Lucene search
K
FreebsdMost viewed

6585 matches found

FreeBSD
FreeBSD
•added 2024/04/03 12:0 a.m.•32 views

go -- http2: close connections when receiving too many headers

The Go project reports: http2: close connections when receiving too many headers Maintaining HPACK state requires that we parse and process all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, we don't allocate memory to store the excess headers but...

7.5CVSS7AI score0.91969EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2024/02/28 12:0 a.m.•32 views

electron{27,28} -- Use after free in Mojo

Electron developers report: This update fixes the following vulnerability: Security: backported fix for CVE-2024-1670...

8.8CVSS7AI score0.08994EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2024/02/06 12:0 a.m.•32 views

chromium -- multiple security fixes

Chrome Releases reports: This update includes 3 security fixes: 41494539 High CVE-2024-1284: Use after free in Mojo. Reported by Anonymous on 2024-01-25 41494860 High CVE-2024-1283: Heap buffer overflow in Skia. Reported by Jorge Buzeti @r3tr074 on 2024-01-25...

9.8CVSS8.5AI score0.0152EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/10/18 12:0 a.m.•32 views

electron{25,26} -- Use after free in Site Isolation

Electron developers report: This update fixes the following vulnerability: Security: backported fix for CVE-2023-5218...

8.8CVSS7AI score0.0126EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/09/12 12:0 a.m.•32 views

vscode -- VS Code Remote Code Execution Vulnerability

VSCode developers report: Visual Studio Code Remote Code Execution Vulnerability A remote code execution vulnerability exists in VS Code 1.82.0 and earlier versions that working in a maliciously crafted package.json can result in executing commands locally. This scenario would require the attacke...

7.8CVSS7.7AI score0.01206EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2023/08/30 12:0 a.m.•32 views

electron25 -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2023-4427. Security: backported fix for CVE-2023-4428. Security: backported fix for CVE-2023-4429. Security: backported fix for CVE-2023-4430. Security: backported fix for CVE-2023-4572...

8.8CVSS8.4AI score0.3398EPSS
Exploits0References5
FreeBSD
FreeBSD
•added 2023/08/02 12:0 a.m.•32 views

electron{22,23,24,25} -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2023-3732. Security: backported fix for CVE-2023-3728. Security: backported fix for CVE-2023-3730...

8.8CVSS8.7AI score0.01002EPSS
Exploits2References3
FreeBSD
FreeBSD
•added 2023/06/05 12:0 a.m.•32 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This update includes 2 security fixes: 1450481 High CVE-2023-3079: Type Confusion in V8. Reported by Clément Lecigne of Google's Threat Analysis Group on 2023-06-01...

8.8CVSS7AI score0.32724EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2023/05/02 12:0 a.m.•32 views

Gitlab -- Multiple Vulnerabilities

Gitlab reports: Privilege escalation for external users when OIDC is enabled under certain conditions Account takeover through open redirect for Group SAML accounts Users on banned IP addresses can still commit to projects User with developer role group can modify Protected branches setting on...

8.8CVSS7.2AI score0.01039EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2023/04/24 12:0 a.m.•32 views

jellyfin -- Multiple vulnerabilities

[email protected] reports: Jellyfin is a free-software media system. Versions starting with 10.8.0 and prior to 10.8.10 and prior have a directory traversal vulnerability inside the ClientLogController, specifically /ClientLog/Document. When combined with a cross-site scripting...

9CVSS7AI score0.01972EPSS
Exploits3References2
FreeBSD
FreeBSD
•added 2023/04/17 12:0 a.m.•32 views

redis -- HINCRBYFLOAT can be used to crash a redis-server process

Redis core team reports: Authenticated users can use the HINCRBYFLOAT command to create an invalid hash field that may later crash Redis on access...

6.5CVSS7AI score0.00963EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/03/29 12:0 a.m.•32 views

powerdns-recursor -- denial of service

PowerDNS Team reports: PowerDNS Security Advisory 2023-02: Deterred spoofing attempts can lead to authoritative servers being marked unavailable...

5.3CVSS5.7AI score0.00593EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2022/12/13 12:0 a.m.•32 views

typo3 -- multiple vulnerabilities

TYPO3 reports: TYPO3-CORE-SA-2022-012: Denial of Service in Page Error Handling. TYPO3-CORE-SA-2022-013: Weak Authentication in Frontend Login. TYPO3-CORE-SA-2022-014: Insufficient Session Expiration after Password Reset. TYPO3-CORE-SA-2022-015: Arbitrary Code Execution via Form Framework...

