Lucene search
K
FreebsdMost viewed

6585 matches found

FreeBSD
FreeBSD
added 2017/10/10 12:0 a.m.27 views

PostgreSQL vulnerabilities

The PostgreSQL project reports: CVE-2017-15098: Memory disclosure in JSON functions CVE-2017-15099: INSERT ... ON CONFLICT DO UPDATE fails to enforce SELECT privileges...

8.1CVSS7.2AI score0.06324EPSS
Exploits0
FreeBSD
FreeBSD
added 2017/10/10 12:0 a.m.27 views

irssi -- multiple vulnerabilities

Irssi reports: When installing themes with unterminated colour formatting sequences, Irssi may access data beyond the end of the string. While waiting for the channel synchronisation, Irssi may incorrectly fail to remove destroyed channels from the query list, resulting in use after free conditio...

7.5CVSS6.9AI score0.02371EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2017/09/21 12:0 a.m.27 views

OpenVPN -- out-of-bounds write in legacy key-method 1

Steffan Karger reports: The bounds check in readkey was performed after using the value, instead of before. If 'key-method 1' is used, this allowed an attacker to send a malformed packet to trigger a stack buffer overflow. ... Note that 'key-method 1' has been replaced by 'key method 2' as the...

9.8CVSS8.8AI score0.03629EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2017/09/01 12:0 a.m.27 views

libzip -- denial of service

libzip developers report: The zipreadeocd64 function in zipopen.c in libzip before 1.3.0 mishandles EOCD records, which allows remote attackers to cause a denial of service memory allocation failure in zipcdirgrow in zipdirent.c via a crafted ZIP archive...

6.5CVSS6.5AI score0.032EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2017/08/16 12:0 a.m.27 views

salt -- Maliciously crafted minion IDs can cause unwanted directory traversals on the Salt-master

SaltStack reports: Correct a flaw in minion id validation which could allow certain minions to authenticate to a master despite not having the correct credentials. To exploit the vulnerability, an attacker must create a salt-minion with an ID containing characters that will cause a directory...

9.8CVSS8.9AI score0.04629EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2017/06/29 12:0 a.m.27 views

tor -- security regression

The Tor Project reports: Tor 0.3.0.9 fixes a path selection bug that would allow a client to use a guard that was in the same network family as a chosen exit relay. This is a security regression; all clients running earlier versions of 0.3.0.x or 0.3.1.x should upgrade to 0.3.0.9 or 0.3.1.4-alpha...

7.5CVSS7.4AI score0.02446EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2017/06/19 12:0 a.m.27 views

codeigniter -- input validation bypass

The CodeIgniter changelog reports: Form Validation Library rule validemail could be bypassed if idntoascii is available...

1.8AI score
Exploits0References1
FreeBSD
FreeBSD
added 2017/06/06 12:0 a.m.27 views

irssi -- remote DoS

Joseph Bisch reports: When receiving a DCC message without source nick/host, Irssi would attempt to dereference a NULL pointer. When receiving certain incorrectly quoted DCC files, Irssi would try to find the terminating quote one byte before the allocated memory...

2.3AI score
Exploits0References1
FreeBSD
FreeBSD
added 2017/05/23 12:0 a.m.27 views

libsndfile -- out-of-bounds read memory access

Laurent Delosieres, Secunia Research at Flexera Software reports: Secunia Research has discovered a vulnerability in libsndfile, which can be exploited by malicious people to disclose potentially sensitive information. The vulnerability is caused due to an error in the "aiffreadchanmap" function...

8.8CVSS8.2AI score0.02485EPSS
Exploits1References3
FreeBSD
FreeBSD
added 2017/05/21 12:0 a.m.27 views

SquirrelMail -- post-authentication access privileges

Florian Grunow reports: An attacker able to exploit this vulnerability can extract files of the server the application is running on. This may include configuration files, log files and additionally all files that are readable for all users on the system. This issue is post-authentication. That...

8.8CVSS8.4AI score0.04451EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2017/05/15 12:0 a.m.27 views

NVIDIA UNIX driver -- multiple vulnerabilities in the kernel mode layer handler

NVIDIA Unix security team reports: NVIDIA GPU Display Driver contains vulnerabilities in the kernel mode layer handler where not correctly validated user input, NULL pointer dereference, and incorrect access control may lead to denial of service or potential escalation of privileges...

7.8CVSS7.6AI score0.00381EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2017/03/14 12:0 a.m.27 views

xen-tools -- Cirrus VGA Heap overflow via display refresh

The Xen Project reports: A privileged user within the guest VM can cause a heap overflow in the device model process, potentially escalating their privileges to that of the device model process...

