Lucene search
K
FreebsdMost viewed

6585 matches found

FreeBSD
FreeBSD
•added 2020/11/02 12:0 a.m.•35 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 10 security fixes, including: 1138911 High CVE-2020-16004: Use after free in user interface. Reported by Leecraso and Guang Gong of 360 Alpha Lab working with 360 BugCloud on 2020-10-15 1139398 High CVE-2020-16005: Insufficient policy enforcement in...

9.6CVSS0.7AI score0.48574EPSS
Exploits3References1
FreeBSD
FreeBSD
•added 2020/07/31 12:0 a.m.•35 views

xorg-server -- Pixel Data Uninitialized Memory Information Disclosure

The X.org project reports: Allocation for pixmap data in AllocatePixmap does not initialize the memory in xserver, it leads to leak uninitialize heap memory to clients. When the X server runs with elevated privileges. This flaw can lead to ASLR bypass, which when combined with other flaws...

5.5CVSS3AI score0.00388EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/06/08 12:0 a.m.•35 views

LibreOffice Security Advisory

LibreOffice reports: Two flaws were found in LibreOffice: CVE-2020-12802: remote graphics contained in docx format retrieved in 'stealth mode' CVE-2020-12803: XForms submissions could overwrite local files...

6.5CVSS2.3AI score0.01944EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2020/04/14 12:0 a.m.•35 views

Mbed TLS -- Side channel attack on ECDSA

Manuel Pégourié-Gonnard reports: An attacker with access to precise enough timing and memory access information typically an untrusted operating system attacking a secure enclave such as SGX or the TrustZone secure world can fully recover an ECDSA private key after observing a number of signature...

4.7CVSS2AI score0.00247EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/04/09 12:0 a.m.•35 views

dbus file descriptor leak

GitHub Security Lab reports: D-Bus has a file descriptor leak, which can lead to denial of service when the dbus-daemon runs out of file descriptors. An unprivileged local attacker can use this to attack the system dbus-daemon, leading to denial of service for all users of the machine...

5.5CVSS3.1AI score0.00569EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2020/02/12 12:0 a.m.•35 views

ansible - Vault password leak from temporary file

Borja Tarraso reports: A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes "ansible-vault edit", another user on the same computer can read the old and new secret, as it is created in a temporary file with mkstemp and the returned file...

4.7CVSS0.9AI score0.00374EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2020/02/05 12:0 a.m.•35 views

clamav -- Denial-of-Service (DoS) vulnerability

Micah Snyder reports: A denial-of-service DoS condition may occur when using the optional credit card data-loss-prevention DLP feature. Improper bounds checking of an unsigned variable resulted in an out-of-bounds read, which causes a crash...

7.5CVSS1.3AI score0.02604EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/01/13 12:0 a.m.•35 views

Gitlab -- Private objects exposed through project import

Gitlab reports: Private objects exposed through project importi...

5.3CVSS1.4AI score0.00929EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/12/10 12:0 a.m.•35 views

dovecot -- null pointer deref in notify with empty headers

Aki Tuomi reports Mail with group address as sender will cause a signal 11 crash in push notification drivers. Group address as recipient can cause crash in some drivers...

5.3CVSS1.3AI score0.02476EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/10/12 12:0 a.m.•35 views

cacti -- multiple vulnerabilities

The cacti developers reports: When viewing graphs, some input variables are not properly checked SQL injection possible. Multiple instances of lib/functions.php are affected by unsafe deserialization of user-controlled data to populate arrays. An authenticated attacker could use this to influence...

4.1AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2019/09/24 12:0 a.m.•35 views

Pillow -- Allocation of resources without limits or throttling

Mitre reports: An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very large amounts of memory or take an extremely long period of time to process the image...

7.5CVSS3.3AI score0.03154EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/06/21 12:0 a.m.•35 views

powerdns -- multiple vulnerabilities

PowerDNS Team reports: CVE-2019-10162: An issue has been found in PowerDNS Authoritative Server allowing an authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. The issue is due to the fact that the Authoritative Server will exit whe...

7.5CVSS2.6AI score0.01691EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/05/14 12:0 a.m.•35 views

FreeBSD -- IPv6 fragment reassembly panic in pf(4)

Problem Description: A bug in the pf4 IPv6 fragment reassembly logic incorrectly uses the last extension header offset from the last received packet instead of from the first packet. Impact: Malicious IPv6 packets with different IPv6 extensions could cause a kernel panic or potentially a filterin...

