Lucene search
K
FreebsdMost viewed

6585 matches found

FreeBSD
FreeBSD
•added 2023/05/10 12:0 a.m.•26 views

MariaDB -- Nullpointer dereference

The MariaDB project reports: MariaDB Server is vulnerable to Denial of Service. It is possible for function spiderdbmbase::printwarnings to dereference a null pointer...

6.5CVSS7AI score0.01486EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/03/23 12:0 a.m.•26 views

dino -- Insufficient message sender validation in Dino

Dino team reports: Dino before 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2 allows attackers to modify the personal bookmark store via a crafted message. The attacker can change the display of group chats or force a victim to join a group chat; the victim may then be tricked into disclosing...

7.1CVSS6.7AI score0.00699EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/03/07 12:0 a.m.•26 views

py39-OWSLib -- arbitrary file read vulnerability

Jorge Rosillo reports: OWSLib's XML parser which supports both lxml and xml.etree does not disable entity resolution for lxml, and could lead to arbitrary file reads from an attacker-controlled XML payload. This affects all XML parsing in the codebase...

8.2CVSS7.5AI score0.00985EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2022/12/14 12:0 a.m.•26 views

xorg-server -- Multiple security issues in X server extensions

The X.org project reports: CVE-2022-46340/ZDI-CAN-19265: X.Org Server XTestSwapFakeInput stack overflow The swap handler for the XTestFakeInput request of the XTest extension may corrupt the stack if GenericEvents with lengths larger than 32 bytes are sent through a the XTestFakeInput request. Th...

8.8CVSS8.3AI score0.02685EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2022/11/08 12:0 a.m.•26 views

varnish -- Request Smuggling Vulnerability

Varnish Cache Project reports: A request smuggling attack can be performed on Varnish Cache servers by requesting that certain headers are made hop-by-hop, preventing the Varnish Cache servers from forwarding critical headers to the backend. Among the headers that can be filtered this way are bot...

2.8AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2022/10/06 12:0 a.m.•26 views

routinator -- potential DOS attack

Due to a mistake in error handling, data in RRDP snapshot and delta files that isn’t correctly base 64 encoded is treated as a fatal error and causes Routinator to exit. Worst case impact of this vulnerability is denial of service for the RPKI data that Routinator provides to routers. This may st...

7.5CVSS2.8AI score0.00721EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2022/09/21 12:0 a.m.•26 views

jenkins -- XSS vulnerability

Jenkins Security Advisory: Description High SECURITY-2886 / CVE-2022-41224 Jenkins 2.367 through 2.369 both inclusive does not escape tooltips of the l:helpIcon UI component used for some help icons on the Jenkins web UI. This results in a stored cross-site scripting XSS vulnerability exploitable...

5.4CVSS0.4AI score0.0089EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2022/08/31 12:0 a.m.•26 views

Matrix clients -- several vulnerabilities

Matrix developers report: The vulnerabilities give an adversary who you share a room with the ability to carry out a denial-of-service attack against the affected clients, making it not show all of a user's rooms or spaces and/or causing minor temporary corruption...

8.2CVSS4.1AI score0.0094EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2022/08/02 12:0 a.m.•26 views

py-flask-security -- user redirect to arbitrary URL vulnerability

Snyk reports: This affects all versions of package Flask-Security. When using the getpostlogoutredirect and getpostloginredirect functions, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as \\evil.com/path. This vulnerabilit...

6.1CVSS7.2AI score0.00913EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2022/07/07 12:0 a.m.•26 views

gnutls -- double free vulnerability

The GnuTLS project reports: When gnutlspkcs7verify cannot verify signature against given trust list, it starts creating a chain of certificates starting from identified signer up to known root. During the creation of this chain the signer certificate gets freed which results in double free when t...

7.5CVSS1.6AI score0.01492EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2022/05/10 12:0 a.m.•26 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 13 security fixes, including: 1316990 High CVE-2022-1633: Use after free in Sharesheet. Reported by Khalil Zhani on 2022-04-18 1314908 High CVE-2022-1634: Use after free in Browser UI. Reported by Khalil Zhani on 2022-04-09 1319797 High CVE-2022-1635...

8.8CVSS0.2AI score0.00776EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2022/01/25 12:0 a.m.•26 views

Security Vulnerability found in ExifTool leading to RCE

Debian Security tracker reports: ExifTool.pm in ExifTool before 12.38 mishandles a file special characters check, leading to command injection...

7.8CVSS3.7AI score0.07575EPSS
Exploits5References1
FreeBSD
FreeBSD
•added 2022/01/11 12:0 a.m.•26 views

Gitlab -- Multiple Vulnerabilities

Gitlab reports: Arbitrary file read via group import feature Stored XSS in notes Lack of state parameter on GitHub import project OAuth Vulnerability related fields are available to unauthorized users on GraphQL API Deleting packages may cause table locks IP restriction bypass via GraphQL...

