Lucene search
K
FreebsdMost viewed

6585 matches found

FreeBSD
FreeBSD
added 2005/04/18 12:0 a.m.31 views

coppermine -- IP spoofing and XSS vulnerability

GHC team reports about coppermine The lack of sanitizing of user defined variables may result in undesirable consequences such as IP spoofing or XSS attack. Generally users of Coppermine Gallery can post comments. Remote address & x-forwarded-for variables are logged for admin's eyes...

4.3CVSS5.9AI score0.01177EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2005/02/17 12:0 a.m.31 views

gaim -- AIM/ICQ remote denial of service vulnerability

The GAIM team reports that GAIM is vulnerable to a denial-of-service vulnerability which can cause GAIM to freeze: Certain malformed SNAC packets sent by other AIM or ICQ users can trigger an infinite loop in Gaim when parsing the SNAC. The remote user would need a custom client, able to generate...

5CVSS6.3AI score0.05296EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2005/02/08 12:0 a.m.31 views

gnupg -- OpenPGP symmetric encryption vulnerability

Serge Mister and Robert Zuccherato reports that the OpenPGP protocol is vulnerable to a cryptographic attack when using symmetric encryption in an automated way. David Shaw reports about the impact: This attack, while very significant from a cryptographic point of view, is not generally effective...

5CVSS6.2AI score0.02946EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2005/01/31 12:0 a.m.31 views

squid -- correct handling of oversized HTTP reply headers

The squid patches page notes: This patch addresses a HTTP protocol mismatch related to oversized reply headers. In addition it enhances the cache.log reporting on reply header parsing failures to make it easier to track down which sites are malfunctioning. It is believed that this bug may lead to...

5CVSS6.4AI score0.69661EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2005/01/28 12:0 a.m.31 views

squid -- buffer overflow in WCCP recvfrom() call

According to the Squid Proxy Cache Security Update Advisory SQUID-2005:3, The WCCP recvfrom call accepts more data than will fit in the allocated buffer. An attacker may send a larger-than-normal WCCP message to Squid and overflow this buffer. Severity: The bug is important because it allows remo...

7.5CVSS6.5AI score0.22152EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2005/01/25 12:0 a.m.31 views

p5-DBI -- insecure temporary file creation vulnerability

Javier Fernández-Sanguino Peña reports: The DBI library, the Perl5 database interface, creates a temporary PID file in an insecure manner. This can be exploited by a malicious user to overwrite arbitrary files owned by the person executing the parts of the library...

2.1CVSS6.4AI score0.00412EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2004/12/20 12:0 a.m.31 views

groff -- pic2graph and eqn2graph are vulnerable to symlink attack through temporary files

The eqn2graph and pic2graph scripts in groff 1.18.1 allow local users to overwrite arbitrary files via a symlink attack on temporary files...

2.1CVSS4.9AI score0.00349EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2004/12/15 12:0 a.m.31 views

pcal -- buffer overflow vulnerabilities

Danny Lungstrom has found two buffer overflow vulnerabilities in pcal which can lead to execution of arbitrary code by making a user run pcal on a specially crafted calendar file...

10CVSS4.6AI score0.14689EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2004/12/13 12:0 a.m.31 views

phpmyadmin -- file disclosure vulnerability

A phpMyAdmin security announcement reports: File disclosure: on systems where the UploadDir mecanism is active, readdump.php can be called with a crafted form; using the fact that the sqllocalfile variable is not sanitized can lead to a file disclosure. Enabling PHP safe mode on the server can be...

5CVSS1.7AI score0.01418EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2004/11/15 12:0 a.m.31 views

fcron -- multiple vulnerabilities

An iDEFENSE Security Advisory states: Multiple vulnerabilities have been found in Fcron. File contents disclosure Configuration Bypass Vulnerability File Removal and Empty File Creation Vulnerability Information Disclosure Vulnerability...

7.2CVSS6.8AI score0.00369EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2004/10/26 12:0 a.m.31 views

zgv -- exploitable heap overflows

infamous41md reports: zgv uses malloc frequently to allocate memory for storing image data. When calculating how much to allocate, user supplied data from image headers is multiplied and/or added without any checks for arithmetic overflows. We can overflow numerous calculations, and cause small...

10CVSS6.9AI score0.05149EPSS
Exploits0References5
FreeBSD
FreeBSD
added 2004/10/22 12:0 a.m.31 views

apache mod_include buffer overflow vulnerability

There is a buffer overflow in a function used by modinclude that may enable a local user to gain privileges of a httpd child. Only users that are able to create SSI documents can take advantage of that vulnerability...

