Lucene search
K
FreebsdMost viewed

6585 matches found

FreeBSD
FreeBSD
•added 2019/11/25 12:0 a.m.•30 views

Django -- multiple vulnerabilities

Django release reports: CVE-2019-19118: Privilege escalation in the Django admin. Since Django 2.1, a Django model admin displaying a parent model with related model inlines, where the user has view-only permissions to a parent model but edit permissions to the inline model, would display a...

6.5CVSS1.1AI score0.01656EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/11/14 12:0 a.m.•30 views

libidn2 -- roundtrip check vulnerability

CVE list: GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except fo...

7.5CVSS2.6AI score0.0279EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2019/09/23 12:0 a.m.•31 views

e2fsprogs -- maliciously corrupted file systems can trigger buffer overruns in the quota code used by e2fsck

Ted Y. Ts'o reports: A maliciously corrupted file systems can trigger buffer overruns in the quota code used by e2fsck...

7.5CVSS2.4AI score0.01105EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2019/08/20 12:0 a.m.•30 views

FreeBSD -- kernel memory disclosure from /dev/midistat

Problem Description: The kernel driver for /dev/midistat implements a handler for read2. This handler is not thread-safe, and a multi-threaded program can exploit races in the handler to cause it to copy out kernel memory outside the boundaries of midistat's data buffer. Impact: The races allow a...

7.8CVSS1.5AI score0.00909EPSS
Exploits0
FreeBSD
FreeBSD
•added 2019/08/06 12:0 a.m.•30 views

mongodb -- Bump Windows package dependencies

Rich Mirch reports: An unprivileged user or program on Microsoft Windows which can create OpenSSL configuration files in a fixed location may cause utility programs shipped with MongoDB server versions less than 4.0.11, 3.6.14, and 3.4.22 to run attacker defined code as the user running the utili...

8.2CVSS4.7AI score0.01011EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/08/06 12:0 a.m.•30 views

mongodb -- Our init scripts check /proc/[pid]/stat should validate that `(${procname})` is the process' command name.

Sicheng Liu of Beijing DBSEC Technology Co., Ltd reports: Incorrect scoping of kill operations in MongoDB Server's packaged SysV init scripts allow users with write access to the PID file to insert arbitrary PIDs to be killed when the root user stops the MongoDB process via SysV init...

5.3CVSS1.4AI score0.00305EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/07/24 12:0 a.m.•30 views

FreeBSD -- pts(4) write-after-free

Problem Description: The code which handles a close2 of a descriptor created by posixopenpt2 fails to undo the configuration which causes SIGIO to be raised. This bug can lead to a write-after-free of kernel memory. Impact: The bug permits malicious code to trigger a write-after-free, which may b...

7.8CVSS0.7AI score0.00591EPSS
Exploits0
FreeBSD
FreeBSD
•added 2019/07/14 12:0 a.m.•30 views

vlc -- multiple vulnerabilities

The VLC project reports: Security: Fix a buffer overflow in the MKV demuxer CVE-2019-14970 Fix a read buffer overflow in the avcodec decoder CVE-2019-13962 Fix a read buffer overflow in the FAAD decoder Fix a read buffer overflow in the OGG demuxer CVE-2019-14437, CVE-2019-14438 Fix a read buffer...

9.8CVSS3.2AI score0.036EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2019/05/09 12:0 a.m.•30 views

chromium -- use after free

Google Chrome Releases reports: 961413 High CVE-2019-5842: Use-after-free in Blink. Reported by BUGFENSE Anonymous Bug Bounties https://bugfense.io on 2019-05-09...

6.5CVSS7.6AI score0.00744EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/01/23 12:0 a.m.•30 views

vlc -- Buffer overflow vulnerability

zhangyang reports: The ReadFrame function in the avi.c file uses a variable iwidthbytes, which is obtained directly from the file. It is a signed integer. It does not do a strict check before the memory operationmemmove, memcpy, which may cause a buffer overflow...

