Lucene search
K
FreebsdMost viewed

6585 matches found

FreeBSD
FreeBSD
•added 2012/02/16 12:0 a.m.•32 views

mozilla -- heap-buffer overflow

The Mozilla Project reports: MFSA 2012-11 libpng integer overflow...

6.8CVSS9AI score0.73164EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2012/02/15 12:0 a.m.•32 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 105803 High CVE-2011-3015: Integer overflows in PDF codecs. Credit to Google Chrome Security Team scarybeasts. 106336 Medium CVE-2011-3016: Read-after-free with counter nodes. Credit to miaubiz. 108695 High CVE-2011-3017: Possible use-after-free in database handlin...

7.5CVSS0.6AI score0.73164EPSS
Exploits5References1
FreeBSD
FreeBSD
•added 2011/12/13 12:0 a.m.•32 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 81753 Medium CVE-2011-3903: Out-of-bounds read in regex matching. Credit to David Holloway of the Chromium development community. 95465 Low CVE-2011-3905: Out-of-bounds reads in libxml. Credit to Google Chrome Security Team Inferno. 98809 Medium CVE-2011-3906:...

7.5CVSS0.7AI score0.01697EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2011/12/08 12:0 a.m.•32 views

asterisk -- Multiple Vulnerabilities

Asterisk project reports: It is possible to enumerate SIP usernames when the general and user/peer NAT settings differ in whether to respond to the port a request is sent from or the port listed for responses in the Via header. When the "automon" feature is enabled in features.conf, it is possibl...

6.3AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2011/10/18 12:0 a.m.•32 views

Xorg server -- two vulnerabilities in X server lock handling code

Matthieu Herrb reports: It is possible to deduce if a file exists or not by exploiting the way that Xorg creates its lock files. This is caused by the fact that the X server is behaving differently if the lock file already exists as a symbolic link pointing to an existing or non-existing file. It...

6.3AI score
Exploits0
FreeBSD
FreeBSD
•added 2011/05/25 12:0 a.m.•32 views

Unbound -- an empty error packet handling assertion failure

Unbound developer reports: NLnet Labs was notified of an error in Unbound's code-path for error replies which is triggered under special conditions. The error causes the program to abort...

4.3CVSS6.4AI score0.07085EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2010/12/08 12:0 a.m.•32 views

php5 -- Denial of Service in php_date_parse_tzfile()

MITRE CVE team reports: Memory leak in the timezone functionality in PHP before 5.3.9 allows remote attackers to cause a denial of service memory consumption by triggering many strtotime function calls, which are not properly handled by the phpdateparsetzfile cache...

5CVSS6.3AI score0.0826EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2010/11/20 12:0 a.m.•32 views

OpenTTD -- Denial of service (server/client) via invalid read

The OpenTTD Team reports: When a client disconnects, without sending the "quit" or "client error" message, the server has a chance of reading and writing a just freed piece of memory. The writing can only happen while the server is sending the map. Depending on what happens directly after freeing...

7.5CVSS6.3AI score0.03668EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2010/09/21 12:0 a.m.•32 views

bzip2 -- integer overflow vulnerability

Secunia reports: A vulnerability has been reported in bzip2, which can be exploited by malicious people to cause a DoS Denial of Service or potentially compromise a vulnerable system. The vulnerability is caused due to an integer overflow in the "BZ2decompress" function in decompress.c and can be...

5.1CVSS6.6AI score0.03297EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2010/05/05 12:0 a.m.•32 views

wireshark -- DOCSIS dissector denial of service

A vulnerability found in the DOCSIS dissector can cause Wireshark to crash when a malformed packet trace file is opened. This means that an attacker will have to trick a victim into opening such a trace file before being able to crash the application...

4.3CVSS6.3AI score0.01705EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2010/04/20 12:0 a.m.•32 views

krb5 -- KDC double free vulnerability

The MIT Kerberos team reports: An authenticated remote attacker can crash the KDC by inducing the KDC to perform a double free. Under some circumstances on some platforms, this could also allow malicious code execution...

4CVSS6.6AI score0.11857EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2010/04/05 12:0 a.m.•32 views

MoinMoin -- cross-site scripting vulnerabilities

The MoinMoin developers reports: Fix XSS in Despam action CVE-2010-0828 Fix XSS issues by escaping template name in messages by fixing other places that had similar issues...

3.5CVSS5.9AI score0.02243EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2009/12/02 12:0 a.m.•32 views

pligg -- Cross-Site Scripting and Cross-Site Request Forgery

secunia reports: Russ McRee has discovered some vulnerabilities in Pligg, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks. Input passed via the "Referer" HTTP header to various scripts e.g. admin/adminconfig.php, admin/adminmodules.php,...

