabilities

Gitlab reports: Disclosure of CI/CD variables using Custom project templates GitLab omnibus DoS crash via OOM with CI Catalogs Parsing gitlab-ci.yml with large string via timeout input leads to Denial of Service DoS - Blocking FIFO files in Tar archives Titles exposed by service-desk template...

8.5CVSS5.9AI score0.00643EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2023/10/25 12:0 a.m.35 views

xorg-server -- Multiple vulnerabilities

The X.Org project reports: ZDI-CAN-22153/CVE-2023-5367: X.Org server: OOB write in XIChangeDeviceProperty/RRChangeOutputProperty When prepending values to an existing property an invalid offset calculation causes the existing values to be appended at the wrong offset. The resulting memcpy would...

7.8CVSS7.3AI score0.00715EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2023/02/07 12:0 a.m.35 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 15 security fixes, including: 1402270 High CVE-2023-0696: Type Confusion in V8. Reported by Haein Lee at KAIST Hacking Lab on 2022-12-18 1341541 High CVE-2023-0697: Inappropriate implementation in Full screen mode. Reported by Ahmed ElMasry on...

8.8CVSS8.5AI score0.00883EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2023/01/25 12:0 a.m.35 views

Grafana -- Spoofing originalUrl of snapshots

Grafana Labs reports: A third-party penetration test of Grafana found a vulnerability in the snapshot functionality. The value of the originalUrl parameter is automatically generated. The purpose of the presented originalUrl parameter is to provide a user who views the snapshot with the possibili...

6.7CVSS1.4AI score0.00828EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2022/11/28 12:0 a.m.35 views

emacs -- arbitary shell command execution vulnerability of ctags

lu4nx reports: GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags " command suggeste...

7.8CVSS7.8AI score0.00635EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2022/11/15 12:0 a.m.35 views

FreeBSD -- Multiple vulnerabilities in Heimdal

Problem Description: Multiple security vulnerabilities have been discovered in the Heimdal implementation of the Kerberos 5 network authentication protocols and KDC. CVE-2022-42898 PAC parse integer overflows CVE-2022-3437 Overflows and non-constant time leaks in DES,3 and arcfour CVE-2021-44758...

9.8CVSS8.5AI score0.06419EPSS
Exploits1
FreeBSD
FreeBSD
added 2022/05/11 12:0 a.m.35 views

PostgreSQL Server -- execute arbitrary SQL code as DBA user

The PostgreSQL project reports: Confine additional operations within "security restricted operation" sandboxes. Autovacuum, CLUSTER, CREATE INDEX, REINDEX, REFRESH MATERIALIZED VIEW, and pgamcheck activated the "security restricted operation" protection mechanism too late, or even not at all in...

8.8CVSS2.5AI score0.12403EPSS
Exploits0
FreeBSD
FreeBSD
added 2022/04/26 12:0 a.m.35 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 30 security fixes, including: 1313905 High CVE-2022-1477: Use after free in Vulkan. Reported by SeongHwan Park SeHwa on 2022-04-06 1299261 High CVE-2022-1478: Use after free in SwiftShader. Reported by SeongHwan Park SeHwa on 2022-02-20 1305190 High...

8.8CVSS0.2AI score0.0105EPSS
Exploits23References1
FreeBSD
FreeBSD
added 2022/04/12 12:0 a.m.35 views

Ruby -- Double free in Regexp compilation

piao reports: Due to a bug in the Regexp compilation process, creating a Regexp object with a crafted source string could cause the same memory to be freed twice. This is known as a "double free" vulnerability. Note that, in general, it is considered unsafe to create and use a Regexp object...

9.8CVSS1.3AI score0.02744EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2022/04/07 12:0 a.m.35 views

zgrep -- arbitrary file write

RedHat reports: An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to...