9.1CVSS2.7AI score0.03628EPSS
Exploits1
FreeBSD
FreeBSD
•added 2019/05/09 12:0 a.m.•35 views

Rust -- violation of Rust's safety guarantees

Sean McArthur reports: The Rust Programming Language Standard Library 1.34.x before 1.34.2 contains a stabilized method which, if overridden, can violate Rust's safety guarantees and cause memory unsafety. If the Error::typeid method is overridden then any type can be safely cast to any other typ...

8.1CVSS2.2AI score0.02216EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2019/03/20 12:0 a.m.•35 views

drupal -- Drupal core - Moderately critical - Cross Site Scripting

Drupal Security Team reports: Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting XSS vulnerability...

5.4CVSS1.6AI score0.12408EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2019/03/14 12:0 a.m.•35 views

Gitlab -- Vulnerability

Gitlab reports: Public project in a private group makes the group page publicly accessible...

9.8CVSS2AI score0.01692EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/07/15 12:0 a.m.•35 views

mutt -- remote code injection and path traversal vulnerability

Kevin J. McCarthy reports: Fixes a remote code injection vulnerability when "subscribing" to an IMAP mailbox, either via $imapchecksubscribed, or via the function in the browser menu. Mutt was generating a "mailboxes" command and sending that along to the muttrc parser. However, it was not escapi...

9.8CVSS7.3AI score0.06229EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/03/13 12:0 a.m.•35 views

mozilla -- multiple vulnerabilities

Mozilla Foundation reports: CVE-2018-5127: Buffer overflow manipulating SVG animatedPathSegList CVE-2018-5128: Use-after-free manipulating editor selection ranges CVE-2018-5129: Out-of-bounds write with malformed IPC messages CVE-2018-5130: Mismatched RTP payload type can trigger memory corruptio...

9.8CVSS9.2AI score0.08024EPSS
Exploits2References2
FreeBSD
FreeBSD
•added 2017/12/17 12:0 a.m.•35 views

rsync -- multiple vulnerabilities

Jeriko One reports: The receivexattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a trailing '\0' character in an xattr name, which allows remote attackers to cause a denial of service heap-based buffer over-read and application crash or possibly have unspecified...

9.8CVSS8.1AI score0.05163EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/09/21 12:0 a.m.•35 views

libvorbis -- two vulnerabilities

Two vulnerabilities were fixed in the upstream repository: The barknoisehybridmp function allows remote attackers to cause a denial of service out-of-bounds access and application crash or possibly have unspecified other impact via a crafted file. mapping0forward does not validate the number of...

7.7AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2017/08/17 12:0 a.m.•35 views

libsoup -- stack based buffer overflow

Tobias Mueller reports: libsoup is susceptible to a stack based buffer overflow attack when using chunked encoding. Regardless of libsoup being used as a server or client...

9.8CVSS9.2AI score0.24337EPSS
Exploits4References1
FreeBSD
FreeBSD
•added 2017/06/15 12:0 a.m.•35 views

rt and dependent modules -- multiple security vulnerabilities

BestPractical reports: Please reference CVE/URL list for details...

8.8CVSS7.4AI score0.03072EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/04/23 12:0 a.m.•35 views

weechat -- multiple vulnerabilities

Common Vulnerabilities and Exposures: WeeChat before 1.7.1 allows a remote crash by sending a filename via DCC to the IRC plugin. This occurs in the ircctcpdccfilenamewithoutquotes function during quote removal, with a buffer overflow...

7.5CVSS4.9AI score0.03107EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/04/01 12:0 a.m.•35 views

tiff -- multiple vulnerabilities

NVD reports: Please reference CVE/URL list for details...

9.8CVSS7.1AI score0.04427EPSS
Exploits8References10
FreeBSD
FreeBSD
•added 2017/03/09 12:0 a.m.•35 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 36 security fixes in this release Please reference CVE/URL list for details...

8.8CVSS7.4AI score0.41603EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2016/11/28 12:0 a.m.•35 views

mozilla -- data: URL can inherit wrong origin after an HTTP redirect

The Mozilla Foundation reports: Redirection from an HTTP connection to a data: URL assigns the referring site's origin to the data: URL in some circumstances. This can result in same-origin violations against a domain if it loads resources from malicious sites. Cross-origin setting of cookies has...

8.8CVSS0.2AI score0.01884EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2016/11/22 12:0 a.m.•35 views

xen-tools -- delimiter injection vulnerabilities in pygrub

The Xen Project reports: pygrub, the boot loader emulator, fails to quote or sanity check its results when reporting them to its caller. A malicious guest administrator can obtain the contents of sensitive host files an information leak. Additionally, a malicious guest administrator can cause fil...

