Lucene search
K
FreebsdMost viewed

6585 matches found

FreeBSD
FreeBSD
•added 2015/12/21 12:0 a.m.•31 views

giflib -- heap overflow

Hans Jerry Illikainen reports: A heap overflow may occur in the giffix utility included in giflib-5.1.1 when processing records of the type IMAGEDESCRECORDTYPE' due to the allocated size of LineBuffer' equaling the value of the logical screen width, GifFileIn-SWidth', while subsequently having...

5.5CVSS6.5AI score0.01481EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2015/10/29 12:0 a.m.•31 views

xen-kernel -- leak of main per-domain vcpu pointer array

The Xen Project reports: A domain's primary array of vcpu pointers can be allocated by a toolstack exactly once in the lifetime of a domain via the XENDOMCTLmaxvcpus hypercall. This array is leaked on domain teardown. This memory leak could -- over time -- exhaust the host's memory. A domain give...

4.9CVSS7.3AI score0.00436EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/09/18 12:0 a.m.•31 views

wolfssl -- DDoS amplification in DTLS

Sebastian Ramacher identified an error in wolfSSL's implementation of the server side of the DTLS handshake, which could be abused for DDoS amplification or a DoS on the DTLS server itself...

7.5CVSS7.4AI score0.0272EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2015/09/15 12:0 a.m.•31 views

ZendFramework1 -- SQL injection vulnerability

Zend Framework developers report: The PDO adapters of Zend Framework 1 do not filter null bytes values in SQL statements. A PDO adapter can treat null bytes in a query as a string terminator, allowing an attacker to add arbitrary SQL following a null byte, and thus create a SQL injection...

9.8CVSS9.4AI score0.02972EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2015/08/07 12:0 a.m.•31 views

screen -- stack overflow

Kuang-che Wu reports: screen will recursively call MScrollV to depth n/256. This is time consuming and will overflow stack if n is huge...

5CVSS6.7AI score0.04148EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2015/07/29 12:0 a.m.•31 views

go -- multiple vulnerabilities

Jason Buberel, Go Product Manager, reports: CVE-2015-5739 - "Content Length" treated as valid header CVE-2015-5740 - Double content-length headers does not return 400 error CVE-2015-5741 - Additional hardening, not sending Content-Length w/Transfer-Encoding, Closing connections...

9.8CVSS9.2AI score0.09625EPSS
Exploits0References4
FreeBSD
FreeBSD
•added 2015/06/26 12:0 a.m.•31 views

cups-filters -- buffer overflow in texttopdf size allocation

Stefan Cornelius from Red Hat reports: A heap-based buffer overflow was discovered in the way the texttopdf utility of cups-filters processed print jobs with a specially crafted line size. An attacker being able to submit print jobs could exploit this flaw to crash texttopdf or, possibly, execute...

7.5CVSS7.2AI score0.08295EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2015/06/11 12:0 a.m.•31 views

xen-kernel -- GNTTABOP_swap_grant_ref operation misbehavior

The Xen Project reports: With the introduction of version 2 grant table operations, a version check became necessary for most grant table related hypercalls. The GNTTABOPswapgrantref call was lacking such a check. As a result, the subsequent code behaved as if version 2 was in use, when a guest...

4.9CVSS9.1AI score0.00439EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/06/03 12:0 a.m.•31 views

tidy -- heap-buffer-overflow

Geoff McLane reports: tidy is affected by a write out of bounds when processing malformed html files. This issue could be abused on server side applications that use php-tidy extension with user input. The issue was confirmed, analyzed, and fixed by the tidy5 maintainer...

5.9AI score
Exploits0References3
FreeBSD
FreeBSD
•added 2015/04/10 12:0 a.m.•31 views

PostgreSQL -- minor security problems.

PostgreSQL project reports: This update fixes three security vulnerabilities reported in PostgreSQL over the past few months. Nether of these issues is seen as particularly urgent. However, users should examine them in case their installations are vulnerable:. CVE-2015-3165 Double "free" after...

9.8CVSS9.4AI score0.08565EPSS
Exploits0
FreeBSD
FreeBSD
•added 2015/02/12 12:0 a.m.•31 views

xen-kernel -- arm: vgic-v2: GICD_SGIR is not properly emulated

The Xen Project reports: When decoding a guest write to a specific register in the virtual interrupt controller Xen would treat an invalid value as a critical error and crash the host. By writing an invalid value to the GICD.SGIR register a guest can crash the host, resulting in a Denial of Servi...

4.9CVSS8.5AI score0.00415EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/01/29 12:0 a.m.•31 views

xen-kernel -- arm: vgic: incorrect rate limiting of guest triggered logging

The Xen Project reports: On ARM systems the code which deals with virtualizing the GIC distributor would, under various circumstances, log messages on a guest accessible code path without appropriate rate limiting. A malicious guest could cause repeated logging to the hypervisor console, leading ...