8.8CVSS2.7AI score0.04271EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2022/03/15 12:0 a.m.35 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 11 security fixes, including: 1299422 Critical CVE-2022-0971: Use after free in Blink Layout. Reported by Sergei Glazunov of Google Project Zero on 2022-02-21 1301320 High CVE-2022-0972: Use after free in Extensions. Reported by Sergei Glazunov of...

9.6CVSS0.1AI score0.01089EPSS
Exploits10References1
FreeBSD
FreeBSD
added 2022/03/10 12:0 a.m.35 views

openvpn -- Potential authentication by-pass with multiple deferred authentication plug-ins

David Sommerseth reports: OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials...

9.8CVSS4.1AI score0.03519EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2022/02/12 12:0 a.m.35 views

MariaDB -- Multiple vulnerabilities

MariaDB reports: MariaDB reports 5 vulnerabilities in supported versions resulting from fuzzing tests...

5.5CVSS3.1AI score0.00403EPSS
Exploits5References4
FreeBSD
FreeBSD
added 2021/12/27 12:0 a.m.35 views

minio -- User privilege escalation

minio developers report: AddUser API endpoint was exposed to a legacy behavior. i.e it accepts a "policy" field This API is mainly used to create a user or update a user's password. However, a malicious client can hand-craft an HTTP API call that allows for updating Policy for a user and gaining...

8.8CVSS1.9AI score0.35462EPSS
Exploits3References1
FreeBSD
FreeBSD
added 2021/06/25 12:0 a.m.35 views

Ansible -- Ansible user credentials disclosure in ansible-connection module

Red Hat reports: A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality...

5.5CVSS1.1AI score0.00384EPSS
Exploits0References5
FreeBSD
FreeBSD
added 2021/04/22 12:0 a.m.35 views

go -- net/http: ReadRequest can stack overflow due to recursion with very large headers

The Go project reports: http.ReadRequest can stack overflow due to recursion when given a request with a very large header 8-10MB depending on the architecture. A http.Server which overrides the default max header of 1MB by setting Server.MaxHeaderBytes to a much larger value could also be...

5.9CVSS3AI score0.03692EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2021/03/31 12:0 a.m.35 views

curl -- TLS 1.3 session ticket proxy host mixup

Daniel Stenberg reports: Enabled by default, libcurl supports the use of TLS 1.3 session tickets to resume previous TLS sessions to speed up subsequent TLS handshakes. When using a HTTPS proxy and TLS 1.3, libcurl can confuse session tickets arriving from the HTTPS proxy but work as if they arriv...

4.3CVSS5.8AI score0.03141EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2021/02/26 12:0 a.m.35 views

vault -- unauthenticated license read

vault developers report: Limited Unauthenticated License Read: We addressed a security vulnerability that allowed for the unauthenticated reading of Vault licenses from DR Secondaries...

5.3CVSS3.8AI score0.01043EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2020/11/20 12:0 a.m.35 views

mutt -- authentication credentials being sent over an unencrypted connection

Kevin J. McCarthy reports: Mutt had incorrect error handling when initially connecting to an IMAP server, which could result in an attempt to authenticate without enabling TLS...

5.3CVSS1.6AI score0.02323EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2020/11/09 12:0 a.m.35 views

go -- math/big: panic during recursive division of very large numbers; cmd/go: arbitrary code execution at build time through cgo

The Go project reports: A number of math/big.Int methods Div, Exp, DivMod, Quo, Rem, QuoRem, Mod, ModInverse, ModSqrt, Jacobi, and GCD can panic when provided crafted large inputs. For the panic to happen, the divisor or modulo argument must be larger than 3168 bits on 32-bit architectures or 633...

7.5CVSS7.7AI score0.03813EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2020/11/02 12:0 a.m.35 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 10 security fixes, including: 1138911 High CVE-2020-16004: Use after free in user interface. Reported by Leecraso and Guang Gong of 360 Alpha Lab working with 360 BugCloud on 2020-10-15 1139398 High CVE-2020-16005: Insufficient policy enforcement in...

