Lucene search
K
FreebsdMost viewed

6583 matches found

FreeBSD
FreeBSD
•added 2023/03/28 12:0 a.m.•33 views

Matrix clients -- Prototype pollution in matrix-js-sdk

Matrix developers report: Today we are issuing security releases of matrix-js-sdk and matrix-react-sdk to patch a pair of High severity vulnerabilities CVE-2023-28427 / GHSA-mwq8-fjpf-c2gr for matrix-js-sdk and CVE-2023-28103 / GHSA-6g43-88cp-w5gv for matrix-react-sdk. The issues involve prototyp...

8.2CVSS8.2AI score0.01185EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/03/14 12:0 a.m.•33 views

Grafana -- Stored XSS in Graphite FunctionDescription tooltip

Grafana Labs reports: When a user adds a Graphite data source, they can then use the data source in a dashboard. This capability contains a feature to use Functions. Once a function is selected, a small tooltip appears when hovering over the name of the function. This tooltip allows you to delete...

6.2CVSS5.2AI score0.00954EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2023/02/22 12:0 a.m.•33 views

go -- crypto/elliptic: incorrect P-256 ScalarMult and ScalarBaseMult results

The Go project reports: crypto/elliptic: incorrect P-256 ScalarMult and ScalarBaseMult results The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars a scalar larger than the order of the curve...

5.3CVSS6.6AI score0.00817EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/02/15 12:0 a.m.•33 views

clamav -- Multiple vulnerabilities

Simon Scannell reports: CVE-2023-20032 Fixed a possible remote code execution vulnerability in the HFS+ file parser. CVE-2023-20052 Fixed a possible remote information leak vulnerability in the DMG file parser...

9.8CVSS8.1AI score0.29314EPSS
Exploits5References1
FreeBSD
FreeBSD
•added 2023/02/08 12:0 a.m.•33 views

py-cryptography -- includes a vulnerable copy of OpenSSL

pyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in cryptography 0.8.1-39.0.0 are vulnerable to a security issue. More details about the vulnerabilities themselves can be found in https://www.openssl.org/news/secadv/20221213.txt and...

7.4CVSS8.1AI score0.59501EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/01/17 12:0 a.m.•33 views

git -- Heap overflow in `git archive`, `git log --format` leading to RCE

The git team reports: git log has the ability to display commits using an arbitrary format with its --format specifiers. This functionality is also exposed to git archive via the export-subst gitattribute. When processing the padding operators e.g., %, %, or % , an integer overflow can occur in...

9.8CVSS7.6AI score0.44268EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2022/11/05 12:0 a.m.•33 views

krb5 -- Integer overflow vulnerabilities in PAC parsing

MITKRB5-SA-2022-001 Vulnerabilities in PAC parsing: Due to an integer overflow vulnerabilities in PAC parsing An authenticated attacker may be able to cause a KDC or kadmind process to crash by reading beyond the bounds of allocated memory, creating a denial of service. On 32-bit platforms an...

4.3AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2022/04/12 12:0 a.m.•33 views

go -- syscall.Faccessat checks wrong group on Linux

The Go project reports: When called with a non-zero flags parameter, the syscall.Faccessat function could incorrectly report that a file is accessible. This bug only occurs on Linux systems...

5.3CVSS2.3AI score0.02593EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2022/02/17 12:0 a.m.•33 views

Qt5 -- QProcess unexpected search path

The Qt Company reports: Recently, the Qt Project's security team was made aware of an issue regarding QProcess and determined it to be a security issue on Unix-based platforms only. We do not believe this to be a considerable risk for applications as the likelihood of it being triggered is minima...

7.8CVSS7.6AI score0.00334EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2022/01/18 12:0 a.m.•33 views

Grafana -- Teams API IDOR

Grafana Labs reports: On Jan. 18, an external security researcher, Kürşad ALSAN from NSPECT.IO @nspectio on Twitter, contacted Grafana to disclose an IDOR Insecure Direct Object Reference vulnerability on Grafana Teams APIs. This vulnerability only impacts the following API endpoints:...

4.3CVSS1.9AI score0.01185EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2022/01/15 12:0 a.m.•33 views

aide -- heap-based buffer overflow

David Bouman reports: AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata such as XFS extended attributes or tmpfs ACLs, because of a heap-based buffer overflow. Aide uses a fixed size 16k bytes for the return buffer in encodebase64/decodebase64 functions. Th...

7.8CVSS5.7AI score0.00493EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2021/12/14 12:0 a.m.•33 views

OpenSearch -- Log4Shell

OpenSearch reports: CVE-2021-45046 was issued shortly following the release of OpenSearch 1.2.1. This new CVE advises upgrading from Log4j 2.15.0 used in OpenSearch 1.2.1 to Log4j 2.16.0. Out of an abundance of caution, the team is releasing OpenSearch 1.2.2 which includes Log4j 2.16.0. While the...

