Lucene search
K
FreebsdMost viewed

6585 matches found

FreeBSD
FreeBSD
added 2019/08/26 12:0 a.m.32 views

file -- Heap buffer overflow possible

mitre reports cdfreadpropertyinfo in cdf.c in file through 5.37 does not restrict the number of CDFVECTOR elements, which allows a heap-based buffer overflow 4-byte out-of-bounds write...

7.8CVSS2.2AI score0.0185EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2019/07/23 12:0 a.m.32 views

xymon-server -- multiple vulnerabilities

Japheth Cleaver reports: Several buffer overflows were reported by University of Cambridge Computer Security Incident Response Team...

9.8CVSS3.8AI score0.02425EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2019/06/28 12:0 a.m.32 views

asterisk -- Remote Crash Vulnerability in chan_sip channel driver

The Asterisk project reports: When T.38 faxing is done in Asterisk a T.38 reinvite may be sent to an endpoint to switch it to T.38. If the endpoint responds with an improperly formatted SDP answer including both a T.38 UDPTL stream and an audio or video stream containing only codecs not allowed o...

5.3CVSS1.5AI score0.04031EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2019/06/13 12:0 a.m.32 views

asterisk -- Remote crash vulnerability with MESSAGE messages

The Asterisk project reports: A specially crafted SIP in-dialog MESSAGE message can cause Asterisk to crash...

6.5CVSS2.6AI score0.04235EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2019/05/29 12:0 a.m.32 views

bro -- Unsafe integer conversions can cause unintentional code paths to be executed

Jon Siwek of Corelight reports: The following Denial of Service vulnerabilities are addressed: Integer type mismatches in BinPAC-generated parser code and Bro analyzer code may allow for crafted packet data to cause unintentional code paths in the analysis logic to be taken due to unsafe integer...

7.5CVSS6.8AI score0.01411EPSS
Exploits1
FreeBSD
FreeBSD
added 2018/11/06 12:0 a.m.32 views

moodle -- Login CSRF vulnerability

moodle reports: The login form is not protected by a token to prevent login cross-site request forgery...

8.8CVSS3AI score0.02326EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2018/06/06 12:0 a.m.32 views

chromium -- Incorrect handling of CSP header

Google Chrome Releases reports: 1 security fix contributed by external researchers: 845961 High CVE-2018-6148: Incorrect handling of CSP header. Reported by Michal Bentkowski on 2018-05-23...

6.5CVSS2.8AI score0.00704EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2018/03/22 12:0 a.m.32 views

rails-html-sanitizer -- possible XSS vulnerability

OSS-Security list: There is a possible XSS vulnerability in rails-html-sanitizer. The gem allows non-whitelisted attributes to be present in sanitized output when input with specially-crafted HTML fragments, and these attributes can lead to an XSS attack on target applications. This issue is...

6.1CVSS6.3AI score0.01984EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2018/02/15 12:0 a.m.32 views

irssi -- multiple vulnerabilities

Irssi reports: Use after free when server is disconnected during netsplits. Found by Joseph Bisch. Use after free when SASL messages are received in unexpected order. Found by Joseph Bisch. Null pointer dereference when an “empty” nick has been observed by Irssi. Found by Joseph Bisch. When the...

9.8CVSS8.8AI score0.02494EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2018/02/09 12:0 a.m.32 views

LibreOffice -- Remote arbitrary file disclosure vulnerability via WEBSERVICE formula

LibreOffice reports: LibreOffice Calc supports a WEBSERVICE function to obtain data by URL. Vulnerable versions of LibreOffice allow WEBSERVICE to take a local file URL e.g file:// which can be used to inject local files into the spreadsheet without warning the user. Subsequent formulas can opera...

8.4AI score
Exploits4References2
FreeBSD
FreeBSD
added 2018/02/05 12:0 a.m.32 views

mbed TLS (PolarSSL) -- remote code execution

Simon Butcher reports: When the truncated HMAC extension is enabled and CBC is used, sending a malicious application packet can be used to selectively corrupt 6 bytes on the peer's heap, potentially leading to a crash or remote code execution. This can be triggered remotely from either side in bo...

9.7AI score
Exploits0References1
FreeBSD
FreeBSD
added 2018/01/25 12:0 a.m.32 views

w3m - multiple vulnerabilities

Tatsuya Kinoshita reports: CVE-2018-6196 table.c: Prevent negative indent value in feedtableblocktag. CVE-2018-6197 form.c: Prevent invalid columnPos call in formUpdateBuffer. CVE-2018-6198 config.h.dist, config.h.in, configure, configure.ac, main.c, rc.c: Make temporary directory safely when /.w...