7.8CVSS6.9AI score0.0483EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2004/10/10 12:0 a.m.31 views

unarj -- directory traversal vulnerability

unarj has insufficient checks for filenames that contain ... This can allow an attacker to overwrite arbitrary files with the permissions of the user running unarj...

5CVSS6.5AI score0.02737EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2004/08/22 12:0 a.m.31 views

gaim -- malicious smiley themes

The Gaim Security Issues page documents a problem with installing smiley themes from an untrusted source: To install a new smiley theme, a user can drag a tarball from a graphical file manager, or a hypertext link to one from a web browser. When a tarball is dragged, Gaim executes a shell command...

7.5CVSS7.2AI score0.02336EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2004/07/11 12:0 a.m.31 views

mozilla -- NULL bytes in FTP URLs

When handling FTP URLs containing NULL bytes, Mozilla will interpret the file content as HTML. This may allow unexpected execution of Javascript when viewing plain text or other file types via FTP...

6.4CVSS6.7AI score0.08827EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2004/06/30 12:0 a.m.31 views

Pavuk HTTP Location header overflow

When pavuk sends a request to a web server and the server sends back the HTTP status code 305 Use Proxy, pavuk copies data from the HTTP Location header in an unsafe manner. This leads to a stack-based buffer overflow with control over EIP...

7.6CVSS7AI score0.0292EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2004/06/21 12:0 a.m.31 views

gnats -- format string vulnerability

Gnats suffers from a format string bug, which may enable an attacker to execute arbitary code...

10CVSS6.7AI score0.04487EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2004/06/01 12:0 a.m.31 views

Gallery 1.4.3 and ealier user authentication bypass

A flaw exists in Gallery versions previous to 1.4.3-pl1 and post 1.2 which may give an attacker the potential to log in under the "admin" account. Data outside of the gallery is unaffected and the attacker cannot modify any data other than the photos or photo albums...

10CVSS6.3AI score0.02831EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2004/05/29 12:0 a.m.31 views

"Content-Type" XSS vulnerability affecting other webmail systems

Roman Medina-Heigl Hernandez did a survey which other webmail systems where vulnerable to a bug he discovered in SquirrelMail. This advisory summarizes the results...

6.8CVSS6.4AI score0.22528EPSS
Exploits1References4
FreeBSD
FreeBSD
added 2004/05/06 12:0 a.m.31 views

exim buffer overflow when verify = header_syntax is used

A remote exploitable buffer overflow has been discovered in exim when verify = headersyntax is used in the configuration file. This does not affect the default configuration...

7.5CVSS6.9AI score0.06974EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2004/01/13 12:0 a.m.31 views

racoon security association deletion vulnerability

A remote attacker may use specially crafted IKE/ISAKMP messages to cause racoon to delete security associations. This could result in denial-of-service or possibly cause sensitive traffic to be transmitted in plaintext, depending upon configuration...

5CVSS6.6AI score0.06664EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2003/10/25 12:0 a.m.31 views

Buffer overflow in pam_smb password handling

Applications utilizing pamsmb can be compromised by any user who can enter a password. In many cases, this is a remote root compromise...

7.5CVSS6.5AI score0.25427EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2003/09/23 12:0 a.m.31 views

ProFTPD ASCII translation bug resulting in remote root compromise

A buffer overflow exists in the ProFTPD code that handles translation of newline characters during ASCII-mode file uploads. An attacker may exploit this buffer overflow by uploading a specially crafted file, resulting in code execution and ultimately a remote root compromise...

9CVSS7AI score0.55119EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2003/08/14 12:0 a.m.31 views

ecartis buffer overflows and input validation bugs

Timo Sirainen reports multiple buffer overflows that may be triggered while parsing messages, as well as input validation errors that could result in disclosure of mailing list passwords. These bugs were resolved in the August 2003 snapshot of ecartis...

6.6AI score
Exploits0References1
FreeBSD
FreeBSD
added 2003/04/03 12:0 a.m.31 views

cscope -- symlink attack vulnerability

cscope is vulnerable to a symlink attack which could lead to an attacker overwriting arbitrary files with the permissions of the user running cscope...

2.1CVSS2.4AI score0.01145EPSS
Exploits2References3
FreeBSD
FreeBSD
added 2003/02/08 12:0 a.m.31 views

mailman XSS in user options page

From the 2.1.1 release notes: Closed a cross-site scripting vulnerability in the user options page...

4.3CVSS5.9AI score0.04721EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2002/04/28 12:0 a.m.31 views

icecast 1.x multiple vulnerabilities

icecast 1.3.11 and earlier contained numerous security vulnerabilities, the most severe allowing a remote attacker to execute arbitrary code as root...

