Lucene search
K
FreebsdMost viewed

6585 matches found

FreeBSD
FreeBSD
added 2013/10/01 12:0 a.m.32 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 50 security fixes in this release, including: 223962270758271161284785284786 Medium CVE-2013-2906: Races in Web Audio. Credit to Atte Kettunen of OUSPG. 260667 Medium CVE-2013-2907: Out of bounds read in Window.prototype object. Credit to Boris Zbarsky. 265221 Medi...

7.5CVSS0.7AI score0.02531EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2013/06/18 12:0 a.m.32 views

FreeBSD -- Privilege escalation via mmap

Due to insufficient permission checks in the virtual memory system, a tracing process such as a debugger may be able to modify portions of the traced process's address space to which the traced process itself does not have write access...

6.9CVSS6.3AI score0.06942EPSS
Exploits10
FreeBSD
FreeBSD
added 2013/05/14 12:0 a.m.32 views

ruby -- Object taint bypassing in DL and Fiddle in Ruby

Ruby Developers report: There is a vulnerability in DL and Fiddle in Ruby where tainted strings can be used by system calls regardless of the $SAFE level set in Ruby. Native functions exposed to Ruby with DL or Fiddle do not check the taint values set on the objects passed in. This can result in...

6.4CVSS5.8AI score0.0251EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2013/04/24 12:0 a.m.32 views

Joomla! -- XXS and DDoS vulnerabilities

The JSST and the Joomla! Security Center report: 20130405 - Core - XSS Vulnerability Inadequate filtering leads to XSS vulnerability in Voting plugin. 20130403 - Core - XSS Vulnerability Inadequate filtering allows possibility of XSS exploit in some circumstances. 20130402 - Core - Information...

5.5CVSS5.8AI score0.04848EPSS
Exploits6References1
FreeBSD
FreeBSD
added 2013/03/13 12:0 a.m.32 views

puppet26 -- multiple vulnerabilities

Moses Mendoza reports: A vulnerability found in Puppet could allow an authenticated client to cause the master to execute arbitrary code while responding to a catalog request. Specifically, in order to exploit the vulnerability, the puppet master must be made to invoke the 'template' or...

9CVSS7.4AI score0.04927EPSS
Exploits0References5
FreeBSD
FreeBSD
added 2013/02/26 12:0 a.m.32 views

linux-flashplugin -- multiple vulnerabilities

Adobe reports: These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system...

10CVSS6.5AI score0.11094EPSS
Exploits1
FreeBSD
FreeBSD
added 2012/05/31 12:0 a.m.32 views

libjpeg-turbo -- heap-based buffer overflow

The Changelog for version 1.2.1 says: Fixed a regression caused by 1.2.06 in which decompressing corrupt JPEG images specifically, images in which the component count was erroneously set to a large value would cause libjpeg-turbo to segfault. A Heap-based buffer overflow was found in the way...

8.8CVSS8.2AI score0.04765EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2012/05/08 12:0 a.m.32 views

rssh -- arbitrary command execution

Derek Martin rssh maintainer reports: Henrik Erkkonen has discovered that, through clever manipulation of environment variables on the ssh command line, it is possible to circumvent rssh. As far as I can tell, there is no way to effect a root compromise, except of course if the root account is th...

2.1CVSS6.4AI score0.00388EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2012/03/20 12:0 a.m.32 views

libtasn1 -- ASN.1 length decoding vulnerability

Mu Dynamics, Inc. reports: Various functions using the ASN.1 length decoding logic in Libtasn1 were incorrectly assuming that the return value from asn1getlengthder is always less than the length of the enclosing ASN.1 structure, which is only true for valid structures and not for intentionally...

5CVSS8.8AI score0.0446EPSS
Exploits1
FreeBSD
FreeBSD
added 2012/03/10 12:0 a.m.32 views

chromium -- Errant plug-in load and GPU process memory corruption

Google Chrome Releases reports: 117620 117656 Critical CVE-2011-3047: Errant plug-in load and GPU process memory corruption. Credit to PinkiePie...

9.3CVSS1.9AI score0.03382EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2012/02/22 12:0 a.m.32 views

bugzilla Cross-Site Request Forgery

A Bugzilla Security Advisory reports: The following security issues have been discovered in Bugzilla: Due to a lack of validation of the enctype form attribute when making POST requests to xmlrpc.cgi, a possible CSRF vulnerability was discovered. If a user visits an HTML page with some malicious...

5.1CVSS6.5AI score0.00826EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2012/02/22 12:0 a.m.32 views

dropbear -- arbitrary code execution

The Dropbear project reports: Dropbear SSH Server could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a use-after- free error. If a command restriction is enforced, an attacker could exploit this vulnerability to execute arbitrary code on the system with...