6.5CVSS4.3AI score0.05295EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2018/08/06 12:0 a.m.•30 views

pango -- remote DoS vulnerability

libpango in Pango 1.40.8 through 1.42.3, as used in hexchat and other products, allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted text with invalid Unicode sequences...

6.5CVSS6AI score0.11499EPSS
Exploits5References4
FreeBSD
FreeBSD
•added 2018/06/05 12:0 a.m.•30 views

couchdb -- administrator privilege escalation

Apache CouchDB PMC reports: Database Administrator could achieve privilege escalation to the account that CouchDB runs under, by abusing insufficient validation in the HTTP API, escaping security controls implemented in previous releases...

9CVSS1.9AI score0.08153EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/05/08 12:0 a.m.•30 views

Flash Player -- arbitrary code execution

Adobe reports: This update resolves a type confusion vulnerability that could lead to arbitrary code execution CVE-2018-4944...

10CVSS3.4AI score0.08991EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/03/19 12:0 a.m.•30 views

Sanitize -- XSS vulnerability

Sanitize release: Fixed an HTML injection vulnerability that could allow XSS. When Sanitize = 2.9.2, a specially crafted HTML fragment can cause libxml2 to generate improperly escaped output, allowing non-whitelisted attributes to be used on whitelisted elements. Sanitize now performs additional...

7.5CVSS7.2AI score0.0152EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2018/01/09 12:0 a.m.•30 views

dovecot -- abort of SASL authentication results in a memory leak

Pedro Sampaio reports: A flaw was found in dovecot 2.0 up to 2.2.33 and 2.3.0. A abort of SASL authentication results in a memory leak in Dovecot auth client used by login processes. The leak has impact in high performance configuration where same login processes are reused and can cause the...

7.5CVSS7.1AI score0.0312EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2018/01/03 12:0 a.m.•30 views

irssi -- multiple vulnerabilities

Irssi reports: When the channel topic is set without specifying a sender, Irssi may dereference NULL pointer. Found by Joseph Bisch. When using incomplete escape codes, Irssi may access data beyond the end of the string. Found by Joseph Bisch. A calculation error in the completion code could caus...

9.8CVSS9.1AI score0.02439EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/11/06 12:0 a.m.•30 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 2 security fixes in this release, including: 777728 Critical CVE-2017-15398: Stack buffer overflow in QUIC. Reported by Ned Williamson on 2017-10-24 776677 High CVE-2017-15399: Use after free in V8. Reported by Zhao Qixun of Qihoo 360 Vulcan Team on 2017-10-20...

9.8CVSS9.9AI score0.04889EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/10/10 12:0 a.m.•30 views

wireshark -- multiple security issues

wireshark developers reports: In Wireshark 2.4.0 to 2.4.1, the DOCSIS dissector could go into an infinite loop. This was addressed in plugins/docsis/packet-docsis.c by adding decrements. In Wireshark 2.4.0 to 2.4.1, the RTSP dissector could crash. This was addressed in epan/dissectors/packet-rtsp...

7.8CVSS7.6AI score0.02697EPSS
Exploits0References25
FreeBSD
FreeBSD
•added 2017/08/10 12:0 a.m.•30 views

GitLab -- two vulnerabilities

GitLab reports: Remote Command Execution in git client An external code review performed by Recurity-Labs identified a remote command execution vulnerability in git that could be exploited via the "Repo by URL" import option in GitLab. The command line git client was not properly escaping command...

8.8CVSS9.2AI score0.0354EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2017/05/17 12:0 a.m.•30 views

freetype2 -- buffer overflows

Werner Lemberg reports: CVE-2017-8105, CVE-2017-8287: Older FreeType versions have out-of-bounds writes caused by heap-based buffer overflows related to Type 1 fonts...