7.5CVSS7.4AI score0.09628EPSS
Exploits3
FreeBSD
FreeBSD
added 2024/11/27 12:0 a.m.30 views

jenkins -- Denial of service vulnerability in bundled json-lib

Jenkins Security Advisory: Description High SECURITY-3463 / CVE-2024-47855 Denial of service vulnerability in bundled json-lib...

5.3CVSS6.9AI score0.15413EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2024/08/05 12:0 a.m.30 views

qt5-webengine -- Multiple vulnerabilities

Backports for 6 security bugs in Chromium: CVE-2024-5496: Use after free in Media Session CVE-2024-5846: Use after free in PDFium CVE-2024-6291: Use after free in Swiftshader CVE-2024-6989: Use after free in Loader CVE-2024-6996: Race in Frames CVE-2024-7536: Use after free in WebAudio...

8.8CVSS7.9AI score0.00819EPSS
Exploits2References1
FreeBSD
FreeBSD
added 2024/06/03 12:0 a.m.30 views

GLPI -- multiple vulnerabilities

GLPI team reports: GLPI 10.0.16 Changelog SECURITY - high Account takeover via SQL Injection in AJAX scripts CVE-2024-37148 SECURITY - high Remote code execution through the plugin loader CVE-2024-37149 SECURITY - moderate Authenticated file upload to restricted tickets CVE-2024-37147...

8.8CVSS9AI score0.21078EPSS
Exploits1References4
FreeBSD
FreeBSD
added 2024/05/31 12:0 a.m.30 views

qt5-webengine -- Multiple vulnerabilities

Backports for 5 security bugs in Chromium: CVE-2024-3837: Use after free in QUIC CVE-2024-3839: Out of bounds read in Fonts CVE-2024-3914: Use after free in V8 CVE-2024-4058: Type confusion in ANGLE CVE-2024-4558: Use after free in ANGLE...

9.6CVSS7.9AI score0.08875EPSS
Exploits2References1
FreeBSD
FreeBSD
added 2024/04/29 12:0 a.m.30 views

R -- arbitrary code execution vulnerability

HiddenLayer Research reports: Deserialization of untrusted data can occur in the R statistical programming language, enabling a maliciously crafted RDS R Data Serialization formatted file or R package to run arbitrary code on an end user's system...

8.8CVSS7.7AI score0.23618EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2024/04/10 12:0 a.m.30 views

chromium -- multiple security fixes

Chrome Releases reports: This update includes 3 security fixes: 331237485 High CVE-2024-3157: Out of bounds write in Compositing. Reported by DarkNavy on 2024-03-26 328859176 High CVE-2024-3516: Heap buffer overflow in ANGLE. Reported by Bao zx Pham and Toan suto Pham of Qrious Secure on 2024-03-...

9.6CVSS8.2AI score0.01EPSS
Exploits3References1
FreeBSD
FreeBSD
added 2024/04/08 12:0 a.m.30 views

OpenSSL -- Unbounded memory growth with session handling in TLSv1.3

The OpenSSL project reports: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions...

5.9CVSS6.9AI score0.54026EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2024/03/06 12:0 a.m.30 views

Gitlab -- Vulnerabilities

Gitlab reports: Bypassing CODEOWNERS approval allowing to steal protected variables Guest with manage group access tokens can rotate and see group access token with owner permissions...

8CVSS7.3AI score0.00706EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2024/02/21 12:0 a.m.30 views

electron27 -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerability: Security: backported fix for CVE-2024-1283. Security: backported fix for CVE-2024-1284...

9.8CVSS7.4AI score0.0152EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2024/02/20 12:0 a.m.30 views

chromium -- multiple security fixes

Chrome Releases reports: This update includes 12 security fixes: 41495060 High CVE-2024-1669: Out of bounds memory access in Blink. Reported by Anonymous on 2024-01-26 41481374 High CVE-2024-1670: Use after free in Mojo. Reported by Cassidy Kim@cassidy6564 on 2023-12-06 41487933 Medium...

9.8CVSS7AI score0.18552EPSS
Exploits6References1
FreeBSD
FreeBSD
added 2023/11/15 12:0 a.m.30 views

electron{25,26} -- use after free in WebAudio

Electron developers report: This update fixes the following vulnerability: Security: backported fix for CVE-2023-5996...

8.8CVSS7.1AI score0.01976EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2023/11/09 12:0 a.m.30 views

postgresql-server -- Role pg_cancel_backend can signal certain superuser processes

PostgreSQL Project reports: Documentation says the pgcancelbackend role cannot signal "a backend owned by a superuser". On the contrary, it can signal background workers, including the logical replication launcher. It can signal autovacuum workers and the autovacuum launcher. Signaling autovacuum...