7.1CVSS9.5AI score0.06489EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2012/02/16 12:0 a.m.32 views

mozilla -- heap-buffer overflow

The Mozilla Project reports: MFSA 2012-11 libpng integer overflow...

6.8CVSS9AI score0.73164EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2012/02/15 12:0 a.m.32 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 105803 High CVE-2011-3015: Integer overflows in PDF codecs. Credit to Google Chrome Security Team scarybeasts. 106336 Medium CVE-2011-3016: Read-after-free with counter nodes. Credit to miaubiz. 108695 High CVE-2011-3017: Possible use-after-free in database handlin...

7.5CVSS0.6AI score0.73164EPSS
Exploits5References1
FreeBSD
FreeBSD
added 2011/12/13 12:0 a.m.32 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 81753 Medium CVE-2011-3903: Out-of-bounds read in regex matching. Credit to David Holloway of the Chromium development community. 95465 Low CVE-2011-3905: Out-of-bounds reads in libxml. Credit to Google Chrome Security Team Inferno. 98809 Medium CVE-2011-3906:...

7.5CVSS0.7AI score0.01697EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2011/12/08 12:0 a.m.32 views

asterisk -- Multiple Vulnerabilities

Asterisk project reports: It is possible to enumerate SIP usernames when the general and user/peer NAT settings differ in whether to respond to the port a request is sent from or the port listed for responses in the Via header. When the "automon" feature is enabled in features.conf, it is possibl...

6.3AI score
Exploits0References2
FreeBSD
FreeBSD
added 2011/10/18 12:0 a.m.32 views

Xorg server -- two vulnerabilities in X server lock handling code

Matthieu Herrb reports: It is possible to deduce if a file exists or not by exploiting the way that Xorg creates its lock files. This is caused by the fact that the X server is behaving differently if the lock file already exists as a symbolic link pointing to an existing or non-existing file. It...

6.3AI score
Exploits0
FreeBSD
FreeBSD
added 2011/05/25 12:0 a.m.32 views

Unbound -- an empty error packet handling assertion failure

Unbound developer reports: NLnet Labs was notified of an error in Unbound's code-path for error replies which is triggered under special conditions. The error causes the program to abort...

4.3CVSS6.4AI score0.07085EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2010/12/15 12:0 a.m.32 views

Drupal Views plugin -- cross-site scripting

Drupal security team reports: The Views module provides a flexible method for Drupal site designers to control how lists and tables of content are presented. Under certain circumstances, Views could display parts of the page path without escaping, resulting in a relected Cross Site Scripting XSS...

4.3CVSS6AI score0.01859EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2010/12/08 12:0 a.m.32 views

php5 -- Denial of Service in php_date_parse_tzfile()

MITRE CVE team reports: Memory leak in the timezone functionality in PHP before 5.3.9 allows remote attackers to cause a denial of service memory consumption by triggering many strtotime function calls, which are not properly handled by the phpdateparsetzfile cache...

5CVSS6.3AI score0.0826EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2010/11/20 12:0 a.m.32 views

OpenTTD -- Denial of service (server/client) via invalid read

The OpenTTD Team reports: When a client disconnects, without sending the "quit" or "client error" message, the server has a chance of reading and writing a just freed piece of memory. The writing can only happen while the server is sending the map. Depending on what happens directly after freeing...

7.5CVSS6.3AI score0.03668EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2010/09/21 12:0 a.m.32 views

bzip2 -- integer overflow vulnerability

Secunia reports: A vulnerability has been reported in bzip2, which can be exploited by malicious people to cause a DoS Denial of Service or potentially compromise a vulnerable system. The vulnerability is caused due to an integer overflow in the "BZ2decompress" function in decompress.c and can be...

5.1CVSS6.6AI score0.03297EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2010/05/05 12:0 a.m.32 views

wireshark -- DOCSIS dissector denial of service

A vulnerability found in the DOCSIS dissector can cause Wireshark to crash when a malformed packet trace file is opened. This means that an attacker will have to trick a victim into opening such a trace file before being able to crash the application...

4.3CVSS6.3AI score0.01705EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2010/04/20 12:0 a.m.32 views

krb5 -- KDC double free vulnerability

The MIT Kerberos team reports: An authenticated remote attacker can crash the KDC by inducing the KDC to perform a double free. Under some circumstances on some platforms, this could also allow malicious code execution...

4CVSS6.6AI score0.11857EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2010/04/05 12:0 a.m.32 views

MoinMoin -- cross-site scripting vulnerabilities

The MoinMoin developers reports: Fix XSS in Despam action CVE-2010-0828 Fix XSS issues by escaping template name in messages by fixing other places that had similar issues...