2.1CVSS8.5AI score0.00411EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/01/27 12:0 a.m.•31 views

FreeBSD -- SCTP SCTP_SS_VALUE kernel memory corruption and disclosure

Problem Description: Due to insufficient validation of the SCTP stream ID, which serves as an array index, a local unprivileged attacker can read or write 16-bits of kernel memory. Impact: An unprivileged process can read or modify 16-bits of memory which belongs to the kernel. This may lead to...

4.6CVSS5.8AI score0.00896EPSS
Exploits5
FreeBSD
FreeBSD
•added 2015/01/21 12:0 a.m.•31 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 62 security fixes in this release, including: 430353 High CVE-2014-7923: Memory corruption in ICU. Credit to yangdingning. 435880 High CVE-2014-7924: Use-after-free in IndexedDB. Credit to Collin Payne. 434136 High CVE-2014-7925: Use-after-free in WebAudio. Credit ...

7.5CVSS8.5AI score0.04339EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/01/07 12:0 a.m.•31 views

WebKit-gtk -- Multiple vulnerabilities

Webkit release team reports: This release fixes the following security issues: CVE-2014-1344, CVE-2014-1384, CVE-2014-1385, CVE-2014-1386, CVE-2014-1387, CVE-2014-1388, CVE-2014-1389, CVE-2014-1390...

6.8CVSS7.9AI score0.02762EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2014/12/07 12:0 a.m.•31 views

freetype -- Out of bounds stack-based read/write

Werner LEMBERG reports: The fix for CVE-2014-2240 was not 100% complete to fix the issue from the CVE completly...

7.5CVSS6.5AI score0.06275EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2014/11/25 12:0 a.m.•31 views

flac -- Multiple vulnerabilities

Erik de Castro Lopo reports: Google Security Team member, Michele Spagnuolo, recently found two potential problems in the FLAC code base. They are: CVE-2014-9028: Heap buffer write overflow. CVE-2014-8962: Heap buffer read overflow...

7.5CVSS6.7AI score0.0986EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2014/10/06 12:0 a.m.•31 views

Bugzilla multiple security issues

Bugzilla Security Advisory Unauthorized Account Creation An attacker creating a new Bugzilla account can override certain parameters when finalizing the account creation that can lead to the user being created with a different email address than originally requested. The overridden login name cou...

5.6AI score
Exploits0References4
FreeBSD
FreeBSD
•added 2014/09/09 12:0 a.m.•31 views

www/chromium -- multiple vulnerabilities

Google Chrome Releases reports: 4 security fixes in this release, including: 401362 High CVE-2014-3178: Use-after-free in rendering. Credit to miaubiz. 411014 CVE-2014-3179: Various fixes from internal audits, fuzzing and other initiatives...

7.5CVSS1.7AI score0.01452EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2014/09/09 12:0 a.m.•31 views

security/ossec-hids-* -- root escalation via temp files

OSSEC reports: This correction will create the temp file for the hosts deny file in /var/ossec and will use mktemp where available to create NON-predictable temp file name. In cases where mktemp is not available we have written a BAD version of mktemp, but should be a little better then just...

7.2CVSS6.4AI score0.02497EPSS
Exploits3References1
FreeBSD
FreeBSD
•added 2014/08/26 12:0 a.m.•31 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 50 security fixes in this release, including: 386988 Critical CVE-2014-3176, CVE-2014-3177: A special reward to lokihardt@asrt for a combination of bugs in V8, IPC, sync, and extensions that can lead to remote code execution outside of the sandbox. 369860 High...

10CVSS2.5AI score0.09758EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2014/08/09 12:0 a.m.•31 views

e2fsprogs -- buffer overflow if s_first_meta_bg too big

Theodore Ts'o reports: If sfirstmetabg is greater than the of number block group descriptor blocks, then reading or writing the block group descriptors will end up overruning the memory buffer allocated for the descriptors. The finding is credited to a vulnerability report from Jose Duart of Goog...

4.6CVSS7.4AI score0.00897EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2014/07/28 12:0 a.m.•31 views

librsync -- collision vulnerability

Michael Samuel reports: librsync before 1.0.0 uses a truncated MD4 checksum to match blocks, which makes it easier for remote attackers to modify transmitted data via a birthday attack...

5.8CVSS6.4AI score0.02939EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2014/05/13 12:0 a.m.•31 views

libXfont -- X Font Service Protocol and Font metadata file handling issues

Alan Coopersmith reports: Ilja van Sprundel, a security researcher with IOActive, has discovered several issues in the way the libXfont library handles the responses it receives from xfs servers, and has worked with X.Org's security team to analyze, confirm, and fix these issues. Most of these...

7.8AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2014/03/13 12:0 a.m.•31 views

linux-flashplugin -- multiple vulnerabilities

Adobe reports: These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system...