6.6AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2009/03/15 12:0 a.m.•32 views

opera -- multiple vulnerabilities

Opera Team reports: An unspecified error in the processing of JPEG images can be exploited to trigger a memory corruption. An error can be exploited to execute arbitrary script code in a different domain via unspecified plugins. An unspecified error has a "moderately severe" impact. No further...

6.9AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2009/03/03 12:0 a.m.•32 views

curl -- cURL/libcURL Location: Redirect URLs Security Bypass

Secunia reports: The security issue is caused due to cURL following HTTP Location: redirects to e.g. scp:// or file:// URLs which can be exploited by a malicious HTTP server to overwrite or disclose the content of arbitrary local files and potentially execute arbitrary commands via specially...

6.8CVSS1AI score0.07812EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2008/12/23 12:0 a.m.•32 views

FreeBSD -- Cross-site request forgery in ftpd(8)

Problem Description: The ftpd8 server splits long commands into several requests. This may result in the server executing a command which is hidden inside another very long command. Impact: This could, with a specifically crafted command, be used in a cross-site request forgery attack. FreeBSD...

7.5CVSS6.8AI score0.04045EPSS
Exploits1
FreeBSD
FreeBSD
•added 2008/11/18 12:0 a.m.•32 views

opera -- multiple vulnerabilities

The Opera Team reports: Manipulating certain text-area contents can cause a buffer overflow, which may be exploited to execute arbitrary code. Certain HTML constructs can cause the resulting DOM to change unexpectedly, which triggers a crash. To inject code, additional techniques will have to be...

9.3CVSS6.8AI score0.31509EPSS
Exploits6References6
FreeBSD
FreeBSD
•added 2008/11/15 12:0 a.m.•32 views

syslog-ng2 -- startup directory leakage in the chroot environment

Florian Grandel reports: I have not had the time to analyze all of syslog-ng code. But by reading the code section near the chroot call and looking at strace results I believe that syslog-ng does not chdir to the chroot jail's location before chrooting into it. This opens up ways to work around t...

9.3CVSS6.6AI score0.022EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2008/11/06 12:0 a.m.•32 views

nagios -- web interface privilege escalation vulnerability

securityfocus reports: An attacker with low-level privileges may exploit this issue to bypass authorization and cause arbitrary commands to run within the context of the Nagios server. This may aid in further attacks...

6.5CVSS6.7AI score0.06738EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2008/10/22 12:0 a.m.•32 views

enscript -- arbitrary code execution vulnerability

Ulf Harnhammar of Secunia Research reports: Stack-based buffer overflow in the readspecialescape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e aka special escapes processing option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafte...

7.6CVSS7.8AI score0.08358EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2008/09/03 12:0 a.m.•32 views

FreeBSD -- nmount(2) local arbitrary code execution

Problem Description: Various user defined input such as mount points, devices, and mount options are prepared and passed as arguments to nmount2 into the kernel. Under certain error conditions, user defined data will be copied into a stack allocated buffer stored in the kernel without sufficient...

6.9CVSS6.2AI score0.01032EPSS
Exploits5
FreeBSD
FreeBSD
•added 2008/07/09 12:0 a.m.•32 views

clamav -- CHM Processing Denial of Service

Hanno Boeck reports: A fuzzing test showed weakness in the chm parser of clamav, which can possibly be exploited. The clamav team has disabled the chm module in older versions though freshclam updates and has released 0.94 with a fixed parser...

5CVSS6.5AI score0.03377EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2008/06/10 12:0 a.m.•32 views

FreeType 2 -- Multiple Vulnerabilities

Secunia reports: An integer overflow error exists in the processing of PFB font files. This can be exploited to cause a heap-based buffer overflow via a PFB file containing a specially crafted "Private" dictionary table. An error in the processing of PFB font files can be exploited to trigger the...

7.5CVSS7.1AI score0.04217EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2008/04/20 12:0 a.m.•32 views

moinmoin -- superuser privilege escalation

MoinMoin team reports: A check in the userform processing was not working as expected and could be abused for ACL and superuser privilege escalation...

6.8CVSS6.5AI score0.01656EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2007/10/25 12:0 a.m.•32 views

linux-realplayer -- multiple vulnerabilities

Secunia reports: Multiple vulnerabilities have been reported in RealPlayer/RealOne/HelixPlayer, which can be exploited by malicious people to compromise a user's system. An input validation error when processing .RA/.RAM files can be exploited to cause a heap corruption via a specially crafted...

9.3CVSS8AI score0.36069EPSS
Exploits6References6
FreeBSD
FreeBSD
•added 2007/09/19 12:0 a.m.•32 views

ImageMagick -- multiple vulnerabilities

Multiple vulnerabilities have been discovered in ImageMagick. ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a crafted image file that triggers 1 an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls; or 2 an infinite...