7.5CVSS6.2AI score0.04391EPSS
Exploits2References1
FreeBSD
FreeBSD
added 2018/01/22 12:0 a.m.32 views

powerdns-recursor -- insufficient validation of DNSSEC signatures

PowerDNS Security Advisory reports: An issue has been found in the DNSSEC validation component of PowerDNS Recursor, allowing an ancestor delegation NSEC or NSEC3 record to be used to wrongfully prove the non-existence of a RR below the owner name of that record. This would allow an attacker in...

4.3CVSS5AI score0.01287EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2017/12/14 12:0 a.m.32 views

ruby -- Command injection vulnerability in Net::FTP

Etienne Stalmans from the Heroku product security team reports: There is a command injection vulnerability in Net::FTP bundled with Ruby. Net::FTPget, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile use Kernelopen to open a local file. If the localfile argument starts with the pip...

9.3CVSS9.4AI score0.73927EPSS
Exploits5References1
FreeBSD
FreeBSD
added 2017/09/21 12:0 a.m.32 views

chromium -- multiple vulnerabilities

Google Chrome releases reports: 3 security fixes in this release, including: 765433 High CVE-2017-5121: Out-of-bounds access in V8. Reported by Jordan Rabet, Microsoft Offensive Security Research and Microsoft ChakraCore team on 2017-09-14 752423 High CVE-2017-5122: Out-of-bounds access in V8...

8.8CVSS8.5AI score0.05288EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2017/09/12 12:0 a.m.32 views

libraw -- buffer overflow

libraw developers report: LibRaw before 0.18.4 has a heap-based Buffer Overflow in the processCanonCameraInfo function via a crafted file...

8.8CVSS9AI score0.02124EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2017/09/11 12:0 a.m.32 views

FFmpeg -- multiple vulnerabilities

FFmpeg security reports: Multiple vulnerabilities have been fixed in FFmpeg 3.3.4. Please refer to the CVE list for details...

8.8CVSS7.4AI score0.02712EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2017/09/11 12:0 a.m.32 views

libsndfile -- out-of-bounds reads

Xin-Jiang on Github reports: CVE-2017-14245 Medium: An out of bounds read in the function d2alawarray in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values. CVE-2017-14246 Medium: An out of...

8.1CVSS7.3AI score0.02229EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2017/07/21 12:0 a.m.32 views

ansible -- information disclosure flaw

ansible developers report: Ansible versions 2.2.3 and earlier are vulnerable to an information disclosure flaw due to the interaction of call back plugins and the nolog directive where the information may not be sanitized properly...

2.6AI score
Exploits0References1
FreeBSD
FreeBSD
added 2017/07/05 12:0 a.m.33 views

Cacti -- Cross-site scripting (XSS) vulnerability in link.php

kimiizhang reports: Cross-site scripting XSS vulnerability in link.php in Cacti 1.1.12 allows remote anonymous users to inject arbitrary web script or HTML via the id parameter...

5.4CVSS5.8AI score0.00637EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2017/06/29 12:0 a.m.32 views

libgcrypt -- side-channel attack on RSA secret keys

GnuPG reports: Mitigate a flush+reload side-channel attack on RSA secret keys dubbed "Sliding right into disaster"...

6.8CVSS2.4AI score0.03885EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2017/04/13 12:0 a.m.32 views

heimdal -- bypass of capath policy

Viktor Dukhovni reports: Commit f469fc6 2010-10-02 inadvertently caused the previous hop realm to not be added to the transit path of issued tickets. This may, in some cases, enable bypass of capath policy in Heimdal versions 1.5 through 7.2. Note, this may break sites that rely on the bug. With...

7.5CVSS7.8AI score0.01759EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2017/03/23 12:0 a.m.32 views

samba -- symlink race allows access outside share definition

Samba team reports: A time-of-check, time-of-use race condition can allow clients to access non-exported parts of the file system via symlinks...

7.5CVSS7.9AI score0.11091EPSS
Exploits3References1
FreeBSD
FreeBSD
added 2017/02/13 12:0 a.m.32 views

collectd5 -- Denial of service by sending a signed network packet to a server which is not set up to check signatures

marcinguy reports: After sending this payload, collectd seems to be entering endless while loop in packetparse consuming high CPU resources, possibly crash/gets killed after a while...

7.5CVSS1.5AI score0.03997EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2017/01/09 12:0 a.m.32 views

GnuTLS -- Memory corruption vulnerabilities

The GnuTLS project reports: It was found using the OSS-FUZZ fuzzer infrastructure that decoding a specially crafted OpenPGP certificate could lead to heap and stack overflows. GNUTLS-SA-2017-2 It was found using the OSS-FUZZ fuzzer infrastructure that decoding a specially crafted X.509 certificat...