3.5CVSS5.9AI score0.02243EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2009/12/02 12:0 a.m.32 views

pligg -- Cross-Site Scripting and Cross-Site Request Forgery

secunia reports: Russ McRee has discovered some vulnerabilities in Pligg, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks. Input passed via the "Referer" HTTP header to various scripts e.g. admin/adminconfig.php, admin/adminmodules.php,...

6.6AI score
Exploits0References2
FreeBSD
FreeBSD
added 2009/03/15 12:0 a.m.32 views

opera -- multiple vulnerabilities

Opera Team reports: An unspecified error in the processing of JPEG images can be exploited to trigger a memory corruption. An error can be exploited to execute arbitrary script code in a different domain via unspecified plugins. An unspecified error has a "moderately severe" impact. No further...

6.9AI score
Exploits0References2
FreeBSD
FreeBSD
added 2009/03/03 12:0 a.m.32 views

curl -- cURL/libcURL Location: Redirect URLs Security Bypass

Secunia reports: The security issue is caused due to cURL following HTTP Location: redirects to e.g. scp:// or file:// URLs which can be exploited by a malicious HTTP server to overwrite or disclose the content of arbitrary local files and potentially execute arbitrary commands via specially...

6.8CVSS1AI score0.07812EPSS
Exploits2References1
FreeBSD
FreeBSD
added 2008/12/23 12:0 a.m.32 views

FreeBSD -- Cross-site request forgery in ftpd(8)

Problem Description: The ftpd8 server splits long commands into several requests. This may result in the server executing a command which is hidden inside another very long command. Impact: This could, with a specifically crafted command, be used in a cross-site request forgery attack. FreeBSD...

7.5CVSS6.8AI score0.04045EPSS
Exploits1
FreeBSD
FreeBSD
added 2008/11/18 12:0 a.m.32 views

opera -- multiple vulnerabilities

The Opera Team reports: Manipulating certain text-area contents can cause a buffer overflow, which may be exploited to execute arbitrary code. Certain HTML constructs can cause the resulting DOM to change unexpectedly, which triggers a crash. To inject code, additional techniques will have to be...

9.3CVSS6.8AI score0.31509EPSS
Exploits6References6
FreeBSD
FreeBSD
added 2008/11/15 12:0 a.m.32 views

syslog-ng2 -- startup directory leakage in the chroot environment

Florian Grandel reports: I have not had the time to analyze all of syslog-ng code. But by reading the code section near the chroot call and looking at strace results I believe that syslog-ng does not chdir to the chroot jail's location before chrooting into it. This opens up ways to work around t...

9.3CVSS6.6AI score0.022EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2008/11/06 12:0 a.m.32 views

nagios -- web interface privilege escalation vulnerability

securityfocus reports: An attacker with low-level privileges may exploit this issue to bypass authorization and cause arbitrary commands to run within the context of the Nagios server. This may aid in further attacks...

6.5CVSS6.7AI score0.06738EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2008/10/22 12:0 a.m.32 views

enscript -- arbitrary code execution vulnerability

Ulf Harnhammar of Secunia Research reports: Stack-based buffer overflow in the readspecialescape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e aka special escapes processing option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafte...

7.6CVSS7.8AI score0.08358EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2008/09/03 12:0 a.m.32 views

FreeBSD -- nmount(2) local arbitrary code execution

Problem Description: Various user defined input such as mount points, devices, and mount options are prepared and passed as arguments to nmount2 into the kernel. Under certain error conditions, user defined data will be copied into a stack allocated buffer stored in the kernel without sufficient...

6.9CVSS6.2AI score0.01032EPSS
Exploits5
FreeBSD
FreeBSD
added 2008/07/09 12:0 a.m.32 views

clamav -- CHM Processing Denial of Service

Hanno Boeck reports: A fuzzing test showed weakness in the chm parser of clamav, which can possibly be exploited. The clamav team has disabled the chm module in older versions though freshclam updates and has released 0.94 with a fixed parser...

5CVSS6.5AI score0.03377EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2008/06/10 12:0 a.m.32 views

FreeType 2 -- Multiple Vulnerabilities

Secunia reports: An integer overflow error exists in the processing of PFB font files. This can be exploited to cause a heap-based buffer overflow via a PFB file containing a specially crafted "Private" dictionary table. An error in the processing of PFB font files can be exploited to trigger the...

7.5CVSS7.1AI score0.04217EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2008/04/20 12:0 a.m.32 views

moinmoin -- superuser privilege escalation

MoinMoin team reports: A check in the userform processing was not working as expected and could be abused for ACL and superuser privilege escalation...

6.8CVSS6.5AI score0.01656EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2008/04/10 12:0 a.m.32 views

openfire -- unspecified denial of service

Secunia reports: A vulnerability has been reported in Openfire, which can be exploited by malicious people to cause a Denial of Service. The vulnerability is caused due to an unspecified error and can be exploited to cause a Denial of Service...