8.8CVSS1.6AI score0.00785EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2022/11/08 12:0 a.m.•32 views

Grafana -- Privilege escalation

Grafana Labs reports: Internal security audit identified a race condition in the Grafana codebase, which allowed an unauthenticated user to query an arbitrary endpoint in Grafana. A race condition in the HTTP context creation could make a HTTP request being assigned the authentication/authorizati...

9.8CVSS1.6AI score0.00922EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2022/10/11 12:0 a.m.•32 views

chromium -- mulitple vulnerabilities

Chrome Releases reports: This release contains 6 security fixes: 1364604 High CVE-2022-3445: Use after free in Skia. Reported by Nan Wang @eternalsakura13 and Yong Liu of 360 Vulnerability Research Institute on 2022-09-16 1368076 High CVE-2022-3446: Heap buffer overflow in WebSQL. Reported by...

8.8CVSS1.2AI score0.00683EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2022/10/03 12:0 a.m.•32 views

strongswan -- DOS attack vulnerability

Lahav Schlesinger reported a bug related to online certificate revocation checking that can lead to a denial-of-service attack...

7.5CVSS1.7AI score0.01634EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2022/09/06 12:0 a.m.•32 views

go -- multiple vulnerabilities

The Go project reports: net/http: handle server errors after sending GOAWAY A closing HTTP/2 server connection could hang forever waiting for a clean shutdown that was preempted by a subsequent fatal error. This failure mode could be exploited to cause a denial of service. net/url: JoinPath does...

7.5CVSS7.7AI score0.02607EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2021/12/06 12:0 a.m.•32 views

Gitlab -- Multiple Vulnerabilities

Gitlab reports: Group members with developer role can escalate their privilege to maintainer on projects that they import When user registration is limited, external users that aren't developers shouldn't have access to the CI Lint API Collision in access memoization leads to potential elevated...

8.8CVSS2.3AI score0.35649EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2021/08/26 12:0 a.m.•32 views

libssh -- possible heap-buffer overflow vulnerability

libssh security advisories: The SSH protocol keeps track of two shared secrets during the lifetime of the session. One of them is called secrethash and and the other sessionid. Initially, both of them are the same, but after key re-exchange, previous sessionid is kept and used as an input to new...

6.5CVSS2.4AI score0.04683EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2021/08/18 12:0 a.m.•32 views

go -- archive/zip: overflow in preallocation check can cause OOM panic

The Go project reports: An oversight in the previous fix still allows for an OOM panic when the indicated directory size in the archive header is so large that subtracting it from the archive size overflows a uint64, effectively bypassing the check that the number of files in the archive is...

7.5CVSS2.2AI score0.06934EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2021/05/13 12:0 a.m.•32 views

py-flask-caching -- remote code execution or local privilege escalation vulnerabilities

subnix reports: The Flask-Caching extension through 2.0.2 for Flask relies on Pickle for serialization, which may lead to remote code execution or local privilege escalation. If an attacker gains access to cache storage e.g., filesystem, Memcached, Redis, etc., they can construct a crafted payloa...

9.8CVSS7.9AI score0.07288EPSS
Exploits3References2
FreeBSD
FreeBSD
•added 2021/04/22 12:0 a.m.•32 views

Django -- multiple vulnerabilities

Django Release reports: CVE-2021-31542:Potential directory-traversal via uploaded files. MultiPartParser, UploadedFile, and FieldFile allowed directory-traversal via uploaded files with suitably crafted file names...

7.5CVSS4.2AI score0.05291EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2021/04/06 12:0 a.m.•32 views

FreeBSD -- jail escape possible by mounting over jail root

Problem Description: Due to a race condition between lookup of ".." and remounting a filesystem, a process running inside a jail might access filesystem hierarchy outside of jail. Impact: A process with superuser privileges running inside a jail configured with the allow.mount permission not...

7.5CVSS0.7AI score0.0018EPSS
Exploits0
FreeBSD
FreeBSD
•added 2021/04/01 12:0 a.m.•32 views

mdbook -- XSS in mdBook's search page

Rust Security Response Working Group reports: The search feature of mdBook introduced in version 0.1.4 was affected by a cross site scripting vulnerability that allowed an attacker to execute arbitrary JavaScript code on an user's browser by tricking the user into typing a malicious search query,...