2.1AI score
Exploits0References3
FreeBSD
FreeBSD
added 2016/11/09 12:0 a.m.32 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 4 security fixes in this release, including: 643948 High CVE-2016-5199: Heap corruption in FFmpeg. Credit to Paul Mehta 658114 High CVE-2016-5200: Out of bounds memory access in V8. Credit to Choongwoo Han 660678 Medium CVE-2016-5201: Info leak in extensions. Credi...

9.1CVSS1AI score0.01561EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2016/09/08 12:0 a.m.32 views

xen-kernel -- use after free in FIFO event channel code

The Xen Project reports: When the EVTCHNOPinitcontrol operation is called with a bad guest frame number, it takes an error path which frees a control structure without also clearing the corresponding pointer. Certain subsequent operations EVTCHNOPexpandarray or another EVTCHNOPinitcontrol, upon...

7.2CVSS1.1AI score0.00502EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2016/08/17 12:0 a.m.32 views

gnupg -- attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output

Werner Koch reports: There was a bug in the mixing functions of Libgcrypt's random number generator: An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output. This bug exists since 1998 in all GnuPG and Libgcrypt versions...

5.3CVSS2.9AI score0.03597EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2016/07/26 12:0 a.m.32 views

xen-kernel -- x86: Privilege escalation in PV guests

The Xen Project reports: The PV pagetable code has fast-paths for making updates to pre-existing pagetable entries, to skip expensive re-validation in safe cases e.g. clearing only Access/Dirty bits. The bits considered safe were too broad, and not actually safe. A malicious PV guest administrato...

8.8CVSS1.5AI score0.004EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2016/06/16 12:0 a.m.32 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 3 security fixes in this release, including: 620742 CVE-2016-1704: Various fixes from internal audits, fuzzing and other initiatives...

8.8CVSS2.6AI score0.01094EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2016/05/11 12:0 a.m.32 views

p7zip -- heap overflow vulnerability

Cisco Talos reports: An exploitable heap overflow vulnerability exists in the NArchive::NHfs::CHandler::ExtractZlibFile method functionality of 7zip that can lead to arbitrary code execution...

9.3CVSS2.5AI score0.14742EPSS
Exploits3References1
FreeBSD
FreeBSD
added 2016/04/04 12:0 a.m.32 views

cacti -- multiple vulnerabilities

The Cacti Group, Inc. reports: Changelog bug:0002667: Cacti SQL Injection Vulnerability bug:0002673: CVE-2016-3659 - Cacti graphview.php SQL Injection Vulnerability bug:0002656: Authentication using web authentication as a user not in the cacti database allows complete access regression...

8.8CVSS3.2AI score0.02256EPSS
Exploits2References4
FreeBSD
FreeBSD
added 2016/02/11 12:0 a.m.32 views

firefox -- Same-origin-policy violation using Service Workers with plugins

The Mozilla Foundation reports: MFSA 2016-13 Jason Pang of OneSignal reported that service workers intercept responses to plugin network requests made through the browser. Plugins which make security decisions based on the content of network requests can have these decisions subverted if a servic...

8.8CVSS3.4AI score0.01503EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2016/02/09 12:0 a.m.32 views

pcre -- stack buffer overflow

Philip Hazel reports: PCRE does not validate that handling the ACCEPT verb will occur within the bounds of the cworkspace stack buffer, leading to a stack buffer overflow...

9.8CVSS1.9AI score0.0843EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2016/01/28 12:0 a.m.32 views

phpmyadmin -- XSS vulnerability in normalization page

The phpMyAdmin development team reports: With a crafted table name it is possible to trigger an XSS attack in the database normalization page. We consider this vulnerability to be non-critical. This vulnerability can be triggered only by someone who is logged in to phpMyAdmin, as the usual token...

5.4CVSS3.1AI score0.01269EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2015/12/24 12:0 a.m.32 views

radicale -- multiple vulnerabilities

Radicale reports: The multifilesystem backend allows access to arbitrary files on all platforms. Prevent regex injection in rights management...

7.9AI score
Exploits0References1
FreeBSD
FreeBSD
added 2015/12/15 12:0 a.m.32 views

kea -- unexpected termination while handling a malformed packet

ISC Support reports: ISC Kea may terminate unexpectedly crash while handling a malformed client packet. Related defects in the kea-dhcp4 and kea-dhcp6 servers can cause the server to crash during option processing if a client sends a malformed packet. An attacker sending a crafted malformed packe...

7.1CVSS6.4AI score0.03706EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2015/11/15 12:0 a.m.32 views

libpng buffer overflow in png_set_PLTE

libpng reports: CVE for a vulnerability in libpng, all versions, in the pngsetPLTE/pnggetPLTE functions. These functions failed to check for an out-of-range palette when reading or writing PNG files with a bitdepth less than 8. Some applications might read the bit depth from the IHDR chunk and...

7.5CVSS7.8AI score0.10339EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2015/10/14 12:0 a.m.32 views

wireshark -- Pcapng file parser crash

Wireshark development team reports: The following vulnerability has been fixed. wnpa-sec-2015-30 Pcapng file parser crash. Bug 11455...