7.9CVSS0.5AI score0.00441EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2016/11/02 12:0 a.m.•35 views

gitlab -- Directory traversal via "import/export" feature

GitLab reports: The import/export feature did not properly check for symbolic links in user-provided archives and therefore it was possible for an authenticated user to retrieve the contents of any file accessible to the GitLab service account. This included sensitive files such as those that...

6.5CVSS3.5AI score0.05388EPSS
Exploits39References1
FreeBSD
FreeBSD
•added 2016/11/01 12:0 a.m.•35 views

chromium -- out-of-bounds memory access

Google Chrome Releases reports: 659475 High CVE-2016-5198: Out of bounds memory access in V8. Credit to Tencent Keen Security Lab, working with Trend Micro's Zero Day Initiative...

8.8CVSS1.6AI score0.34703EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2016/11/01 12:0 a.m.•35 views

BIND -- Remote Denial of Service vulnerability

ISC reports: A defect in BIND's handling of responses containing a DNAME answer can cause a resolver to exit after encountering an assertion failure in db.c or resolver.c...

7.5CVSS6.9AI score0.38733EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2016/10/04 12:0 a.m.•35 views

X.org libraries -- multiple vulnerabilities

Matthieu Herrb reports: Tobias Stoeckmann from the OpenBSD project has discovered a number of issues in the way various X client libraries handle the responses they receive from servers, and has worked with X.Org's security team to analyze, confirm, and fix these issues. These issue come in...

9.8CVSS2AI score0.04526EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2016/09/14 12:0 a.m.•35 views

cURL -- Escape and unescape integer overflows

The cURL project reports The four libcurl functions curlescape, curleasyescape, curlunescape and curleasyunescape perform string URL percent escaping and unescaping. They accept custom string length inputs in signed integer arguments. The provided string length arguments were not properly checked...

9.8CVSS0.8AI score0.11737EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2016/09/13 12:0 a.m.•35 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: Several security fixes in this release, including: 641101 High CVE-2016-5170: Use after free in Blink.Credit to Anonymous 643357 High CVE-2016-5171: Use after free in Blink. Credit to Anonymous 616386 Medium CVE-2016-5172: Arbitrary Memory Read in v8. Credit to...

8.8CVSS1AI score0.0186EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2016/08/03 12:0 a.m.•35 views

Vulnerabilities in Curl

Curl security team reports: CVE-2016-5419 - TLS session resumption client cert bypass CVE-2016-5420 - Re-using connections with wrong client cert CVE-2016-5421 - use of connection struct after free...

8.1CVSS1.5AI score0.15063EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2016/05/25 12:0 a.m.•35 views

phpmyadmin -- XSS and sensitive data leakage

The phpmyadmin development team reports: Description Because user SQL queries are part of the URL, sensitive information made as part of a user query can be exposed by clicking on external links to attackers monitoring user GET query parameters or included in the webserver logs. Severity We...

1.5AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2016/04/07 12:0 a.m.•35 views

flash -- multiple vulnerabilities

Adobe reports: These updates harden a mitigation against JIT spraying attacks that could be used to bypass memory layout randomization mitigations CVE-2016-1006. These updates resolve type confusion vulnerabilities that could lead to code execution CVE-2016-1015, CVE-2016-1019. These updates...

10CVSS9.1AI score0.25639EPSS
Exploits5References1
FreeBSD
FreeBSD
•added 2016/04/05 12:0 a.m.•35 views

go -- remote denial of service

Jason Buberel reports: Go has an infinite loop in several big integer routines that makes Go programs vulnerable to remote denial of service attacks. Programs using HTTPS client authentication or the Go ssh server libraries are both exposed to this vulnerability...

7.5CVSS1.8AI score0.04335EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2016/03/16 12:0 a.m.•35 views

FreeBSD -- Incorrect argument validation in sysarch(2)

Problem Description: A special combination of sysarch2 arguments, specify a request to uninstall a set of descriptors from the LDT. The start descriptor is cleared and the number of descriptors are provided. Due to lack of sufficient bounds checking during argument validity verification, unbound...

6.2CVSS3.6AI score0.01263EPSS
Exploits6
FreeBSD
FreeBSD
•added 2016/03/10 12:0 a.m.•35 views

activemq -- Web Console Clickjacking

Michael Furman reports: The web based administration console does not set the X-Frame-Options header in HTTP responses. This allows the console to be embedded in a frame or iframe which could then be used to cause a user to perform an unintended action in the console...