9CVSS1.6AI score0.99977EPSS
Exploits40References1
FreeBSD
FreeBSD
•added 2021/11/04 12:0 a.m.•33 views

go -- multiple vulnerabilities

The Go project reports: debug/macho fails out when loading a file that contains a dynamic symbol table command that indicates a larger number of symbols than exist in the loaded symbol table. Previously, opening a zip with Reader.Open could result in a panic if the zip contained a file whose name...

7.8AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2021/06/07 12:0 a.m.•33 views

dino -- Path traversal in Dino file transfers

Dino team reports: It was discovered that when a user receives and downloads a file in Dino, URI-encoded path separators in the file name will be decoded, allowing an attacker to traverse directories and create arbitrary files in the context of the user...

5.3CVSS3.8AI score0.01766EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2021/03/17 12:0 a.m.•33 views

dnsmasq -- cache poisoning vulnerability in certain configurations

Simon Kelley reports: In configurations where the forwarding server address contains an @ character for specifying a sending interface or source address, the random source port behavior was disabled, making cache poisoning attacks possible. This only affects configurations of the form...

4.3CVSS5.4AI score0.01988EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2021/01/29 12:0 a.m.•33 views

mod_dav_svn -- server crash

Subversion project reports: Subversion's modauthzsvn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repository URL...

7.5CVSS7.5AI score0.40075EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2020/12/09 12:0 a.m.•33 views

py-matrix-synapse -- DoS on Federation API

Matrix developers reports: A malicious or poorly-implemented homeserver can inject malformed events into a room by specifying a different room id in the path of a /sendjoin, /sendleave, /invite or /exchangethirdpartyinvite request. This can lead to a denial of service in which future events will...

6.5CVSS2.9AI score0.02363EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/12/08 12:0 a.m.•33 views

jasper -- heap overflow vulnerability

JasPer NEWS: Fix CVE-2020-27828, heap-overflow in cpcreate in jpcenc.c...

7.8CVSS1.6AI score0.01371EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2020/12/01 12:0 a.m.•33 views

FreeBSD -- ICMPv6 use-after-free in error message handling

Problem Description: When an ICMPv6 error message is received, the FreeBSD ICMPv6 stack may extract information from the message to hand to upper-layer protocols. As a part of this operation, it may parse IPv6 header options from a packet embedded in the ICMPv6 message. The handler for a routing...

7.5CVSS1AI score0.01221EPSS
Exploits0
FreeBSD
FreeBSD
•added 2020/08/05 12:0 a.m.•33 views

FreeBSD -- sendmsg(2) privilege escalation

Problem Description: When handling a 32-bit sendmsg2 call, the compat32 subsystem copies the control message to be transmitted if any into kernel memory, and adjusts alignment of control message headers. The code which performs this work contained a time-of-check to time-of-use TOCTOU vulnerabili...

7CVSS2.5AI score0.00721EPSS
Exploits0
FreeBSD
FreeBSD
•added 2020/07/16 12:0 a.m.•33 views

clamav -- multiple vulnerabilities

Micah Snyder reports: CVE-2020-3350 Fixed a vulnerability a malicious user could exploit to replace a scan target's directory with a symlink to another path to trick clamscan, clamdscan, or clamonacc into removing or moving a different file such as a critical system file. The issue would affect...

7.5CVSS1.4AI score0.05063EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/07/01 12:0 a.m.•33 views

Mbed TLS -- Side-channel attack on ECC key import and validation

Manuel Pégourié-Gonnard reports: The scalar multiplication function in Mbed TLS accepts a random number generator RNG as an optional argument and, if provided, uses it to protect against some attacks. It is the caller's responsibility to provide a RNG if protection against side-channel attacks is...

1.5AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2020/06/17 12:0 a.m.•33 views

BIND -- Remote Denial of Service vulnerability

ISC reports: An assertion check in BIND that is meant to prevent going beyond the end of a buffer when processing incoming data can be incorrectly triggered by a large response during zone transfer...

4.9CVSS2.7AI score0.01833EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/06/02 12:0 a.m.•33 views

websocket-extensions -- ReDoS vulnerability

Changelog: Remove a ReDoS vulnerability in the header parser CVE-2020-7663...

7.5CVSS2.2AI score0.04404EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2020/04/22 12:0 a.m.•33 views

kaminari -- potential XSS vulnerability

Kaminari Security Advisories: There was a vulnerability in versions of Kaminari that would allow an attacker to inject arbitrary code into pages with pagination links. The 1.2.1 gem including the patch has already been released. All past released versions are affected by this vulnerability...