8.2CVSS1.5AI score0.01254EPSS
Exploits0References5
FreeBSD
FreeBSD
•added 2021/02/18 12:0 a.m.•32 views

asterisk -- Remote attacker could prematurely tear down SRTP calls

The Asterisk project reports: An unauthenticated remote attacker could replay SRTP packets which could cause an Asterisk instance configured without strict RTP validation to tear down calls prematurely...

7.5CVSS2.4AI score0.03587EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/12/24 12:0 a.m.•32 views

cacti -- SQL Injection was possible due to incorrect validation order

Cati team reports: Due to a lack of validation, datadebug.php can be the source of a SQL injection...

8.8CVSS1.8AI score0.04599EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2020/09/15 12:0 a.m.•32 views

FreeBSD -- bhyve SVM guest escape

Problem Description: A number of AMD virtualization instructions operate on host physical addresses, are not subject to nested page table translation, and guest use of these instructions was not trapped. Impact: From kernel mode a malicious guest can write to arbitrary host memory with some...

7.6CVSS0.8AI score0.00258EPSS
Exploits0
FreeBSD
FreeBSD
•added 2020/08/18 12:0 a.m.•32 views

chromium -- heap buffer overflow

Chrome Releases reports: This release contains one security fix: 1115345 High CVE-2020-6556: Heap buffer overflow in SwiftShader. Reported by Alison Huffman, Microsoft Browser Vulnerability Research on 2020-08-12...

9.3CVSS1.5AI score0.03291EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/08/17 12:0 a.m.•32 views

mail/dovecot -- multiple vulnerabilities

Aki Tuomi reports: When imap hibernation is active, an attacker can cause Dovecot to discover file system directory structure and access other users' emails using specially crafted command. The attacker must have valid credentials to access the mail server. Mail delivery / parsing crashed when th...

7.5CVSS3.4AI score0.05215EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2020/06/29 12:0 a.m.•32 views

Python -- multiple vulnerabilities

Python reports: bpo-41162:Audit hooks are now cleared later during finalization to avoid missing events. bpo-29778:Ensure python3.dll is loaded from correct locations when Python is embedded...

7.8CVSS1.1AI score0.00895EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/06/18 12:0 a.m.•32 views

Several issues in Lynis

lynis update: This release resolves two security issues CVE-2020-13882 - Discovered by Sander Bos, code submission by Katarina Durechova CVE-2019-13033 - Discovered by Sander Bos...

4.2CVSS2.1AI score0.00365EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/06/10 12:0 a.m.•32 views

Anydesk -- Multiple Vulnerabilities

Anydesk reports: AnyDesk before 5.5.3 on Linux and FreeBSD has a format string vulnerability that can be exploited for remote code execution...

9.8CVSS2.4AI score0.80551EPSS
Exploits8References1
FreeBSD
FreeBSD
•added 2020/06/01 12:0 a.m.•32 views

Django -- multiple vulnerabilities

Django security release reports: CVE-2020-13254: Potential data leakage via malformed memcached keys In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage. In order to avoid this vulnerability,...

6.1CVSS4.1AI score0.0609EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/03/19 12:0 a.m.•32 views

FreeBSD -- Insufficient oce(4) ioctl(2) privilege checking

Problem Description: The driver-specific ioctl2 command handlers in oce4 failed to check whether the caller has sufficient privileges to perform the corresponding operation. Impact: The oce4 handler permits unprivileged users to send passthrough commands to device firmware...

5.5CVSS3.4AI score0.00259EPSS
Exploits0
FreeBSD
FreeBSD
•added 2020/02/25 12:0 a.m.•32 views

Django -- potential SQL injection vulnerability

MITRE CVE reports: Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. By passing a suitably crafted tolerance to GIS functions and aggregates on Oracle, it was...

8.8CVSS2.9AI score0.22513EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2020/02/22 12:0 a.m.•32 views

OpenSMTPd -- LPE and RCE in OpenSMTPD's default install

OpenSMTPD developers reports: An out of bounds read in smtpd allows an attacker to inject arbitrary commands into the envelope file which are then executed as root. Separately, missing privilege revocation in smtpctl allows arbitrary commands to be run with the smtpq group. An unprivileged local...

10CVSS5AI score0.889EPSS
Exploits14References2
FreeBSD
FreeBSD
•added 2020/01/28 12:0 a.m.•32 views

FreeBSD -- libfetch buffer overflow

Problem Description: A programming error allows an attacker who can specify a URL with a username and/or password components to overflow libfetch3 buffers. Impact: An attacker in control of the URL to be fetched possibly via HTTP redirect may cause a heap buffer overflow, resulting in program...