6.1CVSS6.6AI score0.08323EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2016/03/02 12:0 a.m.•35 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 560011 High CVE-2016-1630: Same-origin bypass in Blink. 569496 High CVE-2016-1631: Same-origin bypass in Pepper Plugin. 549986 High CVE-2016-1632: Bad cast in Extensions. 572537 High CVE-2016-1633: Use-after-free in Blink. 559292 High CVE-2016-1634: Use-after-free ...

10CVSS2.2AI score0.02451EPSS
Exploits3References1
FreeBSD
FreeBSD
•added 2016/02/29 12:0 a.m.•35 views

rails -- multiple vulnerabilities

Ruby on Rails blog: Rails 4.2.5.2, 4.1.14.2, and 3.2.22.2 have been released! These contain the following important security fixes, and it is recommended that users upgrade as soon as possible...

3.4AI score
Exploits0References3
FreeBSD
FreeBSD
•added 2016/02/09 12:0 a.m.•35 views

libgcrypt -- side-channel attack on ECDH

GnuPG reports: Mitigate side-channel attack on ECDH with Weierstrass curves...

2CVSS5.3AI score0.00429EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2016/01/25 12:0 a.m.•35 views

rails -- multiple vulnerabilities

Ruby on Rails blog: Rails 5.0.0.beta1.1, 4.2.5.1, 4.1.14.1, and 3.2.22.1 have been released! These contain important security fixes, and it is recommended that users upgrade as soon as possible...

7.5CVSS6.8AI score0.95537EPSS
Exploits11References7
FreeBSD
FreeBSD
•added 2015/11/30 12:0 a.m.•35 views

qemu and xen-tools -- denial of service vulnerabilities in AMD PC-Net II NIC support

Prasad J Pandit, Red Hat Product Security Team, reports: Qemu emulator built with the AMD PC-Net II Ethernet Controller support is vulnerable to a heap buffer overflow flaw. While receiving packets in the loopback mode, it appends CRC code to the receive buffer. If the data size given is same as...

8AI score
Exploits0References7
FreeBSD
FreeBSD
•added 2015/11/12 12:0 a.m.•35 views

gdm -- lock screen bypass when holding escape key

Ray Strode reports: CVE-2015-7496 - lock screen bypass when holding escape key...

7.2CVSS6.6AI score0.00406EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2015/10/02 12:0 a.m.•35 views

gdk-pixbuf2 -- head overflow and DoS

reports: We found a heap overflow and a DoS in the gdk-pixbuf implementation triggered by the scaling of tga file. We found a heap overflow in the gdk-pixbuf implementation triggered by the scaling of gif file...

6.8CVSS7.7AI score0.05796EPSS
Exploits0References4
FreeBSD
FreeBSD
•added 2015/09/26 12:0 a.m.•35 views

unzip -- multiple vulnerabilities

Gustavo Grieco reports: Two issues were found in unzip 6.0: A heap overflow triggered by unzipping a file with password e.g unzip -p -P x sigsegv.zip. A denegation of service with a file that never finishes unzipping e.g. unzip sigxcpu.zip...

6.8CVSS6.5AI score0.07184EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/09/22 12:0 a.m.•35 views

libvpx -- buffer overflow in vp9_init_context_buffers

The Mozilla Project reports: Security researcher Khalil Zhani reported that a maliciously crafted vp9 format video could be used to trigger a buffer overflow while parsing the file. This leads to a potentially exploitable crash due to a flaw in the libvpx library...

6.8CVSS9.4AI score0.04925EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/08/20 12:0 a.m.•35 views

vlc -- arbitrary pointer dereference vulnerability

oCERT reports: The stable VLC version suffers from an arbitrary pointer dereference vulnerability. The vulnerability affects the 3GP file format parser, insufficient restrictions on a writable buffer can be exploited to execute arbitrary code via the heap memory. A specific 3GP file can be crafte...

6.8CVSS9.6AI score0.13337EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2015/08/18 12:0 a.m.•35 views

django -- multiple vulnerabilities

Tim Graham reports: Denial-of-service possibility in logout view by filling session store Previously, a session could be created when anonymously accessing the django.contrib.auth.views.logout view provided it wasn't decorated with django.contrib.auth.decorators.loginrequired as done in the admin...

5CVSS6.4AI score0.05163EPSS
Exploits0References1
Total number of security vulnerabilities5000