4.4CVSS7.3AI score0.02555EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2023/10/10 12:0 a.m.30 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This update includes 20 security fixes: 1487110 Critical CVE-2023-5218: Use after free in Site Isolation. Reported by @18楼梦想改造家 on 2023-09-27 1062251 Medium CVE-2023-5487: Inappropriate implementation in Fullscreen. Reported by Anonymous on 2020-03-17 1414936 Medium...

8.8CVSS7.9AI score0.0126EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2023/10/03 12:0 a.m.30 views

FreeBSD -- arm64 boot CPUs may lack speculative execution protections

Problem Description: On CPU 0 the check for the SMCCC workaround is called before SMCCC support has been initialized. Impact: No speculative execution workarounds are installed on CPU 0...

5.5CVSS7.1AI score0.00191EPSS
Exploits0
FreeBSD
FreeBSD
added 2023/09/01 12:0 a.m.30 views

mediawiki -- multiple vulnerabilities

Mediawikwi reports: T264765, CVE-2023-PENDING SECURITY: Users without correct permission are incorrectly shown MediaWiki:Missing-revision-permission. T333050, CVE-2023-PENDING SECURITY: Fix infinite loop for self-redirects with variants conversion. T340217, CVE-2023-PENDING SECURITY: Vector 2022:...

9CVSS6.2AI score0.01151EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2023/09/01 12:0 a.m.30 views

Django -- multiple vulnerabilities

Django reports: CVE-2023-41164: Potential denial of service vulnerability in django.utils.encoding.uritoiri...

7.5CVSS6.6AI score0.01284EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2023/08/15 12:0 a.m.30 views

clamav -- Possible denial of service vulnerability in the AutoIt file parser

The ClamAV project reports: There is a possible denial of service vulnerability in the AutoIt file parser...

7.5CVSS6.8AI score0.02599EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2023/06/06 12:0 a.m.30 views

Grafana -- Grafana DS proxy race condition

Grafana Labs reports: We have discovered a vulnerability with Grafana’s data source query endpoints that could end up crashing a Grafana instance. If you have public dashboards PD enabled, we are scoring this as a CVSS 7.5 High. If you have disabled PD, this vulnerability is still a risk, but...

7.5CVSS6.8AI score0.00745EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2023/02/07 12:0 a.m.30 views

xorg-server -- Security issue in the X server

The X.org project reports: CVE-2023-0494/ZDI-CAN-19596: X.Org Server DeepCopyPointerClasses use-after-free A dangling pointer in DeepCopyPointerClasses can be exploited by ProcXkbSetDeviceInfo and ProcXkbGetDeviceInfo to read/write into freed memory...

7.8CVSS7.8AI score0.00899EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2023/01/27 12:0 a.m.30 views

libde256 -- multiple vulnerabilities

Libde265 developer reports: This release fixes the known CVEs below. Many of them are actually caused by the same underlying issues that manifest in different ways...

9.8CVSS2.6AI score0.0202EPSS
Exploits30References1
FreeBSD
FreeBSD
added 2023/01/17 12:0 a.m.30 views

git -- gitattributes parsing integer overflow

git team reports: gitattributes are used to define unique attributes corresponding to paths in your repository. These attributes are defined by .gitattributes files within your repository. The parser used to read these files has multiple integer overflows, which can occur when parsing either a...

9.8CVSS3AI score0.56334EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2022/12/24 12:0 a.m.30 views

freerdp -- multiple vulnerabilities

FreeRDP reports: GHSA-5w4j-mrrh-jjrm: Out of bound read in zgfx decoder. GHSA-99cm-4gw7-c8jh: Undefined behaviour in zgfx decoder. GHSA-387j-8j96-7q35: Division by zero in urbdrc channel. GHSA-mvxm-wfj2-5fvh: Missing length validation in urbdrc channel. GHSA-qfq2-82qr-7f4j: Heap buffer overflow i...

5.7CVSS6.2AI score0.00967EPSS
Exploits0References7
FreeBSD
FreeBSD
added 2022/12/08 12:0 a.m.31 views

routinator -- multiple vulnerabilities

NLnet Labs report: This release fixes two issues in Routinator that can be exploited remotely by rogue RPKI CAs and repositories. We therefore advise all users of Routinator to upgrade to this release at their earliest convenience. The first issue, CVE-2022-39915, can lead to Routinator crashing...

9.3CVSS6.9AI score0.00549EPSS
Exploits0References2
Total number of security vulnerabilities5000