Lucene search
K
FreebsdMost viewed

6585 matches found

FreeBSD
FreeBSD
added 2006/09/12 12:0 a.m.32 views

linux-flashplugin7 -- arbitrary code execution vulnerabilities

Adobe reports: Multiple input validation errors have been identified in Flash Player 8.0.24.0 and earlier versions that could lead to the potential execution of arbitrary code. These vulnerabilities could be accessed through content delivered from a remote location via the user?s web browser, ema...

6.8CVSS7AI score0.16606EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2006/09/08 12:0 a.m.32 views

gnutls -- RSA Signature Forgery Vulnerability

Secunia reports: A vulnerability has been reported in GnuTLS, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error in the verification of certain signatures. If a RSA key with exponent 3 is used, it may be possible to forg...

5CVSS6.8AI score0.02427EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2006/06/19 12:0 a.m.32 views

mambo -- SQL injection vulnerabilities

The Team Mambo reports that two SQL injection vulnerabilities have been found in Mambo. The vulnerabilities exists due to missing sanitation of the title and catid parameters in the weblinks.php page and can lead to execution of arbitrary SQL code...

7.6CVSS7.5AI score0.05527EPSS
Exploits4References5
FreeBSD
FreeBSD
added 2006/05/01 12:0 a.m.32 views

clamav -- Freshclam HTTP Header Buffer Overflow Vulnerability

Secunia reports: A vulnerability has been reported in ClamAV, which can be exploited by malicious people to cause a DoS Denial of Service and potentially to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the HTTP client in the Freshclam command line...

5.1CVSS6.8AI score0.0581EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2006/04/18 12:0 a.m.32 views

xine -- multiple remote string vulnerabilities

c0ntexb reports: There are 2 format string bugs in the latest version of Xine that could be exploited by a malicious person to execute code on the system of a remote user running the media player against a malicious playlist file. By passing a format specifier in the path of a file that is embedd...

7.5CVSS6.7AI score0.14259EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2006/03/29 12:0 a.m.32 views

mplayer -- Multiple integer overflows

Secunia reports: The vulnerabilities are caused due to integer overflow errors in "libmpdemux/asfheader.c" within the handling of an ASF file, and in "libmpdemux/aviheader.c" when parsing the "indx" chunk in an AVI file. This can be exploited to cause heap-based buffer overflows via a malicious A...

5.1CVSS6.6AI score0.03443EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2006/03/27 12:0 a.m.32 views

mediawiki -- cross site scripting vulnerability

The mediawiki development team reports that there is an site scripting vulnerability within mediawiki. The vulnerability is caused by improper checking of encoded links which could allow the injection of html in the output generated by mediawiki. This could lead to cross site scripting attacks...

4.3CVSS6.3AI score0.01749EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2006/01/11 12:0 a.m.32 views

ipfw -- IP fragment denial of service

Problem description: The firewall maintains a pointer to layer 4 header information in the event that it needs to send a TCP reset or ICMP error message to discard packets. Due to incorrect handling of IP fragments, this pointer fails to get initialized. Impact: An attacker can cause the firewall...

5.3CVSS6.2AI score0.03228EPSS
Exploits0
FreeBSD
FreeBSD
added 2005/10/31 12:0 a.m.32 views

openvpn -- arbitrary code execution on client through malicious or compromised server

James Yonan reports: A format string vulnerability in the foreignoption function in options.c could potentially allow a malicious or compromised server to execute arbitrary code on the client. Only non-Windows clients are affected. The vulnerability only exists if a the client's TLS negotiation...

7.5CVSS7.2AI score0.03478EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2005/10/26 12:0 a.m.32 views

mantis -- "t_core_path" file inclusion vulnerability

Secunia Research reports: Input passed to the "tcorepath" parameter in "bugsponsorshiplistviewinc.php" isn't properly verified, before it used to include files. This can be exploited to include arbitrary files from external and local resources...

7.5CVSS6.6AI score0.06619EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2005/10/23 12:0 a.m.32 views

bogofilter -- heap corruption through excessively long words

Matthias Andree reports: Bogofilter's/bogolexer's input handling in version 0.96.2 was not keeping track of its output buffers properly and could overrun a heap buffer if the input contained words whose length exceeded 16,384 bytes, the size of flex's input buffer. A "word" here refers to a...

7.5CVSS6.5AI score0.04637EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2005/10/11 12:0 a.m.32 views

openssl -- potential SSL 2.0 rollback

Vulnerability: Such applications are affected if they use the option SSLOPMSIESSLV2RSAPADDING. This option is implied by use of SSLOPALL, which is intended to work around various bugs in third-party software that might prevent interoperability. The SSLOPMSIESSLV2RSAPADDING option disables a...