10CVSS6.5AI score0.08486EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2014/01/15 12:0 a.m.•31 views

virtualbox-ose -- local vulnerability

Oracle reports: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.22, and 4.3.6 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core...

3.5CVSS6.2AI score0.00311EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2013/12/24 12:0 a.m.•31 views

libXfont -- Stack buffer overflow in parsing of BDF font files in libXfont

freedesktop.org reports: A BDF font file containing a longer than expected string can cause a buffer overflow on the stack. Testing in X servers built with Stack Protector restulted in an immediate crash when reading a user-proveded specially crafted font. As libXfont is used to read user-specifi...

9.3CVSS6.8AI score0.10254EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2013/11/24 12:0 a.m.•31 views

libyaml heap overflow resulting in possible code execution

libyaml was prone to a heap overflow that could result in arbitrary code execution. Pkg uses libyaml to parse the package manifests in some cases. Pkg also used libyaml to parse the remote repository until 1.2. RedHat Product Security Team reports on libyaml: A heap-based buffer overflow flaw was...

6.8CVSS7.5AI score0.09312EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2013/11/12 12:0 a.m.•31 views

linux-flashplugin -- multiple vulnerabilities

Adobe reports: These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system...

10CVSS6.5AI score0.1129EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2013/10/30 12:0 a.m.•31 views

varnish -- DoS vulnerability in Varnish HTTP cache

Varnish Cache Project reports: If Varnish receives a certain illegal request, and the subroutine 'vclerror' restarts the request, the varnishd worker process will crash with an assert. The varnishd management process will restart the worker process, but there will be a brief interruption of servi...

5CVSS6.3AI score0.0305EPSS
Exploits3References1
FreeBSD
FreeBSD
•added 2013/09/29 12:0 a.m.•31 views

mod_fcgid -- possible heap buffer overwrite

Apache Project reports: Fix possible heap buffer overwrite...

7.5CVSS6.7AI score0.13141EPSS
Exploits0
FreeBSD
FreeBSD
•added 2013/06/22 12:0 a.m.•31 views

cURL library -- heap corruption in curl_easy_unescape

cURL developers report: libcurl is vulnerable to a case of bad checking of the input data which may lead to heap corruption. The function curleasyunescape decodes URL-encoded strings to raw binary data. URL-encoded octets are represented with %HH combinations where HH is a two-digit hexadecimal...

6.8CVSS6.4AI score0.11118EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2013/03/27 12:0 a.m.•31 views

asterisk -- multiple vulnerabilities

Asterisk project reports: Buffer Overflow Exploit Through SIP SDP Header Username disclosure in SIP channel driver Denial of Service in HTTP server...

7.5CVSS6.4AI score0.02621EPSS
Exploits0References4
FreeBSD
FreeBSD
•added 2013/03/04 12:0 a.m.•31 views

perl -- denial of service via algorithmic complexity attack on hashing routines

Perl developers report: In order to prevent an algorithmic complexity attack against its hashing mechanism, perl will sometimes recalculate keys and redistribute the contents of a hash. This mechanism has made perl robust against attacks that have been demonstrated against other systems. Research...

7.5CVSS6.4AI score0.03577EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2012/11/22 12:0 a.m.•31 views

FreeBSD -- Linux compatibility layer input validation error

Problem description: A programming error in the handling of some Linux system calls may result in memory locations being accessed without proper validation...

7.8CVSS7.5AI score0.00419EPSS
Exploits0
FreeBSD
FreeBSD
•added 2012/08/22 12:0 a.m.•31 views

otrs -- XSS vulnerability in Internet Explorer could lead to remote code execution

The OTRS Project reports: This advisory covers vulnerabilities discovered in the OTRS core system. Due to the XSS vulnerability in Internet Explorer an attacker could send a specially prepared HTML email to OTRS which would cause JavaScript code to be executed in your Internet Explorer while...

4.3CVSS6AI score0.04195EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2012/05/24 12:0 a.m.•31 views

pycrypto -- vulnerable ElGamal key generation

Dwayne C. Litzenberger of PyCrypto reports: In the ElGamal schemes for both encryption and signatures, g is supposed to be the generator of the entire Z^p group. However, in PyCrypto 2.5 and earlier, g is more simply the generator of a random sub-group of Z^p. The result is that the signature spa...

4.3CVSS9AI score0.02727EPSS
Exploits2References2
FreeBSD
FreeBSD
•added 2012/05/14 12:0 a.m.•31 views

socat -- Heap-based buffer overflow

The socat development team reports: This vulnerability can be exploited when socat is invoked with the READLINE address this is usually only used interactively without option "prompt" and without option "noprompt" and an attacker succeeds to provide malicious data to the other arbitrary address...