9.8CVSS4AI score0.04188EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/02/09 12:0 a.m.•30 views

diffoscope -- arbitrary file write

Ximin Luo reports: v67 introduced a security hole where diffoscope may write to arbitrary locations on disk depending on the contents of an untrusted archive...

10CVSS9.2AI score0.01893EPSS
Exploits4References1
FreeBSD
FreeBSD
•added 2017/01/10 12:0 a.m.•30 views

flash -- multiple vulnerabilities

Adobe reports: These updates resolve a security bypass vulnerability that could lead to information disclosure CVE-2017-2938. These updates resolve use-after-free vulnerabilities that could lead to code execution CVE-2017-2932, CVE-2017-2936, CVE-2017-2937. These updates resolve heap buffer...

9.3CVSS8.7AI score0.2991EPSS
Exploits22References1
FreeBSD
FreeBSD
•added 2016/11/22 12:0 a.m.•30 views

xen-tools -- qemu incautious about shared ring processing

The Xen Project reports: The compiler can emit optimizations in qemu which can lead to double fetch vulnerabilities. Specifically data on the rings shared between qemu and the hypervisor which the guest under control can obtain mappings of can be fetched twice during which time the guest can alte...

7.5CVSS4.2AI score0.00295EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2016/10/12 12:0 a.m.•30 views

guile2 -- multiple vulnerabilities

Ludovic Courtès reports: The REPL server is vulnerable to the HTTP inter-protocol attack The ‘mkdir’ procedure of GNU Guile, an implementation of the Scheme programming language, temporarily changed the process’ umask to zero. During that time window, in a multithreaded application, other threads...

0.1AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2016/10/04 12:0 a.m.•30 views

xen-kernel -- CR0.TS and CR0.EM not always honored for x86 HVM guests

The Xen Project reports: Instructions touching FPU, MMX, or XMM registers are required to raise a Device Not Available Exception NM when either CR0.EM or CR0.TS are set. Their AVX or AVX-512 extensions would consider only CR0.TS. While during normal operation this is ensured by the hardware, if a...

6.3CVSS0.9AI score0.00303EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2016/09/08 12:0 a.m.•30 views

xen-kernel -- x86: Mishandling of instruction pointer truncation during emulation

The Xen Project reports: When emulating HVM instructions, Xen uses a small i-cache for fetches from guest memory. The code that handles cache misses does not check if the address from which it fetched lies within the cache before blindly writing to it. As such it is possible for the guest to...

8.2CVSS0.8AI score0.00425EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2016/08/02 12:0 a.m.•30 views

Mozilla -- multiple vulnerabilities

Mozilla Foundation reports: Please reference CVE/URL list for details...

9.8CVSS7.9AI score0.13802EPSS
Exploits6References23
FreeBSD
FreeBSD
•added 2016/07/12 12:0 a.m.•30 views

flash -- multiple vulnerabilities

Adobe reports: These updates resolve a race condition vulnerability that could lead to information disclosure CVE-2016-4247. These updates resolve type confusion vulnerabilities that could lead to code execution CVE-2016-4223, CVE-2016-4224, CVE-2016-4225. These updates resolve use-after-free...

9.3CVSS1.7AI score0.36456EPSS
Exploits26References1
FreeBSD
FreeBSD
•added 2016/06/04 12:0 a.m.•30 views

FreeBSD -- Multiple ntp vulnerabilities

Problem Description: Multiple vulnerabilities have been discovered in the NTP suite: The fix for Sec 3007 in ntp-4.2.8p7 contained a bug that could cause ntpd to crash. CVE-2016-4957, Reported by Nicolas Edet of Cisco An attacker who knows the origin timestamp and can send a spoofed packet...

7.5CVSS0.7AI score0.44936EPSS
Exploits1
FreeBSD
FreeBSD
•added 2016/06/02 12:0 a.m.•30 views

xen-tools -- Unsanitised driver domain input in libxl device handling

The Xen Project reports: libxl's device-handling code freely uses and trusts information from the backend directories in xenstore. A malicious driver domain can deny service to management tools...