5CVSS5.9AI score0.04866EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2005/10/08 12:0 a.m.32 views

libxine -- format string vulnerability

Gentoo Linux Security Advisory reports: Ulf Harnhammar discovered a format string bug in the routines handling CDDB server response contents. An attacker could submit malicious information about an audio CD to a public CDDB server or impersonate a public CDDB server. When the victim plays this CD...

7.5CVSS6.2AI score0.09676EPSS
Exploits2References2
FreeBSD
FreeBSD
added 2005/10/05 12:0 a.m.32 views

xloadimage -- buffer overflows in NIFF image title handling

Ariel Berkman reports: Unlike most of the supported image formats in xloadimage, the NIFF image format can store a title name of arbitrary length as part of the image file. When xloadimage is processing a loaded image, it is creating a new Image object and then writing the processed image to it. ...

5.1CVSS6.4AI score0.04159EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2005/09/09 12:0 a.m.32 views

freeradius -- multiple vulnerabilities

The freeradious development team reports: Multiple issues exist with version 1.0.4, and all prior versions of the server. Externally exploitable vulnerabilities exist only for sites that use the rlmsqlcounter module. Those sites may be vulnerable to SQL injection attacks, similar to the issues...

6.4CVSS8AI score0.04381EPSS
Exploits0
FreeBSD
FreeBSD
added 2005/08/01 12:0 a.m.32 views

pcre -- regular expression buffer overflow

The pcre library is vulnerable to a buffer overflow vulnerability due to insufficient validation of quantifier values. This could lead execution of arbitrary code with the permissions of the program using pcre by way of a specially crated regular expression...

7.5CVSS7.2AI score0.04344EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2005/07/27 12:0 a.m.32 views

openvpn -- denial of service: undecryptable packet from authorized client can disconnect unrelated clients

James Yonan reports: If the client sends a packet which fails to decrypt on the server, the OpenSSL error queue is not properly flushed, which can result in another unrelated client instance on the server seeing the error and responding to it, resulting in disconnection of the unrelated client...

5CVSS6.3AI score0.02738EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2005/07/21 12:0 a.m.32 views

squid -- Denial Of Service Vulnerability in sslConnectTimeout

The squid patches page notes: After certain slightly odd requests Squid crashes with a segmentation fault in sslConnectTimeout...

5CVSS6.5AI score0.07829EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2005/07/21 12:0 a.m.32 views

libgadu -- multiple vulnerabilities

Wojtek Kaniewski reports: Multiple vulnerabilities have been found in libgadu, a library for handling Gadu-Gadu instant messaging protocol. It is a part of ekg, a Gadu-Gadu client, but is widely used in other clients. Also some of the user contributed scripts were found to behave in an insecure...

10CVSS7.8AI score0.04703EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2005/05/10 12:0 a.m.32 views

tiff -- buffer overflow vulnerability

A Gentoo Linux Security Advisory reports: Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a stack based buffer overflow in the libTIFF library when reading a TIFF image with a malformed BitsPerSample tag. Successful exploitation would require the victim to open a specially crafte...

7.5CVSS6.9AI score0.14394EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2005/05/10 12:0 a.m.32 views

gaim -- MSN remote DoS vulnerability

The GAIM team reports: Potential remote denial of service bug resulting from not checking a pointer for non-NULL before passing it to strncmp, which results in a crash. This can be triggered by a remote client sending an SLP message with an empty body...

5CVSS6.3AI score0.01898EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2005/04/04 12:0 a.m.32 views

gaim -- jabber remote crash

The GAIM team reports: A remote jabber user can cause Gaim to crash by sending a specific file transfer request...

5CVSS6.5AI score0.02505EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2005/04/01 12:0 a.m.32 views

mozilla -- javascript "lambda" replace exposes memory contents

A Mozilla Foundation Security Advisory reports: A bug in javascript's regular expression string replacement when using an anonymous function as the replacement argument allows a malicious script to capture blocks of memory allocated to the browser. A web site could capture data and transmit it to...

5CVSS6.3AI score0.10036EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2005/02/12 12:0 a.m.32 views

lighttpd -- script source disclosure vulnerability

The lighttpd website reports: In lighttpd 1.3.7 and below it is possible to fetch the source files which should be handled by CGI or FastCGI applications. The vulnerability is in the handling of urlencoded trailing NUL bytes. Installations that do not use CGI or FastCGI are not affected...

5CVSS6.4AI score0.01716EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2005/02/03 12:0 a.m.32 views

squid -- DoS on failed PUT/POST requests vulnerability

The squid patches page notes: An inconsistent state is entered on a failed PUT/POST request making a high risk for segmentation faults or other strange errors...

5CVSS6.4AI score0.12534EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2005/02/01 12:0 a.m.32 views

phpmyadmin -- increased privilege vulnerability

The phpMyAdmin team reports: Escaping of the "" character was not properly done, giving a wildcard privilege when editing db-specific privileges with phpMyAdmin...