6.2CVSS6.9AI score0.00455EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2012/03/22 12:0 a.m.•31 views

Apache Traffic Server -- heap overflow vulnerability

CERT-FI reports: A heap overflow vulnerability has been found in the HTTP Hypertext Transfer Protocol protocol handling of Apache Traffic Server. The vulnerability allows an attacker to cause a denial of service or potentially to execute his own code by sending a specially modified HTTP message t...

5CVSS7AI score0.03473EPSS
Exploits1
FreeBSD
FreeBSD
•added 2012/02/01 12:0 a.m.•31 views

drupal -- multiple vulnerabilities

Drupal development team reports: Cross Site Request Forgery vulnerability in Aggregator module CVE: CVE-2012-0826 An XSRF vulnerability can force an aggregator feed to update. Since some services are rate-limited e.g. Twitter limits requests to 150 per hour this could lead to a denial of service...

6.8CVSS6.3AI score0.01979EPSS
Exploits0
FreeBSD
FreeBSD
•added 2011/10/17 12:0 a.m.•31 views

asterisk -- remote crash vulnerability in SIP channel driver

Asterisk project reports: A remote authenticated user can cause a crash with a malformed request due to an unitialized variable...

6.8CVSS6.2AI score0.0238EPSS
Exploits0
FreeBSD
FreeBSD
•added 2011/07/20 12:0 a.m.•31 views

glpi -- remote attack via crafted POST request

The GLPI project reports: The autocompletion functionality in GLPI before 0.80.2 does not blacklist certain username and password fields, which allows remote attackers to obtain sensitive information via a crafted POST request...

5CVSS6.1AI score0.0285EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2011/05/19 12:0 a.m.•31 views

Apache APR -- DoS vulnerabilities

The Apache Portable Runtime Project reports: Reimplement aprfnmatch from scratch using a non-recursive algorithm; now has improved compliance with the fnmatch spec...

4.3CVSS2.7AI score0.30406EPSS
Exploits5References1
FreeBSD
FreeBSD
•added 2011/02/08 12:0 a.m.•31 views

krb5 -- MITKRB5-SA-2011-002, KDC vulnerable to hang when using LDAP back end

An advisory published by the MIT Kerberos team says: The MIT krb5 Key Distribution Center KDC daemon is vulnerable to denial of service attacks from unauthenticated remote attackers. CVE-2011-0281 and CVE-2011-0282 occur only in KDCs using LDAP back ends, but CVE-2011-0283 occurs in all krb5-1.9...

5CVSS2.3AI score0.04202EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2010/12/28 12:0 a.m.•31 views

webkit-gtk2 -- Multiple vulnerabilities

Gustavo Noronha Silva reports: The patches to fix the following CVEs are included with help from Huzaifa Sidhpurwala from the Red Hat security team...

9.8CVSS9.2AI score0.06513EPSS
Exploits8References1
FreeBSD
FreeBSD
•added 2010/12/13 12:0 a.m.•31 views

php-imap -- Denial of Service

The following DoS condition in IMAP extension was fixed in PHP 5.3.4 and PHP 5.2.15: A remote user can send specially crafted IMAP user name or password data to trigger a double free memory error in 'ext/imap/phpimap.c' and cause the target service to crash. It may be possible to execute arbitrar...

5CVSS6.9AI score0.06008EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2010/10/08 12:0 a.m.•31 views

openssl -- TLS extension parsing race condition

OpenSSL Team reports: Rob Hulswit has found a flaw in the OpenSSL TLS server extension code parsing which on affected servers can be exploited in a buffer overrun attack. Any OpenSSL based TLS server is vulnerable if it is multi-threaded and uses OpenSSL's internal caching mechanism. Servers that...

7.6CVSS7.9AI score0.22145EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2010/09/14 12:0 a.m.•31 views

Mailman -- cross-site scripting in web interface

Secunia reports: Two vulnerabilities have been reported in Mailman, which can be exploited by malicious users to conduct script insertion attacks. Certain input passed via the list descriptions is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary...

3.5CVSS6.1AI score0.01973EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2010/04/15 12:0 a.m.•31 views

e107 -- code execution and XSS vulnerabilities

Secunia Research reported two vulnerabilities in e107: The first problem affects installations that have the Content Manager plugin enabled. This plugin does not sanitize the "contentheading" parameter correctly and is therefore vulnerable to a cross site scripting attack. The second vulnerabilit...

6.4AI score
Exploits0References4
FreeBSD
FreeBSD
•added 2010/01/29 12:0 a.m.•31 views

ejabberd -- queue overload denial of service vulnerability

The Red Hat security response team reports: A remotely exploitable DoS from XMPP client to ejabberd server via too many "client2server" messages causing the message queue on the server to get overloaded, leading to server crash has been found...

5CVSS6.4AI score0.03105EPSS
Exploits0References4
Total number of security vulnerabilities5000