4.3CVSS5.8AI score0.03037EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2015/10/10 12:0 a.m.32 views

p5-HTML-Scrubber -- XSS vulnerability

MITRE reports: Cross-site scripting XSS vulnerability in the HTML-Scrubber module before 0.15 for Perl, when the comment feature is enabled, allows remote attackers to inject arbitrary web script or HTML via a crafted comment...

2.6CVSS5.6AI score0.02092EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2015/10/09 12:0 a.m.32 views

optipng -- multiple vulnerabilities

ifread.c in gif2png, as used in OptiPNG before 0.7.6, allows remote attackers to cause a denial of service uninitialized memory read via a crafted GIF file. The bmpreadrows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service invalid memory...

9.3CVSS7.9AI score0.04426EPSS
Exploits2
FreeBSD
FreeBSD
added 2015/08/11 12:0 a.m.32 views

libvpx -- multiple buffer overflows

The Mozilla Project reports: Security researcher Abhishek Arya Inferno of the Google Chrome Security Team used the Address Sanitizer tool to discover two buffer overflow issues in the Libvpx library used for WebM video when decoding a malformed WebM video file. These buffer overflows result in...

10CVSS7.9AI score0.08447EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2015/08/08 12:0 a.m.32 views

vorbis-tools, opus-tools -- multiple vulnerabilities

Paris Zoumpouloglou reports: I discovered an integer overflow issue in oggenc, related to the number of channels in the input WAV file. The issue triggers an out-of-bounds memory access which causes oggenc to crash. Paris Zoumpouloglou reports: A crafted WAV file with number of channels set to 0...

5CVSS6.1AI score0.03786EPSS
Exploits3References3
FreeBSD
FreeBSD
added 2015/08/05 12:0 a.m.32 views

FreeBSD -- shell injection vulnerability in patch(1)

Problem Description: Due to insufficient sanitization of the input patch stream, it is possible for a patch file to cause patch1 to pass certain ed1 scripts to the ed1 editor, which would run commands. Impact: This issue could be exploited to execute arbitrary commands as the user invoking patch1...

9.3CVSS7.9AI score0.03778EPSS
Exploits0
FreeBSD
FreeBSD
added 2015/07/27 12:0 a.m.32 views

subversion -- multiple vulnerabilities

Subversion reports: CVE-2015-3184: Subversion's modauthzsvn does not properly restrict anonymous access in some mixed anonymous/authenticated environments when using Apache httpd 2.4. CVE-2015-3187: Subversion servers, both httpd and svnserve, will reveal some paths that should be hidden by...

5CVSS8.2AI score0.10607EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2015/07/21 12:0 a.m.32 views

bind -- denial of service vulnerability

ISC reports: An error in the handling of TKEY queries can be exploited by an attacker for use as a denial-of-service vector, as a constructed packet can use the defect to trigger a REQUIRE assertion failure, causing BIND to exit...

7.8CVSS7.7AI score0.91284EPSS
Exploits12References1
FreeBSD
FreeBSD
added 2015/06/22 12:0 a.m.32 views

devel/ipython -- remote execution

Kyle Kelley reports: Summary: JSON error responses from the IPython notebook REST API contained URL parameters and were incorrectly reported as text/html instead of application/json. The error messages included some of these URL params, resulting in a cross site scripting attack. This affects use...

6.1CVSS6.6AI score0.01762EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2015/06/22 12:0 a.m.32 views

www/chromium -- multiple vulnerabilities

Google Chrome Releases reports: 4 security fixes in this release: 464922 High CVE-2015-1266: Scheme validation error in WebUI. Credit to anonymous. 494640 High CVE-2015-1268: Cross-origin bypass in Blink. Credit to Mariusz Mlynski. 497507 Medium CVE-2015-1267: Cross-origin bypass in Blink. Credit...

5CVSS9.2AI score0.02306EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2015/06/09 12:0 a.m.32 views

logstash -- Directory traversal vulnerability in the file output plugin

Elastic reports: An attacker could use the File output plugin with dynamic field references in the path option to traverse paths outside of Logstash directory. This technique could also be used to overwrite any files which can be accessed with permissions associated with Logstash user. This relea...

6.4CVSS6.3AI score0.0303EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2015/05/06 12:0 a.m.32 views

suricata -- TLS/DER Parser Bug (DoS)

OISF Development Team reports: The OISF development team is pleased to announce Suricata 2.0.8. This release fixes a number of issues in the 2.0 series. The most important issue is a bug in the DER parser which is used to decode SSL/TLS certificates could crash Suricata. This issue was reported b...

5CVSS6.2AI score0.01134EPSS
Exploits0References2
Total number of security vulnerabilities5000