4.6CVSS6.6AI score0.00686EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2005/01/28 12:0 a.m.32 views

squid -- buffer overflow in WCCP recvfrom() call

According to the Squid Proxy Cache Security Update Advisory SQUID-2005:3, The WCCP recvfrom call accepts more data than will fit in the allocated buffer. An attacker may send a larger-than-normal WCCP message to Squid and overflow this buffer. Severity: The bug is important because it allows remo...

7.5CVSS6.5AI score0.22152EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2005/01/27 12:0 a.m.32 views

clamav -- zip handling DoS vulnerability

The clamav daemon is vulnerable to a DoS vulnerability due to insufficient handling of malformed zip files which can crash the clamav daemon...

5CVSS6.4AI score0.02547EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2005/01/12 12:0 a.m.32 views

opera -- "data:" URI handler spoofing vulnerability

A Secunia Advisory reports: Michael Holzt has discovered a vulnerability in Opera, which can be exploited by malicious people to trick users into executing malicious files. The vulnerability is caused due to an error in the processing of "data:" URIs, causing wrong information to be shown in a...

5CVSS6.2AI score0.03403EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2005/01/10 12:0 a.m.32 views

squid -- no sanity check of usernames in squid_ldap_auth

The LDAP authentication helper did not strip leading or trailing spaces from the login name. According to the squid patches page: LDAP is very forgiving about spaces in search filters and this could be abused to log in using several variants of the login name, possibly bypassing explicit access...

7.5CVSS6.6AI score0.31942EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2004/12/12 12:0 a.m.32 views

opera -- kfmclient exec command execution vulnerability

Giovanni Delvecchio reports: Opera for linux uses "kfmclient exec" as "Default Application" to handle saved files. This could be used by malicious remote users to execute arbitrary shell commands on a target system...

5CVSS7.1AI score0.12559EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2004/11/25 12:0 a.m.32 views

viewcvs -- information leakage

The hidecvsroot and forbidden configuration options are not properly honored by viewcvs when exporting to a tar file which can lead to information leakage...

5CVSS6.4AI score0.01294EPSS
Exploits0
FreeBSD
FreeBSD
added 2004/11/06 12:0 a.m.32 views

Cyrus IMAPd -- FETCH command out of bounds memory corruption

The argument parser of the fetch command suffers a bug very similiar to the partial command problem. Arguments like "bodyp", "binaryp" or "binaryp" will be wrongly detected and the bufferposition can point outside of the allocated buffer for the rest of the parsing process. When the parser trigge...

10CVSS7.2AI score0.0583EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2004/09/30 12:0 a.m.32 views

samba -- potential remote DoS vulnerability

Karol Wiesek at iDEFENSE reports: A remote attacker could cause an smbd process to consume abnormal amounts of system resources due to an input validation error when matching filenames containing wildcard characters. Although samba.org classifies this as a DoS vulnerability, several members of th...

5CVSS6.9AI score0.04906EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2004/08/31 12:0 a.m.32 views

imlib2 -- BMP decoder buffer overflow

Marcus Meissner discovered that imlib2's BMP decoder would crash when loading the test BMP file created by Chris Evans for testing the previous Qt vulnerability. There appears to be both a stack-based and a heap-based buffer overflow that are believed to be exploitable for arbitrary code executio...

5.1CVSS7.3AI score0.0343EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2004/07/19 12:0 a.m.32 views

Mozilla / Firefox user interface spoofing vulnerability

The Mozilla project's family of browsers contain a design flaw that can allow a website to spoof almost perfectly any part of the Mozilla user interface, including spoofing web sites for phishing or internal elements such as the "Master Password" dialog box. This achieved by manipulating "chrome"...

10CVSS6.4AI score0.03231EPSS
Exploits0References5
FreeBSD
FreeBSD
added 2004/05/17 12:0 a.m.32 views

lha -- numerous vulnerabilities when extracting archives

Source code reviews of lha by Lukasz Wojtow, Thomas Biege, and others uncovered a number of vulnerabilities affecting lha: Buffer overflows when handling archives and filenames. CVE-2004-0694 Possible command execution via shell meta-characters when built with NOMKDIR. CVE-2004-0745 Buffer overfl...

10CVSS7.6AI score0.18827EPSS
Exploits1References4
FreeBSD
FreeBSD
added 2004/05/15 12:0 a.m.32 views

mailman -- password disclosure

Barry Warsaw reports: Today I am releasing Mailman 2.1.5, a bug fix release ... This version also contains a fix for an exploit that could allow 3rd parties to retrieve member passwords. It is thus highly recommended that all existing sites upgrade to the latest version...