4CVSS6.3AI score0.01657EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2007/12/21 12:0 a.m.32 views

dovecot -- Specific LDAP + auth cache configuration may mix up user logins

Dovecot reports: If two users with the same password and same passfilter variables log in within authcachettl seconds 1h by default, the second user may get logged in with the first user's cached passattrs. For example if passattrs contained the user's home/mail directory, this would mean that th...

2.3AI score
Exploits0References1
FreeBSD
FreeBSD
added 2007/10/25 12:0 a.m.32 views

linux-realplayer -- multiple vulnerabilities

Secunia reports: Multiple vulnerabilities have been reported in RealPlayer/RealOne/HelixPlayer, which can be exploited by malicious people to compromise a user's system. An input validation error when processing .RA/.RAM files can be exploited to cause a heap corruption via a specially crafted...

9.3CVSS8AI score0.36069EPSS
Exploits6References6
FreeBSD
FreeBSD
added 2007/09/19 12:0 a.m.32 views

ImageMagick -- multiple vulnerabilities

Multiple vulnerabilities have been discovered in ImageMagick. ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a crafted image file that triggers 1 an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls; or 2 an infinite...

9.3CVSS7.7AI score0.03819EPSS
Exploits4References1
FreeBSD
FreeBSD
added 2007/04/26 12:0 a.m.32 views

FreeBSD -- IPv6 Routing Header 0 is dangerous

Problem Description There is no mechanism for preventing IPv6 routing headers from being used to route packets over the same links many times. Impact An attacker can "amplify" a denial of service attack against a link between two vulnerable hosts; that is, by sending a small volume of traffic the...

7.8CVSS6.2AI score0.05035EPSS
Exploits0
FreeBSD
FreeBSD
added 2007/04/02 12:0 a.m.32 views

claws-mail -- APOP vulnerability

CVE reports: The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle MITM attacks that use crafted message IDs and MD5 collisions...

2.6CVSS6.6AI score0.02423EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2007/03/09 12:0 a.m.32 views

ktorrent -- multiple vulnerabilities

Two problems have been found in KTorrent: KTorrent does not properly sanitize file names to filter out ".." components, so it's possible for an attacker to create a malicious torrent in order to overwrite arbitrary files within the filesystem. Messages with invalid chunk indexes aren't rejected...

7.5CVSS6.7AI score0.02483EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2007/03/04 12:0 a.m.32 views

WebCalendar -- "noSet" variable overwrite vulnerability

Secunia reports: A vulnerability has been discovered in WebCalendar, which can be exploited by malicious people to compromise a vulnerable system. Input passed to unspecified parameters is not properly verified before being used with the "noSet" parameter set. This can be exploited to overwrite...

7.5CVSS6.6AI score0.02144EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2006/12/12 12:0 a.m.32 views

dbus -- match_rule_equal() Weakness

Secunia reports: D-Bus have a weakness, which can be exploited by malicious, local users to cause a DoS Denial of Service. An error within the "matchruleequal" function can be exploited to disable the ability of other processes to receive messages by removing their matches from D-Bus...

1.7CVSS5.7AI score0.00364EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2006/11/21 12:0 a.m.32 views

gtar -- GNUTYPE_NAMES directory traversal vulnerability

Teemu Salmela reports: There is a tar record type, called GNUTYPENAMES an obsolete GNU extension, that allows the creation of symbolic links pointing to arbitrary locations in the filesystem, which makes it possible to create/overwrite arbitrary files...

4CVSS7.4AI score0.11084EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2006/11/14 12:0 a.m.32 views

ImageMagick -- SGI Image File heap overflow vulnerability

SecurityFocus reports about ImageMagick: ImageMagick is prone to a remote heap-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. Exploiting this issue allows attackers to execu...

9.3CVSS6.6AI score0.02654EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2006/09/13 12:0 a.m.32 views

punbb -- NULL byte injection vulnerability

CVE Mitre reports: PunBB 1.2.12 does not properly handle an avatar directory pathname ending in %00, which allows remote authenticated administrative users to upload arbitrary files and execute code, as demonstrated by a query to adminoptions.php with an avatarsdir parameter ending in %00. NOTE:...

3.6CVSS6.6AI score0.02248EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2006/09/12 12:0 a.m.32 views

linux-flashplugin7 -- arbitrary code execution vulnerabilities

Adobe reports: Multiple input validation errors have been identified in Flash Player 8.0.24.0 and earlier versions that could lead to the potential execution of arbitrary code. These vulnerabilities could be accessed through content delivered from a remote location via the user?s web browser, ema...

6.8CVSS7AI score0.16606EPSS
Exploits1References1
Total number of security vulnerabilities5000