6.4CVSS5AI score0.01508EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2019/11/07 12:0 a.m.•33 views

asterisk -- Re-invite with T.38 and malformed SDP causes crash

The Asterisk project reports: If Asterisk receives a re-invite initiating T.38 faxing and has a port of 0 and no c line in the SDP, a crash will occur...

7.5CVSS2AI score0.06677EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/11/05 12:0 a.m.•33 views

squid -- Vulnerable to HTTP Digest Authentication

Squid Team reports: Problem Description: Due to incorrect data management Squid is vulnerable to a information disclosure when processing HTTP Digest Authentication. Severity: Nonce tokens contain the raw byte value of a pointer which sits within heap memory allocation. This information reduces...

7.5CVSS1.2AI score0.40982EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2019/07/28 12:0 a.m.•33 views

nsd -- Stack-based Buffer Overflow

Frederic Cambus reports: nsd-checkzone in NLnet Labs NSD 4.2.0 has a Stack-based Buffer Overflow in the dnameconcatenate function in dname.c...

9.8CVSS9.3AI score0.02026EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2019/06/27 12:0 a.m.•33 views

libzmq4 -- Stack overflow

Fang-Pen Lin reports: A remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due to a buffer overflow in the library. Users running...

9.8CVSS4.1AI score0.42464EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2019/05/14 12:0 a.m.•33 views

FreeBSD -- ICMP/ICMP6 packet filter bypass in pf

Problem Description: States in pf4 let ICMP and ICMP6 packets pass if they have a packet in their payload matching an existing condition. pf4 does not check if the outer ICMP or ICMP6 packet has the same destination IP as the source IP of the inner protocol packet. Impact: A maliciously crafted...

7.5CVSS1.2AI score0.03339EPSS
Exploits1
FreeBSD
FreeBSD
•added 2019/03/14 12:0 a.m.•33 views

libssh2 -- multiple issues

libssh2 developers report: Defend against possible integer overflows in compmethodzlibdecomp. Defend against writing beyond the end of the payload in libssh2transportread. Sanitize paddinglength - libssh2transportread. This prevents an underflow resulting in a potential out-of-bounds read if a...

9.3CVSS2.4AI score0.09219EPSS
Exploits0References10
FreeBSD
FreeBSD
•added 2019/02/05 12:0 a.m.•33 views

Gitlab -- Multiple vulnerabilities

Gitlab reports: Leak of Confidential Issue and Merge Request Titles Persistent XSS in User Status...

9.1CVSS3AI score0.01506EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/06/23 12:0 a.m.•33 views

GraphicsMagick -- SVG/Rendering vulnerability

GraphicsMagick News: Fix heap write overflow of PrimitiveInfo and PointInfo arrays. This is another manefestation of CVE-2016-2317, which should finally be fixed correctly due to active detection/correction of pending overflow rather than using estimation...

5.5CVSS2.5AI score0.0199EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/04/30 12:0 a.m.•33 views

Gitlab -- multiple vulnerabilities

GitLab reports: Persistent XSS in Move Issue using project namespace Download Archive allowing unauthorized private repo access Mattermost Updates...

6.1CVSS4.2AI score0.00888EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/04/26 12:0 a.m.•33 views

wget -- cookie injection vulnerability

Harry Sintonen of F-Secure Corporation reports: GNU Wget is susceptible to a malicious web server injecting arbitrary cookies to the cookie jar file...

6.5CVSS1.4AI score0.17249EPSS
Exploits5References1
FreeBSD
FreeBSD
•added 2018/03/13 12:0 a.m.•33 views

Flash Player -- multiple vulnerabilities

Adobe reports: This update resolves a use-after-free vulnerability that could lead to remote code execution CVE-2018-4919. This update resolves a type confusion vulnerability that could lead to remote code execution CVE-2018-4920...

9.3CVSS9AI score0.07871EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/01/31 12:0 a.m.•33 views

strongswan - Insufficient input validation in RSASSA-PSS signature parser

Strongswan Release Notes reports: Fixed a DoS vulnerability in the parser for PKCS1 RSASSA-PSS signatures that was caused by insufficient input validation. One of the configurable parameters in algorithm identifier structures for RSASSA-PSS signatures is the mask generation function MGF. Only MGF...

5.3CVSS5.9AI score0.01069EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/01/16 12:0 a.m.•33 views

gitlab -- Remote code execution on project import

GitLab developers report: Today we are releasing versions 10.3.4, 10.2.6, and 10.1.6 for GitLab Community Edition CE and Enterprise Edition EE. These versions contain a number of important security fixes, including two that prevent remote code execution, and we strongly recommend that all GitLab...