9.6CVSS0.7AI score0.48574EPSS
Exploits3References1
FreeBSD
FreeBSD
added 2020/07/31 12:0 a.m.35 views

xorg-server -- Pixel Data Uninitialized Memory Information Disclosure

The X.org project reports: Allocation for pixmap data in AllocatePixmap does not initialize the memory in xserver, it leads to leak uninitialize heap memory to clients. When the X server runs with elevated privileges. This flaw can lead to ASLR bypass, which when combined with other flaws...

5.5CVSS3AI score0.00388EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2020/06/08 12:0 a.m.35 views

LibreOffice Security Advisory

LibreOffice reports: Two flaws were found in LibreOffice: CVE-2020-12802: remote graphics contained in docx format retrieved in 'stealth mode' CVE-2020-12803: XForms submissions could overwrite local files...

6.5CVSS2.3AI score0.01944EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2020/04/14 12:0 a.m.35 views

Mbed TLS -- Side channel attack on ECDSA

Manuel Pégourié-Gonnard reports: An attacker with access to precise enough timing and memory access information typically an untrusted operating system attacking a secure enclave such as SGX or the TrustZone secure world can fully recover an ECDSA private key after observing a number of signature...

4.7CVSS2AI score0.00247EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2020/04/09 12:0 a.m.35 views

dbus file descriptor leak

GitHub Security Lab reports: D-Bus has a file descriptor leak, which can lead to denial of service when the dbus-daemon runs out of file descriptors. An unprivileged local attacker can use this to attack the system dbus-daemon, leading to denial of service for all users of the machine...

5.5CVSS3.1AI score0.00569EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2020/02/12 12:0 a.m.35 views

ansible - Vault password leak from temporary file

Borja Tarraso reports: A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes "ansible-vault edit", another user on the same computer can read the old and new secret, as it is created in a temporary file with mkstemp and the returned file...

4.7CVSS0.9AI score0.00374EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2020/02/05 12:0 a.m.35 views

clamav -- Denial-of-Service (DoS) vulnerability

Micah Snyder reports: A denial-of-service DoS condition may occur when using the optional credit card data-loss-prevention DLP feature. Improper bounds checking of an unsigned variable resulted in an out-of-bounds read, which causes a crash...

7.5CVSS1.3AI score0.02604EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2020/01/13 12:0 a.m.35 views

Gitlab -- Private objects exposed through project import

Gitlab reports: Private objects exposed through project importi...

5.3CVSS1.4AI score0.00929EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2019/12/10 12:0 a.m.35 views

dovecot -- null pointer deref in notify with empty headers

Aki Tuomi reports Mail with group address as sender will cause a signal 11 crash in push notification drivers. Group address as recipient can cause crash in some drivers...

5.3CVSS1.3AI score0.02476EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2019/10/12 12:0 a.m.35 views

cacti -- multiple vulnerabilities

The cacti developers reports: When viewing graphs, some input variables are not properly checked SQL injection possible. Multiple instances of lib/functions.php are affected by unsafe deserialization of user-controlled data to populate arrays. An authenticated attacker could use this to influence...

4.1AI score
Exploits0References1
FreeBSD
FreeBSD
added 2019/09/25 12:0 a.m.35 views

go -- invalid headers are normalized, allowing request smuggling

The Go project reports: net/http through net/textproto used to accept and normalize invalid HTTP/1.1 headers with a space before the colon, in violation of RFC 7230. If a Go server is used behind a reverse proxy that accepts and forwards but doesn't normalize such invalid headers, the reverse pro...

7.5CVSS1.4AI score0.05157EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2019/09/24 12:0 a.m.35 views

Pillow -- Allocation of resources without limits or throttling

Mitre reports: An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very large amounts of memory or take an extremely long period of time to process the image...

7.5CVSS3.3AI score0.03154EPSS
Exploits0References1
Total number of security vulnerabilities5000