9.3CVSS7.7AI score0.03819EPSS
Exploits4References1
FreeBSD
FreeBSD
•added 2007/04/26 12:0 a.m.•32 views

FreeBSD -- IPv6 Routing Header 0 is dangerous

Problem Description There is no mechanism for preventing IPv6 routing headers from being used to route packets over the same links many times. Impact An attacker can "amplify" a denial of service attack against a link between two vulnerable hosts; that is, by sending a small volume of traffic the...

7.8CVSS6.2AI score0.05035EPSS
Exploits0
FreeBSD
FreeBSD
•added 2007/04/02 12:0 a.m.•32 views

claws-mail -- APOP vulnerability

CVE reports: The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle MITM attacks that use crafted message IDs and MD5 collisions...

2.6CVSS6.6AI score0.02423EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2007/03/09 12:0 a.m.•32 views

ktorrent -- multiple vulnerabilities

Two problems have been found in KTorrent: KTorrent does not properly sanitize file names to filter out ".." components, so it's possible for an attacker to create a malicious torrent in order to overwrite arbitrary files within the filesystem. Messages with invalid chunk indexes aren't rejected...

7.5CVSS6.7AI score0.02483EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2007/03/04 12:0 a.m.•32 views

WebCalendar -- "noSet" variable overwrite vulnerability

Secunia reports: A vulnerability has been discovered in WebCalendar, which can be exploited by malicious people to compromise a vulnerable system. Input passed to unspecified parameters is not properly verified before being used with the "noSet" parameter set. This can be exploited to overwrite...

7.5CVSS6.6AI score0.02144EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2006/12/12 12:0 a.m.•32 views

dbus -- match_rule_equal() Weakness

Secunia reports: D-Bus have a weakness, which can be exploited by malicious, local users to cause a DoS Denial of Service. An error within the "matchruleequal" function can be exploited to disable the ability of other processes to receive messages by removing their matches from D-Bus...

1.7CVSS5.7AI score0.00364EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2006/11/21 12:0 a.m.•32 views

gtar -- GNUTYPE_NAMES directory traversal vulnerability

Teemu Salmela reports: There is a tar record type, called GNUTYPENAMES an obsolete GNU extension, that allows the creation of symbolic links pointing to arbitrary locations in the filesystem, which makes it possible to create/overwrite arbitrary files...

4CVSS7.4AI score0.11084EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2006/11/14 12:0 a.m.•32 views

ImageMagick -- SGI Image File heap overflow vulnerability

SecurityFocus reports about ImageMagick: ImageMagick is prone to a remote heap-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. Exploiting this issue allows attackers to execu...

9.3CVSS6.6AI score0.02654EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2006/09/13 12:0 a.m.•32 views

punbb -- NULL byte injection vulnerability

CVE Mitre reports: PunBB 1.2.12 does not properly handle an avatar directory pathname ending in %00, which allows remote authenticated administrative users to upload arbitrary files and execute code, as demonstrated by a query to adminoptions.php with an avatarsdir parameter ending in %00. NOTE:...

3.6CVSS6.6AI score0.02248EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2006/09/12 12:0 a.m.•32 views

linux-flashplugin7 -- arbitrary code execution vulnerabilities

Adobe reports: Multiple input validation errors have been identified in Flash Player 8.0.24.0 and earlier versions that could lead to the potential execution of arbitrary code. These vulnerabilities could be accessed through content delivered from a remote location via the user?s web browser, ema...

6.8CVSS7AI score0.16606EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2006/09/08 12:0 a.m.•32 views

gnutls -- RSA Signature Forgery Vulnerability

Secunia reports: A vulnerability has been reported in GnuTLS, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error in the verification of certain signatures. If a RSA key with exponent 3 is used, it may be possible to forg...

5CVSS6.8AI score0.02427EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2006/06/19 12:0 a.m.•32 views

mambo -- SQL injection vulnerabilities

The Team Mambo reports that two SQL injection vulnerabilities have been found in Mambo. The vulnerabilities exists due to missing sanitation of the title and catid parameters in the weblinks.php page and can lead to execution of arbitrary SQL code...

7.6CVSS7.5AI score0.05527EPSS
Exploits4References5
FreeBSD
FreeBSD
•added 2006/05/01 12:0 a.m.•32 views

clamav -- Freshclam HTTP Header Buffer Overflow Vulnerability

Secunia reports: A vulnerability has been reported in ClamAV, which can be exploited by malicious people to cause a DoS Denial of Service and potentially to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the HTTP client in the Freshclam command line...