9.9CVSS3.9AI score0.04448EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2017/01/21 12:0 a.m.27 views

wavpack -- multiple invalid memory reads

David Bryant reports: global buffer overread in readcode / readwords.c heap out of bounds read in WriteCaffHeader / caff.c heap out of bounds read in unreorderchannels / wvunpack.c heap oob read in readnewconfiginfo / openutils.c...

5.5CVSS6.1AI score0.02123EPSS
Exploits4References2
FreeBSD
FreeBSD
added 2016/11/22 12:0 a.m.27 views

xen-kernel -- x86 task switch to VM86 mode mis-handled

The Xen Project reports: LDTR, just like TR, is purely a protected mode facility. Hence even when switching to a VM86 mode task, LDTR loading needs to follow protected mode semantics. This was violated by the code. On SVM AMD hardware: a malicious unprivileged guest process can escalate its...

7.8CVSS1.2AI score0.00452EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2016/10/20 12:0 a.m.27 views

mozilla -- multiple vulnerabilities

Mozilla Foundation reports: CVE-2016-5287: Crash in nsTArraybase::SwapArrayElements CVE-2016-5288: Web content can read cache entries...

9.8CVSS7.2AI score0.02425EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2016/09/08 12:0 a.m.27 views

file-roller -- path traversal vulnerability

reports: File Roller 3.5.4 through 3.20.2 was affected by a path traversal bug that could result in deleted files if a user were tricked into opening a malicious archive...

7.5CVSS3.3AI score0.03328EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2016/05/17 12:0 a.m.27 views

FreeBSD -- Buffer overflow in keyboard driver

Problem Description: Incorrect signedness comparison in the ioctl2 handler allows a malicious local user to overwrite a portion of the kernel memory. Impact: A local user may crash the kernel, read a portion of kernel memory and execute arbitrary code in kernel context. The result of executing an...

7.8CVSS2.6AI score0.01143EPSS
Exploits2
FreeBSD
FreeBSD
added 2016/03/16 12:0 a.m.27 views

openafs -- local DoS vulnerability

The OpenAFS development team reports: Avoid a potential denial of service issue, by fixing a bug in pioctl logic that allowed a local user to overrun a kernel buffer with a single NUL byte...

7.8CVSS7AI score0.00361EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2016/03/01 12:0 a.m.27 views

django -- multiple vulnerabilities

Tim Graham reports: Malicious redirect and possible XSS attack via user-supplied redirect URLs containing basic auth User enumeration through timing difference on password hasher work factor upgrade...

1.3AI score
Exploits0References1
FreeBSD
FreeBSD
added 2016/01/27 12:0 a.m.27 views

ffmpeg -- remote denial of service in JPEG2000 decoder

FFmpeg security reports: FFmpeg 2.8.6 fixes the following vulnerabilities: CVE-2016-2213...

6.5CVSS3.9AI score0.01871EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2016/01/19 12:0 a.m.27 views

bind -- denial of service vulnerability

ISC reports: Specific APL data could trigger an INSIST in apl42.c...

6.8CVSS7AI score0.20172EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2016/01/18 12:0 a.m.27 views

moodle -- multiple vulnerabilities

Marina Glancy reports: MSA-16-0001: Two enrolment-related web services don't check course visibility MSA-16-0002: XSS Vulnerability in course management search...

6.1CVSS5.4AI score0.0194EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2015/12/07 12:0 a.m.27 views

passenger -- client controlled header overwriting

Daniel Knoppel reports: It was discovered by the SUSE security team that it was possible, in some cases, for clients to overwrite headers set by the server, resulting in a medium level security issue. CVE-2015-7519 has been assigned to this issue. Affected use-cases: Header overwriting may occur ...

4.3CVSS5.1AI score0.02364EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2015/11/02 12:0 a.m.27 views

libsrtp -- DoS via crafted RTP header vulnerability

libsrtp reports: Prevent potential DoS attack due to lack of bounds checking on RTP header CSRC count and extension header length. Credit goes to Randell Jesup and the Firefox team for reporting this issue...

7.8CVSS7.5AI score0.08277EPSS
Exploits0References5
FreeBSD
FreeBSD
added 2015/10/21 12:0 a.m.27 views

drupal -- open redirect vulnerability

Drupal development team reports: The Overlay module in Drupal core displays administrative pages as a layer over the current page using JavaScript, rather than replacing the page in the browser window. The Overlay module does not sufficiently validate URLs prior to displaying their contents,...

6.1CVSS6.2AI score0.01774EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2015/10/15 12:0 a.m.27 views

firefox -- Cross-origin restriction bypass using Fetch

Firefox Developers report: Security researcher Abdulrahman Alqabandi reported that the fetch API did not correctly implement the Cross-Origin Resource Sharing CORS specification, allowing a malicious page to access private data from other origins. Mozilla developer Ben Kelly independently reporte...