8.7CVSS2.6AI score0.01449EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2022/01/11 12:0 a.m.•26 views

FreeBSD -- vt console buffer overflow

Problem Description: Under certain conditions involving use of the highlight buffer while text is scrolling on the console, console data may overwrite data structures associated with the system console or other kernel memory. Impact: Users with access to the system console may be able to cause...

7.5CVSS2.9AI score0.00855EPSS
Exploits0
FreeBSD
FreeBSD
•added 2021/12/09 12:0 a.m.•26 views

Privoxy -- Multiple vulnerabilities (memory leak, XSS)

Privoxy reports: cgierrornotemplate: Encode the template name to prevent XSS cross-site scripting when Privoxy is configured to servce the user-manual itself. Commit 0e668e9409c. OVE-20211102-0001. CVE-2021-44543. Reported by: Artem Ivanov geturlspecparam: Free memory of compiled pattern spec...

7.5CVSS1.1AI score0.01393EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2021/09/27 12:0 a.m.•26 views

libmysoft -- Heap-based buffer overflow vulnerability

Zhengjie Du reports: There are some heap-buffer-overflows in mysofa2json of libmysofa. They are in function loudness, mysofacheck and readOHDRHeaderMessageDataLayout...

9.8CVSS3.1AI score0.01035EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2021/04/06 12:0 a.m.•26 views

FreeBSD -- double free in accept_filter(9) socket configuration interface

Problem Description: An unprivileged process can configure an accept filter on a listening socket. This is done using the setsockopt2 system call. The process supplies the name of the accept filter which is to be attached to the socket, as well as a string containing filter-specific information. ...

7.8CVSS0.7AI score0.00749EPSS
Exploits0
FreeBSD
FreeBSD
•added 2021/03/02 12:0 a.m.•26 views

ircII -- denial of service

Michael Ortmann reports: ircii has a bug in parsing CTCP UTC messages. Its unknown if this could also be used for arbitrary code execution...

7.5CVSS5.4AI score0.02325EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/11/25 12:0 a.m.•26 views

binutils -- excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read_section()

Hao Wang reports: There's a flaw in the BFD library of binutils in versions before 2.36. An attacker who supplies a crafted file to an application linked with BFD, and using the DWARF functionality, could cause an impact to system availability by way of excessive memory consumption...

3.2AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2020/11/10 12:0 a.m.•26 views

mantis -- multiple vulnerabilities

Mantis 2.24.4 release reports: Security and maintenance release, addressing 6 CVEs: 0027726: CVE-2020-29603: disclosure of private project name 0027727: CVE-2020-29605: disclosure of private issue summary 0027728: CVE-2020-29604: full disclosure of private issue contents, including bugnotes and...

7.5CVSS2.1AI score0.04725EPSS
Exploits7References2
FreeBSD
FreeBSD
•added 2020/10/05 12:0 a.m.•26 views

py-ansible -- multiple vulnerabilities

abeluck reports: A flaw was found in Ansible Base when using the awsssm connection plugin as garbage collector is not happening after playbook run is completed. Files would remain in the bucket exposing the data. This issue affects directly data confidentiality. A flaw was found in Ansible Base...

5.5CVSS6.1AI score0.00319EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2020/09/15 12:0 a.m.•26 views

tt-rss -- multiple vulnerabilities

tt-rss project reports: The cachedurl feature mishandles JavaScript inside an SVG document. imgproxy in plugins/afproxyhttp/init.php mishandles $REQUEST"url" in an error message. It does not validate all URLs before requesting them. Allows remote attackers to execute arbitrary PHP code via a...

10CVSS5.9AI score0.18417EPSS
Exploits4References2
FreeBSD
FreeBSD
•added 2020/09/02 12:0 a.m.•26 views

FreeBSD -- IPv6 Hop-by-Hop options use-after-free bug

Problem Description: Due to improper mbuf handling in the kernel, a use-after-free bug might be triggered by sending IPv6 Hop-by-Hop options over the loopback interface. Impact: Triggering the use-after-free situation may result in unintended kernel behaviour including a kernel panic...

5.5CVSS0.7AI score0.00221EPSS
Exploits0
FreeBSD
FreeBSD
•added 2020/06/25 12:0 a.m.•26 views

glpi -- leakage issue with knowledge base

MITRE Corporation reports: In GLPI before version 9.5.2, there is a leakage of user information through the public FAQ. The issue was introduced in version 9.5.0 and patched in 9.5.2. As a workaround, disable public access to the FAQ...

5.3CVSS2.7AI score0.01013EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2020/06/25 12:0 a.m.•26 views

FreeRDP -- Integer overflow in RDPEGFX channel

Bernhard Miklautz reports: Integer overflow due to missing input sanitation in rdpegfx channel All FreeRDP clients are affected The input rectangles from the server are not checked against local surface coordinates and blindly accepted. A malicious server can send data that will crash the client...