5.1CVSS6.8AI score0.0581EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2006/04/18 12:0 a.m.•32 views

xine -- multiple remote string vulnerabilities

c0ntexb reports: There are 2 format string bugs in the latest version of Xine that could be exploited by a malicious person to execute code on the system of a remote user running the media player against a malicious playlist file. By passing a format specifier in the path of a file that is embedd...

7.5CVSS6.7AI score0.14259EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2006/03/29 12:0 a.m.•32 views

mplayer -- Multiple integer overflows

Secunia reports: The vulnerabilities are caused due to integer overflow errors in "libmpdemux/asfheader.c" within the handling of an ASF file, and in "libmpdemux/aviheader.c" when parsing the "indx" chunk in an AVI file. This can be exploited to cause heap-based buffer overflows via a malicious A...

5.1CVSS6.6AI score0.03443EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2006/03/27 12:0 a.m.•32 views

mediawiki -- cross site scripting vulnerability

The mediawiki development team reports that there is an site scripting vulnerability within mediawiki. The vulnerability is caused by improper checking of encoded links which could allow the injection of html in the output generated by mediawiki. This could lead to cross site scripting attacks...

4.3CVSS6.3AI score0.01749EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2006/01/11 12:0 a.m.•32 views

ipfw -- IP fragment denial of service

Problem description: The firewall maintains a pointer to layer 4 header information in the event that it needs to send a TCP reset or ICMP error message to discard packets. Due to incorrect handling of IP fragments, this pointer fails to get initialized. Impact: An attacker can cause the firewall...

5.3CVSS6.2AI score0.03228EPSS
Exploits0
FreeBSD
FreeBSD
•added 2005/10/31 12:0 a.m.•32 views

openvpn -- arbitrary code execution on client through malicious or compromised server

James Yonan reports: A format string vulnerability in the foreignoption function in options.c could potentially allow a malicious or compromised server to execute arbitrary code on the client. Only non-Windows clients are affected. The vulnerability only exists if a the client's TLS negotiation...

7.5CVSS7.2AI score0.03478EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2005/10/26 12:0 a.m.•32 views

mantis -- "t_core_path" file inclusion vulnerability

Secunia Research reports: Input passed to the "tcorepath" parameter in "bugsponsorshiplistviewinc.php" isn't properly verified, before it used to include files. This can be exploited to include arbitrary files from external and local resources...

7.5CVSS6.6AI score0.06619EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2005/10/23 12:0 a.m.•32 views

bogofilter -- heap corruption through excessively long words

Matthias Andree reports: Bogofilter's/bogolexer's input handling in version 0.96.2 was not keeping track of its output buffers properly and could overrun a heap buffer if the input contained words whose length exceeded 16,384 bytes, the size of flex's input buffer. A "word" here refers to a...

7.5CVSS6.5AI score0.04637EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2005/10/11 12:0 a.m.•32 views

openssl -- potential SSL 2.0 rollback

Vulnerability: Such applications are affected if they use the option SSLOPMSIESSLV2RSAPADDING. This option is implied by use of SSLOPALL, which is intended to work around various bugs in third-party software that might prevent interoperability. The SSLOPMSIESSLV2RSAPADDING option disables a...

5CVSS5.9AI score0.04866EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2005/10/08 12:0 a.m.•32 views

libxine -- format string vulnerability

Gentoo Linux Security Advisory reports: Ulf Harnhammar discovered a format string bug in the routines handling CDDB server response contents. An attacker could submit malicious information about an audio CD to a public CDDB server or impersonate a public CDDB server. When the victim plays this CD...

7.5CVSS6.2AI score0.09676EPSS
Exploits2References2
FreeBSD
FreeBSD
•added 2005/10/05 12:0 a.m.•32 views

xloadimage -- buffer overflows in NIFF image title handling

Ariel Berkman reports: Unlike most of the supported image formats in xloadimage, the NIFF image format can store a title name of arbitrary length as part of the image file. When xloadimage is processing a loaded image, it is creating a new Image object and then writing the processed image to it. ...

5.1CVSS6.4AI score0.04159EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2005/09/09 12:0 a.m.•32 views

freeradius -- multiple vulnerabilities

The freeradious development team reports: Multiple issues exist with version 1.0.4, and all prior versions of the server. Externally exploitable vulnerabilities exist only for sites that use the rlmsqlcounter module. Those sites may be vulnerable to SQL injection attacks, similar to the issues...

6.4CVSS8AI score0.04381EPSS
Exploits0
FreeBSD
FreeBSD
•added 2005/08/01 12:0 a.m.•32 views

pcre -- regular expression buffer overflow

The pcre library is vulnerable to a buffer overflow vulnerability due to insufficient validation of quantifier values. This could lead execution of arbitrary code with the permissions of the program using pcre by way of a specially crated regular expression...

7.5CVSS7.2AI score0.04344EPSS
Exploits0References1
Total number of security vulnerabilities5000