8.8AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2017/12/14 12:0 a.m.•33 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 2 security fixes in this release, including: 788453 High CVE-2017-15429: UXSS in V8. Reported by Anonymous on 2017-11-24 794792 Various fixes from internal audits, fuzzing and other initiatives...

6.1CVSS7.6AI score0.01142EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/12/04 12:0 a.m.•33 views

libraw -- multiple DoS vulnerabilities

Secunia Research reports: CVE-2017-16909: An error related to the "LibRaw::panasonicloadraw" function dcrawcommon.cpp can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image. CVE-2017-16910: An error within the...

8.8CVSS7.6AI score0.01993EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2017/10/27 12:0 a.m.•33 views

konversation -- crash in IRC message parsing

KDE reports: Konversation has support for colors in IRC messages. Any malicious user connected to the same IRC network can send a carefully crafted message that will crash the Konversation user client...

7.5CVSS7.3AI score0.02732EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2017/10/17 12:0 a.m.•33 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 35 security fixes in this release, including: 762930 High CVE-2017-5124: UXSS with MHTML. Reported by Anonymous on 2017-09-07 749147 High CVE-2017-5125: Heap overflow in Skia. Reported by Anonymous on 2017-07-26 760455 High CVE-2017-5126: Use after free in PDFium...

8.8CVSS8.3AI score0.05245EPSS
Exploits6References1
FreeBSD
FreeBSD
•added 2017/10/09 12:0 a.m.•33 views

ffmpeg -- multiple vulnerabilities

MITRE reports: Multiple vulnerabilities have been found in FFmpeg. Please refer to CVE list for details. Note: CVE-2017-15186 and CVE-2017-15672 affect only the 3.3 branch before 3.3.5, CVE-2017-16840 and CVE-2017-17081 have been fixed in 3.4.1. They're listed here for completeness of the record...

9.8CVSS2.1AI score0.03332EPSS
Exploits0References6
FreeBSD
FreeBSD
•added 2017/10/08 12:0 a.m.•33 views

unbound -- vulnerability in the processing of wildcard synthesized NSEC records

Unbound reports: We discovered a vulnerability in the processing of wildcard synthesized NSEC records. While synthesis of NSEC records is allowed by RFC4592, these synthesized owner names should not be used in the NSEC processing. This does, however, happen in Unbound 1.6.7 and earlier versions...

5.3CVSS6.1AI score0.0263EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/09/23 12:0 a.m.•33 views

weechat -- crash in logger plugin

WeeChat reports: security problem: a crash can happen in logger plugin when converting date/time specifiers in file mask...

7.5CVSS7.6AI score0.02836EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/09/07 12:0 a.m.•33 views

libgd -- Denial of servica via double free

libgd developers report: Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors...

7.5CVSS7.4AI score0.05102EPSS
Exploits0References4
FreeBSD
FreeBSD
•added 2017/09/05 12:0 a.m.•33 views

chromium -- multiple vulnerabilities

Google Chrome releases reports: 22 security fixes in this release, including: 737023 High CVE-2017-5111: Use after free in PDFium. Reported by Luat Nguyen on KeenLab, Tencent on 2017-06-27 740603 High CVE-2017-5112: Heap buffer overflow in WebGL. Reported by Tobias Klein on 2017-07-10 747043 High...

8.8CVSS8AI score0.26331EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/08/09 12:0 a.m.•33 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: Several security fixes in this release, including: 780450 High CVE-2018-6031: Use after free in PDFium. Reported by Anonymous on 2017-11-01 787103 High CVE-2018-6032: Same origin bypass in Shared Worker. Reported by Jun Kokatsu @shhnjk on 2017-11-20 793620 High...

8.8CVSS7.6AI score0.02149EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/07/11 12:0 a.m.•33 views

Flash Player -- multiple vulnerabilities

Adobe reports: These updates resolve security bypass vulnerability that could lead to information disclosure CVE-2017-3080. These updates resolve memory corruption vulnerability that could lead to remote code execution CVE-2017-3099. These updates resolve memory corruption vulnerability that coul...

9.3CVSS8.2AI score0.08552EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/07/06 12:0 a.m.•33 views

evince and atril -- command injection vulnerability in CBT handler

GNOME reports: The comic book backend in evince 3.24.0 and earlier is vulnerable to a command injection bug that can be used to execute arbitrary commands when a CBT file is opened. The same vulnerability affects atril, the Evince fork...

7.8CVSS8.3AI score0.50826EPSS
Exploits9References2
Total number of security vulnerabilities5000