3.5CVSS2.9AI score0.01466EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2020/06/02 12:0 a.m.•26 views

xrdp -- Local users can perform a buffer overflow attack against the xrdp-sesman service and then inpersonate it

Ashley Newson reports: The xrdp-sesman service can be crashed by connecting over port 3350 and supplying a malicious payload. Once the xrdp-sesman process is dead, an unprivileged attacker on the server could then proceed to start their own imposter sesman service listening on port 3350...

7.8CVSS4.5AI score0.02404EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2020/05/12 12:0 a.m.•26 views

FreeBSD -- Insufficient packet length validation in libalias

Problem Description: libalias3 packet handlers do not properly validate the packet length before accessing the protocol headers. As a result, if a libalias3 module does not properly validate the packet length before accessing the protocol header, it is possible for an out of bound read or write...

9.8CVSS3.6AI score0.02706EPSS
Exploits0
FreeBSD
FreeBSD
•added 2020/04/01 12:0 a.m.•26 views

vlc -- Multiple vulnerabilities fixed in VLC media player

VideoLAN reports: Details A remote user could: Create a specifically crafted image file that could trigger an out of bounds read Send a specifically crafter request to the microdns service discovery, potentially triggering various memory management issues Impact If successful, a malicious third...

7.8CVSS1.5AI score0.01925EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2020/03/30 12:0 a.m.•26 views

glpi -- Improve encryption algorithm

MITRE Corporation reports: In GLPI before version 9.5.0, the encryption algorithm used is insecure. The security of the data encrypted relies on the password used, if a user sets a weak/predictable password, an attacker could decrypt data. This is fixed in version 9.5.0 by using a more secure...

7.8CVSS4.2AI score0.00327EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2020/03/19 12:0 a.m.•26 views

FreeBSD -- Insufficient ixl(4) ioctl(2) privilege checking

Problem Description: The driver-specific ioctl2 command handlers in ixl4 failed to check whether the caller has sufficient privileges to perform the corresponding operation. Impact: The ixl4 handler permits unprivileged users to trigger updates to the device's non-volatile memory NVM...

5.5CVSS3.2AI score0.00246EPSS
Exploits0
FreeBSD
FreeBSD
•added 2020/03/04 12:0 a.m.•26 views

Gitlab -- Multiple Vulnerabilities

Gitlab reports: Directory Traversal to Arbitrary File Read Account Takeover Through Expired Link Server Side Request Forgery Through Deprecated Service Group Two-Factor Authentication Requirement Bypass Stored XSS in Merge Request Pages Stored XSS in Merge Request Submission Form Stored XSS in Fi...

9.8CVSS1.5AI score0.01383EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/08/28 12:0 a.m.•26 views

ISC KEA -- Multiple vulnerabilities

Internet Systems Consortium, Inc. reports: A packet containing a malformed DUID can cause the kea-dhcp6 server to terminate CVE-2019-6472 Medium An invalid hostname option can cause the kea-dhcp4 server to terminate CVE-2019-6473 Medium An oversight when validating incoming client requests can le...

6.5CVSS1.6AI score0.00797EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/08/06 12:0 a.m.•26 views

mongodb -- Attach IDs to users

Mitch Wasson of Cisco's Advanced Malware Protection Group reports: After user deletion in MongoDB Server the improper invalidation of authorization sessions allows an authenticated user's session to persist and become conflated with new accounts, if those accounts reuse the names of deleted ones...

7.1CVSS4.1AI score0.01225EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2019/07/24 12:0 a.m.•26 views

FreeBSD -- File description reference count leak

Problem Description: If a process attempts to transmit rights over a UNIX-domain socket and an error causes the attempt to fail, references acquired on the rights are not released and are leaked. This bug can be used to cause the reference counter to wrap around and free the corresponding file...

7.8CVSS0.8AI score0.00536EPSS
Exploits0
FreeBSD
FreeBSD
•added 2019/06/23 12:0 a.m.•26 views

bzip2 -- multiple issues

bzip2 developers reports: CVE-2016-3189 - Fix use-after-free in bzip2recover Jakub Martisko CVE-2019-12900 - Detect out-of-range nSelectors in corrupted files Albert Astals Cid. Found through fuzzing karchive...

9.8CVSS1.9AI score0.15685EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2019/05/07 12:0 a.m.•26 views

buildbot -- OAuth Authentication Vulnerability

Buildbot accepted user-submitted authorization token from OAuth and used it to authenticate user. The vulnerability can lead to malicious attackers to authenticate as legitimate users of a Buildbot instance without knowledge of the victim's login credentials on certain scenarios. If an attacker h...