5CVSS6.3AI score0.02984EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2004/04/29 12:0 a.m.32 views

Midnight Commander buffer overflows, format string bugs, and insecure temporary file handling

Jakub Jelinek reports several security related bugs in Midnight Commander, including: Multiple buffer overflows CVE-2004-0226 Insecure temporary file handling CVE-2004-0231 Format string bug CVE-2004-0232...

10CVSS6.7AI score0.03936EPSS
Exploits0
FreeBSD
FreeBSD
added 2003/09/23 12:0 a.m.32 views

ProFTPD ASCII translation bug resulting in remote root compromise

A buffer overflow exists in the ProFTPD code that handles translation of newline characters during ASCII-mode file uploads. An attacker may exploit this buffer overflow by uploading a specially crafted file, resulting in code execution and ultimately a remote root compromise...

9CVSS7AI score0.55119EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2003/08/14 12:0 a.m.32 views

ecartis buffer overflows and input validation bugs

Timo Sirainen reports multiple buffer overflows that may be triggered while parsing messages, as well as input validation errors that could result in disclosure of mailing list passwords. These bugs were resolved in the August 2003 snapshot of ecartis...

6.6AI score
Exploits0References1
FreeBSD
FreeBSD
added 2003/04/03 12:0 a.m.32 views

cscope -- symlink attack vulnerability

cscope is vulnerable to a symlink attack which could lead to an attacker overwriting arbitrary files with the permissions of the user running cscope...

2.1CVSS2.4AI score0.01145EPSS
Exploits2References3
FreeBSD
FreeBSD
added 2003/02/08 12:0 a.m.32 views

mailman XSS in user options page

From the 2.1.1 release notes: Closed a cross-site scripting vulnerability in the user options page...

4.3CVSS5.9AI score0.04721EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2003/01/01 12:0 a.m.32 views

multiple buffer overflows in xboing

Steve Kemp reports in a Debian bug submission: Due to improper bounds checking it is possible for a malicious user to gain a shell with membership group 'games'. The binary is installed setgid games. Environmental variables are used without being bounds-checked in any way, from the source code:...

4.6CVSS6.8AI score0.00508EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2000/02/19 12:0 a.m.32 views

xloadimage -- buffer overflow in FACES image handling

In 2001, zen-parse discovered a buffer overflow in xloadimage's FACES image loader. A maliciously crafted image could cause xloadimage to execute arbitrary code. A published exploit exists for this vulnerability. In 2005, Rob Holland discovered that the same vulnerability was present in xli...

7.5CVSS7.4AI score0.16344EPSS
Exploits1References3
FreeBSD
FreeBSD
added 2024/09/17 12:0 a.m.31 views

Gitlab -- vulnerabilities

Gitlab reports: SAML authentication bypass...

10CVSS7.6AI score0.10684EPSS
Exploits3References1
FreeBSD
FreeBSD
added 2024/08/05 12:0 a.m.31 views

qt5-webengine -- Multiple vulnerabilities

Backports for 6 security bugs in Chromium: CVE-2024-5496: Use after free in Media Session CVE-2024-5846: Use after free in PDFium CVE-2024-6291: Use after free in Swiftshader CVE-2024-6989: Use after free in Loader CVE-2024-6996: Race in Frames CVE-2024-7536: Use after free in WebAudio...

8.8CVSS7.9AI score0.00819EPSS
Exploits2References1
FreeBSD
FreeBSD
added 2024/05/31 12:0 a.m.31 views

qt6-webengine -- Multiple vulnerabilities

Qt qtwebengine-chromium repo reports: Backports for 7 security bugs in Chromium: CVE-2024-4948: Use after free in Dawn CVE-2024-5274: Type Confusion in V8 CVE-2024-5493: Heap buffer overflow in WebRTC CVE-2024-5494: Use after free in Dawn CVE-2024-5495: Use after free in Dawn CVE-2024-5496: Use...

9.6CVSS8.6AI score0.1002EPSS
Exploits9References1
FreeBSD
FreeBSD
added 2024/05/16 12:0 a.m.31 views

openvpn -- two security fixes

Gert Doering reports that OpenVPN 2.6.11 fixes two security bugs three on Windows: CVE-2024-5594: control channel: refuse control channel messages with nonprintable characters in them. Security scope: a malicious openvpn peer can send garbage to openvpn log, or cause high CPU load. Reynir Björnss...

9.1CVSS6.8AI score0.00819EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2024/05/14 12:0 a.m.31 views

Intel CPUs -- multiple vulnerabilities

Intel reports: Potential security vulnerabilities in some Intel Trust Domain Extensions TDX module software may allow escalation of privilege. Improper input validation in some Intel TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of...

8.2CVSS7.3AI score0.00379EPSS
Exploits0References1
Total number of security vulnerabilities5000