4.7CVSS1.8AI score0.00297EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2016/05/01 12:0 a.m.•30 views

mercurial -- arbitrary code execution vulnerability

Mercurial reports: CVE-2016-3105: Arbitrary code execution when converting Git repos...

8.8CVSS4.3AI score0.02655EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2016/02/29 12:0 a.m.•30 views

phpmyadmin -- multiple XSS and a man-in-the-middle vulnerability

The phpMyAdmin development team reports: XSS vulnerability in SQL parser. Using a crafted SQL query, it is possible to trigger an XSS attack through the SQL query page. We consider this vulnerability to be non-critical. Multiple XSS vulnerabilities. By sending a specially crafted URL as part of t...

6.8CVSS1.4AI score0.03109EPSS
Exploits0References4
FreeBSD
FreeBSD
•added 2016/02/02 12:0 a.m.•30 views

horde -- XSS vulnerabilities

The Horde Team reports: Fixed XSS vulnerabilities in menu bar and form renderer...

6.1CVSS6.2AI score0.02061EPSS
Exploits1References6
FreeBSD
FreeBSD
•added 2016/02/01 12:0 a.m.•30 views

Multiple vulnerabilities in Botan

The botan developers reports: Infinite loop in modular square root algorithm - The ressol function implements the Tonelli-Shanks algorithm for finding square roots could be sent into a nearly infinite loop due to a misplaced conditional check. This could occur if a composite modulus is provided, ...

7.5CVSS2.2AI score0.02558EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2016/01/28 12:0 a.m.•30 views

phpmyadmin -- Unsafe generation of XSRF/CSRF token

The phpMyAdmin development team reports: The XSRF/CSRF token is generated with a weak algorithm using functions that do not return cryptographically secure values. We consider this vulnerability to be non-critical...

5.3CVSS1.9AI score0.02477EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2016/01/27 12:0 a.m.•30 views

prosody -- user impersonation vulnerability

The Prosody team reports: Adopt key generation algorithm from XEP-0185, to prevent impersonation attacks CVE-2016-0756...

5.3CVSS5.9AI score0.02055EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2016/01/27 12:0 a.m.•30 views

FreeBSD -- Linux compatibility layer issetugid(2) system call

Problem Description: A programming error in the Linux compatibility layer could cause the issetugid2 system call to return incorrect information. Impact: If an application relies on output of the issetugid2 system call and that information is incorrect, this could lead to a privilege escalation...

7.8CVSS2.6AI score0.0038EPSS
Exploits0
FreeBSD
FreeBSD
•added 2016/01/26 12:0 a.m.•30 views

NSS -- multiple vulnerabilities

Mozilla Foundation reports: Security researcher Hanno Böck reported that calculations with mpdiv and mpexptmod in Network Security Services NSS can produce wrong results in some circumstances. These functions are used within NSS for a variety of cryptographic division functions, leading to...

0.5AI score
Exploits0References4
FreeBSD
FreeBSD
•added 2016/01/22 12:0 a.m.•30 views

privoxy -- multiple vulnerabilities

Privoxy Developers reports: Prevent invalid reads in case of corrupt chunk-encoded content. CVE-2016-1982. Bug discovered with afl-fuzz and AddressSanitizer. Remove empty Host headers in client requests. Previously they would result in invalid reads. CVE-2016-1983. Bug discovered with afl-fuzz an...

7.5CVSS1.8AI score0.02867EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2016/01/11 12:0 a.m.•30 views

p5-PathTools -- File::Spec::canonpath loses taint

Ricardo Signes reports: Beginning in PathTools 3.47 and/or perl 5.20.0, the File::Spec::canonpath routine returned untained strings even if passed tainted input. This defect undermines the guarantee of taint propagation, which is sometimes used to ensure that unvalidated user input does not reach...