9.8CVSS4.4AI score0.01825EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2019/05/01 12:0 a.m.•26 views

serendipity -- XSS

MITRE: Serendipity before 2.1.5 has XSS via EXIF data that is mishandled in the templates/2k11/admin/mediachoose.tpl Editor Preview feature or the templates/2k11/admin/mediaitems.tpl Media Library feature...

6.1CVSS2.8AI score0.01293EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/03/27 12:0 a.m.•26 views

GnuTLS -- double free, invalid pointer access

The GnuTLS project reports: Tavis Ormandy from Google Project Zero found a memory corruption double free vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected. It was found using the TLS fuzzer...

7.5CVSS1.9AI score0.58969EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2019/02/06 12:0 a.m.•26 views

py39-sqlalchemy11 -- multiple SQL Injection vulnerabilities

21k reports: SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the orderby parameter. nosecurity reports: SQLAlchemy 1.2.17 has SQL Injection when the groupby parameter can be controlled...

9.4AI score
Exploits0References4
FreeBSD
FreeBSD
•added 2019/02/06 12:0 a.m.•26 views

py39-sqlalchemy10 -- multiple SQL Injection vulnerabilities

21k reports: SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the orderby parameter. nosecurity reports: SQLAlchemy 1.2.17 has SQL Injection when the groupby parameter can be controlled...

9.4AI score
Exploits0References4
FreeBSD
FreeBSD
•added 2018/07/11 12:0 a.m.•26 views

qutebrowser -- Remote code execution due to CSRF

qutebrowser team reports: Due to a CSRF vulnerability affecting the qute://settings page, it was possible for websites to modify qutebrowser settings. Via settings like editor.command, this possibly allowed websites to execute arbitrary code...

9.3CVSS4.9AI score0.01187EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/07/09 12:0 a.m.•26 views

Libgit2 -- multiple vulnerabilities

The Git community reports: Out-of-bounds reads when reading objects from a packfile...

8.1CVSS2.4AI score0.02051EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/06/01 12:0 a.m.•26 views

h2o -- heap buffer overflow during logging

Marlies Ruck reports: Fix heap buffer overflow while trying to emit access log - see references for full details. CVE-2018-0608: Buffer overflow in H2O version 2.2.4 and earlier allows remote attackers to execute arbitrary code or cause a denial of service DoS via unspecified vectors...

9.8CVSS6.8AI score0.03815EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2018/03/20 12:0 a.m.•26 views

Gitlab -- multiple vulnerabilities

GitLab reports: SSRF in services and web hooks There were multiple server-side request forgery issues in the Services feature. An attacker could make requests to servers within the same network of the GitLab instance. This could lead to information disclosure, authentication bypass, or potentiall...

6.5CVSS6.9AI score0.01334EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2018/03/16 12:0 a.m.•26 views

libvorbis -- multiple vulnerabilities

NVD reports: Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbisanalysisheaderout in info.c when vi-channels=0, a similar issue to Mozilla bug 550184. In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the...

9.8CVSS6.8AI score0.05705EPSS
Exploits0
FreeBSD
FreeBSD
•added 2018/03/15 12:0 a.m.•26 views

Loofah -- XSS vulnerability

GitHub issue: This issue has been created for public disclosure of an XSS / code injection vulnerability that was responsibly reported by the Shopify Application Security Team. Loofah allows non-whitelisted attributes to be present in sanitized output when input with specially-crafted HTML...

6.1CVSS6.8AI score0.01984EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2018/01/29 12:0 a.m.•26 views

firefox -- Arbitrary code execution through unsanitized browser UI

The Mozilla Foundation reports: Mozilla developer Johann Hofmann reported that unsanitized output in the browser UI can lead to arbitrary code execution...

7.2AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2018/01/12 12:0 a.m.•26 views

shibboleth-sp -- vulnerable to forged user attribute data

Shibboleth consortium reports: Shibboleth SP software vulnerable to forged user attribute data The Service Provider software relies on a generic XML parser to process SAML responses and there are limitations in older versions of the parser that make it impossible to fully disable Document Type...

6.5CVSS6.3AI score0.01518EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2017/11/30 12:0 a.m.•26 views

asterisk -- DOS Vulnerability in Asterisk chan_skinny

The Asterisk project reports: If the chanskinny AKA SCCP protocol channel driver is flooded with certain requests it can cause the asterisk process to use excessive amounts of virtual memory eventually causing asterisk to stop processing requests of any kind...

7.5CVSS7.7AI score0.81511EPSS
Exploits4References1
FreeBSD
FreeBSD
•added 2017/11/23 12:0 a.m.•26 views

xrdp -- local user can cause a denial of service

xrdp reports: The scpv0saccept function in the session manager uses an untrusted integer as a write length, which allows local users to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted input stream...

8.4CVSS8.5AI score0.00408EPSS
Exploits0
Total number of security vulnerabilities5000