6.8CVSS9.1AI score0.01662EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2015/10/08 12:0 a.m.27 views

PostgreSQL -- minor security problems.

PostgreSQL project reports: Two security issues have been fixed in this release which affect users of specific PostgreSQL features. CVE-2015-5289 json or jsonb input values constructed from arbitrary user input can crash the PostgreSQL server and cause a denial of service. CVE-2015-5288: The cryp...

6.4CVSS8.3AI score0.05045EPSS
Exploits0
FreeBSD
FreeBSD
added 2015/10/02 12:0 a.m.27 views

librsvg2 -- denial of service vulnerability

Adam Maris, Red Hat Product Security, reports: CVE-2015-7558: Stack exhaustion due to cyclic dependency causing to crash an application was found in librsvg2 while parsing SVG file. It has been fixed in 2.40.12 by many commits that has rewritten the checks for cyclic references...

7.5CVSS7.4AI score0.02399EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2015/09/28 12:0 a.m.27 views

pygments -- shell injection vulnerability

NVD reports: The FontManager.getnixfontpath function in formatters/img.py in Pygments 1.2.2 through 2.0.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a font name...

9.3CVSS9AI score0.06664EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2015/09/09 12:0 a.m.27 views

qemu -- denial of service vulnerability in IDE disk/CD/DVD-ROM emulation

Prasad J Pandit, Red Hat Product Security Team, reports: Qemu emulator built with the IDE disk and CD/DVD-ROM emulation support is vulnerable to a divide by zero issue. It could occur while executing an IDE command WINREADNATIVEMAX to determine the maximum size of a drive. A privileged user insid...

7.5CVSS7AI score0.03502EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2015/09/02 12:0 a.m.27 views

powerdns -- denial of service

PowerDNS reports: A bug was found in our DNS packet parsing/generation code, which, when exploited, can cause individual threads disabling service or whole processes allowing a supervisor to restart them to crash with just one or a few query packets...

7.5CVSS7.3AI score0.09021EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2015/07/29 12:0 a.m.27 views

froxlor -- database password information leak

[email protected] reports: An unauthenticated remote attacker is able to get the database password via webaccess due to wrong file permissions of the /logs/ folder in froxlor version 0.9.33.1 and earlier. The plain SQL password and username may be stored in the /logs/sql-error.log file...

9.8CVSS9.3AI score0.03144EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2015/07/28 12:0 a.m.27 views

FreeBSD -- shell injection vulnerability in patch(1)

Problem Description: Due to insufficient sanitization of the input patch stream, it is possible for a patch file to cause patch1 to run commands in addition to the desired SCCS or RCS commands. Impact: This issue could be exploited to execute arbitrary commands as the user invoking patch1 against...

9.3CVSS7.9AI score0.03535EPSS
Exploits0
FreeBSD
FreeBSD
added 2015/07/27 12:0 a.m.27 views

qemu, xen-tools -- QEMU heap overflow flaw with certain ATAPI commands

The Xen Project reports: A heap overflow flaw was found in the way QEMU's IDE subsystem handled I/O buffer access while processing certain ATAPI commands. A privileged guest user in a guest with CDROM drive enabled could potentially use this flaw to execute arbitrary code on the host with the...

7.2CVSS7.4AI score0.0063EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2015/07/07 12:0 a.m.27 views

xen-tools -- xl command line config handling stack overflow

The Xen Project reports: The xl command line utility mishandles long configuration values when passed as command line arguments, with a buffer overrun. A semi-trusted guest administrator or controller, who is intended to be able to partially control the configuration settings for a domain, can...

6.8CVSS7.9AI score0.00394EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2015/06/30 12:0 a.m.27 views

php -- use-after-free vulnerability

Symeon Paraschoudis reports: Use-after-free vulnerability in splrecursiveitmoveforwardex...

1.4AI score
Exploits0References1
FreeBSD
FreeBSD
added 2015/04/29 12:0 a.m.27 views

cURL -- sensitive HTTP server headers also sent to proxies

cURL reports: libcurl provides applications a way to set custom HTTP headers to be sent to the server by using CURLOPTHTTPHEADER. A similar option is available for the curl command-line tool with the '--header' option. When the connection passes through an HTTP proxy the same set of headers is se...

5CVSS8.7AI score0.07538EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2015/04/07 12:0 a.m.27 views

FreeBSD -- Denial of Service with IPv6 Router Advertisements

Problem Description: The Neighbor Discover Protocol allows a local router to advertise a suggested Current Hop Limit value of a link, which will replace Current Hop Limit on an interface connected to the link on the FreeBSD system. Impact: When the Current Hop Limit similar to IPv4's TTL is small...