7.5CVSS7.2AI score0.03124EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2016/01/06 12:0 a.m.•30 views

wordpress -- XSS vulnerability

Aaron Jorbin reports: WordPress 4.4.1 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.4 and earlier are affected by a cross-site scripting vulnerability that could allow a site to be...

6.1CVSS3.1AI score0.02694EPSS
Exploits2References2
FreeBSD
FreeBSD
•added 2015/12/21 12:0 a.m.•30 views

giflib -- heap overflow

Hans Jerry Illikainen reports: A heap overflow may occur in the giffix utility included in giflib-5.1.1 when processing records of the type IMAGEDESCRECORDTYPE' due to the allocated size of LineBuffer' equaling the value of the logical screen width, GifFileIn-SWidth', while subsequently having...

5.5CVSS6.5AI score0.01481EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2015/12/08 12:0 a.m.•30 views

xen-tools -- libxl leak of pv kernel and initrd on error

The Xen Project reports: When constructing a guest which is configured to use a PV bootloader which runs as a userspace process in the toolstack domain e.g. pygrub libxl creates a mapping of the files to be used as kernel and initial ramdisk when building the guest domain. However if building the...

7.8CVSS8.3AI score0.02043EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/11/24 12:0 a.m.•30 views

bind -- multiple vulnerabilities

ISC reports: Named is potentially vulnerable to the OpenSSL vulnerability described in CVE-2015-3193. Incorrect reference counting could result in an INSIST failure if a socket error occurred while performing a lookup. This flaw is disclosed in CVE-2015-8461. RT40945 Insufficient testing when...

7.5CVSS7.1AI score0.5469EPSS
Exploits1References3
FreeBSD
FreeBSD
•added 2015/11/17 12:0 a.m.•30 views

piwik -- multiple vulnerabilities

Piwik changelog reports: This release is rated critical. We are grateful for Security researchers who disclosed security issues privately to the Piwik Security Response team: Elamaran Venkatraman, Egidio Romano and Dmitriy Shcherbatov. The following vulnerabilities were fixed: XSS, CSRF, possible...

7.5CVSS7.1AI score0.03931EPSS
Exploits6References1
FreeBSD
FreeBSD
•added 2015/10/29 12:0 a.m.•30 views

xen-tools -- populate-on-demand balloon size inaccuracy can crash guests

The Xen Project reports: Guests configured with PoD might be unstable, especially under load. In an affected guest, an unprivileged guest user might be able to cause a guest crash, perhaps simply by applying load so as to cause heavy memory pressure within the guest...

2.1CVSS7.4AI score0.00426EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/10/29 12:0 a.m.•30 views

xen-kernel -- leak of per-domain profiling-related vcpu pointer array

The Xen Project reports: A domain's xenoprofile state contains an array of per-vcpu information... This array is leaked on domain teardown. This memory leak could -- over time -- exhaust the host's memory. The following parties can mount a denial of service attack affecting the whole system: A...

4.9CVSS7.5AI score0.00436EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/10/28 12:0 a.m.•30 views

openafs -- information disclosure

The OpenAFS development team reports: When constructing an Rx acknowledgment ACK packet, Andrew-derived Rx implementations do not initialize three octets of data that are padding in the C language structure and were inadvertently included in the wire protocol CVE-2015-7762. Additionally, OpenAFS ...

5CVSS6.4AI score0.02133EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/09/24 12:0 a.m.•30 views

git -- potential code execution

Debian reports: "int" is the wrong data type for ... nlen assignment...

10CVSS3.6AI score0.17979EPSS
Exploits0References4
FreeBSD
FreeBSD
•added 2015/09/10 12:0 a.m.•30 views

Bugzilla security issues

Bugzilla Security Advisory Login names usually an email address longer than 127 characters are silently truncated in MySQL which could cause the domain name of the email address to be corrupted. An attacker could use this vulnerability to create an account with an email address different from the...

7.5CVSS5.2AI score0.03371EPSS
Exploits1References1
Total number of security vulnerabilities5000