9.8CVSS3.6AI score0.02497EPSS
Exploits0
FreeBSD
FreeBSD
•added 2020/01/28 12:0 a.m.•32 views

pkg -- vulnerability in libfetch

A programming error allows an attacker who can specify a URL with a username and/or password components to overflow libfetch3 buffers...

9.8CVSS5.1AI score0.02497EPSS
Exploits0
FreeBSD
FreeBSD
•added 2020/01/25 12:0 a.m.•32 views

Client/server denial of service when handling AES-CTR ciphers

The libssh team reports originally reported by Yasheng Yang from Google: A malicious client or server could crash the counterpart implemented with libssh AES-CTR ciphers are used and don't get fully initialized. It will crash when it tries to cleanup the AES-CTR ciphers when closing the connectio...

5.3CVSS1.7AI score0.03065EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/01/14 12:0 a.m.•32 views

dovecot -- multiple vulnerabilities

Aki Tuomi reports: lib-smtp doesn't handle truncated command parameters properly, resulting in infinite loop taking 100% CPU for the process. This happens for LMTP where it doesn't matter so much and also for submission-login where unauthenticated users can trigger it. Aki also reports: Snippet...

6.8AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2019/12/08 12:0 a.m.•32 views

rack -- information leak / session hijack vulnerability

National Vulnerability Database: There's a possible information leak / session hijack vulnerability in Rack RubyGem rack. This vulnerability is patched in versions 1.6.12 and 2.0.8. Attackers may be able to find and hijack sessions by using timing attacks targeting the session id. Session ids are...

6.3CVSS2.3AI score0.03687EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2019/10/17 12:0 a.m.•32 views

asterisk -- SIP request can change address of a SIP peer

The Asterisk project reports: A SIP request can be sent to Asterisk that can change a SIP peers IP address. A REGISTER does not need to occur, and calls can be hijacked as a result. The only thing that needs to be known is the peers name; authentication details such as passwords do not need to be...

6.5CVSS2AI score0.02047EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/08/26 12:0 a.m.•32 views

file -- Heap buffer overflow possible

mitre reports cdfreadpropertyinfo in cdf.c in file through 5.37 does not restrict the number of CDFVECTOR elements, which allows a heap-based buffer overflow 4-byte out-of-bounds write...

7.8CVSS2.2AI score0.0185EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2019/07/23 12:0 a.m.•32 views

xymon-server -- multiple vulnerabilities

Japheth Cleaver reports: Several buffer overflows were reported by University of Cambridge Computer Security Incident Response Team...

9.8CVSS3.8AI score0.02425EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2019/06/28 12:0 a.m.•32 views

asterisk -- Remote Crash Vulnerability in chan_sip channel driver

The Asterisk project reports: When T.38 faxing is done in Asterisk a T.38 reinvite may be sent to an endpoint to switch it to T.38. If the endpoint responds with an improperly formatted SDP answer including both a T.38 UDPTL stream and an audio or video stream containing only codecs not allowed o...

5.3CVSS1.5AI score0.04031EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/06/13 12:0 a.m.•32 views

asterisk -- Remote crash vulnerability with MESSAGE messages

The Asterisk project reports: A specially crafted SIP in-dialog MESSAGE message can cause Asterisk to crash...

6.5CVSS2.6AI score0.04235EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/05/29 12:0 a.m.•32 views

bro -- Unsafe integer conversions can cause unintentional code paths to be executed

Jon Siwek of Corelight reports: The following Denial of Service vulnerabilities are addressed: Integer type mismatches in BinPAC-generated parser code and Bro analyzer code may allow for crafted packet data to cause unintentional code paths in the analysis logic to be taken due to unsafe integer...

7.5CVSS6.8AI score0.01411EPSS
Exploits1
FreeBSD
FreeBSD
•added 2019/04/30 12:0 a.m.•32 views

Gitlab -- Information Disclosure

Gitlab reports: Information Disclosure with Limited Scope Token...

7.5CVSS0.8AI score0.01163EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/11/06 12:0 a.m.•32 views

moodle -- Login CSRF vulnerability

moodle reports: The login form is not protected by a token to prevent login cross-site request forgery...

8.8CVSS3AI score0.02326EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/06/06 12:0 a.m.•32 views

chromium -- Incorrect handling of CSP header

Google Chrome Releases reports: 1 security fix contributed by external researchers: 845961 High CVE-2018-6148: Incorrect handling of CSP header. Reported by Michal Bentkowski on 2018-05-23...

6.5CVSS2.8AI score0.00704EPSS
Exploits0References1
Total number of security vulnerabilities5000