6.5CVSS6.2AI score0.01378EPSS
Exploits0
FreeBSD
FreeBSD
added 2015/03/27 12:0 a.m.27 views

cpio -- multiple vulnerabilities

From the Debian Security Team: Heap-based buffer overflow in the processcopyin function in GNU Cpio 2.11 allows remote attackers to cause a denial of service via a large block value in a cpio archive. cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitra...

5CVSS8.2AI score0.07093EPSS
Exploits5References2
FreeBSD
FreeBSD
added 2015/02/18 12:0 a.m.27 views

cabextract -- directory traversal with UTF-8 symbols in filenames

Cabextract ChangeLog reports: It was possible for cabinet files to extract to absolute file locations, and it was possible on Cygwin to get around cabextract's absolute and relative path protections by using backslashes...

5.3CVSS5.7AI score0.02308EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2015/01/26 12:0 a.m.27 views

privoxy -- multiple vulnerabilities

Privoxy Developers reports: Fixed a DoS issue in case of client requests with incorrect chunk-encoded body. When compiled with assertions enabled the default they could previously cause Privoxy to abort. Reported by Matthew Daley. CVE-2015-1380. Fixed multiple segmentation faults and memory leaks...

5CVSS6.7AI score0.03397EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2015/01/25 12:0 a.m.27 views

libssh2 -- denial of service vulnerability

Mariusz Ziulek reports: A malicious attacker could man in the middle a real server and cause libssh2 using clients to crash denial of service or otherwise read and use completely unintended memory areas in this process...

6.8CVSS6.2AI score0.03501EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2015/01/09 12:0 a.m.27 views

kde-runtime -- incorrect CBC encryption handling

Valentin Rusu reports: Until KDE Applications 14.12.0, kwalletd incorrectly handled CBC encryption blocks when encrypting secrets in kwl files. The secrets were still encrypted, but the result binary data corresponded to an ECB encrypted block instead of CBC. The ECB encryption algorithm, even if...

5CVSS6.3AI score0.02147EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2014/12/11 12:0 a.m.27 views

libmspack -- frame_end overflow which could cause infinite loop

There is a denial of service vulnerability in libmspack. The libmspack code is built into cabextract, so it is also vulnerable. MITRE reports: Integer overflow in the qtmddecompress function in libmspack 0.4 allows remote attackers to cause a denial of service hang via a crafted CAB file, which...

5CVSS5.9AI score0.02817EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2014/11/04 12:0 a.m.27 views

Konversation -- out-of-bounds read on a heap-allocated array

Konversation developers report: Konversation's Blowfish ECB encryption support assumes incoming blocks to be the expected 12 bytes. The lack of a sanity-check for the actual size can cause a denial of service and an information leak to the local user...

5CVSS6.2AI score0.0355EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2014/10/21 12:0 a.m.27 views

phpMyAdmin -- XSS vulnerabilities in SQL debug output and server monitor page.

The phpMyAdmin development team reports: With a crafted database or table name it is possible to trigger an XSS in SQL debug output when enabled and in server monitor page when viewing and analysing executed queries. This vulnerability can be triggered only by someone who is logged in to...

3.5CVSS6.3AI score0.01519EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2014/09/28 12:0 a.m.27 views

Xymon -- buffer overrun

Debian reports: web/acknowledge.c uses a string twice in a format string, but only allocates memory for one copy...

9.8CVSS9.1AI score0.012EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2014/07/02 12:0 a.m.27 views

dbus -- multiple vulnerabilities

Simon McVittie reports: Alban Crequy at Collabora Ltd. discovered a bug in dbus-daemon's support for file descriptor passing. A malicious process could force system services or user applications to be disconnected from the D-Bus system bus by sending them a message containing a file descriptor,...

2.1CVSS5.8AI score0.00446EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2014/01/28 12:0 a.m.27 views

otrs -- multiple vulnerabilities

The OTRS Project reports: SQL injection issue An attacker that managed to take over the session of a logged in customer could create tickets and/or send follow-ups to existing tickets due to missing challenge token checks...

7.5CVSS6.6AI score0.01827EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2013/11/01 12:0 a.m.27 views

strongswan -- multiple DoS vulnerabilities

strongSwan Project reports: A DoS vulnerability triggered by crafted IKEv1 fragmentation payloads was discovered in strongSwan's IKE daemon charon. All versions since 5.0.2 are affected. A DoS vulnerability and potential authorization bypass triggered by a crafted IDDERASN1DN ID payload was...

5CVSS6.4AI score0.02985EPSS
Exploits1References3
Total number of security vulnerabilities5000