Lucene search
K
FreebsdMost viewed

6585 matches found

FreeBSD
FreeBSD
•added 2019/06/23 12:0 a.m.•26 views

bzip2 -- multiple issues

bzip2 developers reports: CVE-2016-3189 - Fix use-after-free in bzip2recover Jakub Martisko CVE-2019-12900 - Detect out-of-range nSelectors in corrupted files Albert Astals Cid. Found through fuzzing karchive...

9.8CVSS1.9AI score0.15831EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2019/05/07 12:0 a.m.•26 views

buildbot -- OAuth Authentication Vulnerability

Buildbot accepted user-submitted authorization token from OAuth and used it to authenticate user. The vulnerability can lead to malicious attackers to authenticate as legitimate users of a Buildbot instance without knowledge of the victim's login credentials on certain scenarios. If an attacker h...

9.8CVSS4.4AI score0.01825EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2019/05/01 12:0 a.m.•26 views

serendipity -- XSS

MITRE: Serendipity before 2.1.5 has XSS via EXIF data that is mishandled in the templates/2k11/admin/mediachoose.tpl Editor Preview feature or the templates/2k11/admin/mediaitems.tpl Media Library feature...

6.1CVSS2.8AI score0.01293EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/03/27 12:0 a.m.•26 views

GnuTLS -- double free, invalid pointer access

The GnuTLS project reports: Tavis Ormandy from Google Project Zero found a memory corruption double free vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected. It was found using the TLS fuzzer...

7.5CVSS1.9AI score0.58969EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2019/02/06 12:0 a.m.•26 views

py39-sqlalchemy11 -- multiple SQL Injection vulnerabilities

21k reports: SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the orderby parameter. nosecurity reports: SQLAlchemy 1.2.17 has SQL Injection when the groupby parameter can be controlled...

9.4AI score
Exploits0References4
FreeBSD
FreeBSD
•added 2019/02/06 12:0 a.m.•26 views

py39-sqlalchemy10 -- multiple SQL Injection vulnerabilities

21k reports: SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the orderby parameter. nosecurity reports: SQLAlchemy 1.2.17 has SQL Injection when the groupby parameter can be controlled...

9.4AI score
Exploits0References4
FreeBSD
FreeBSD
•added 2018/07/11 12:0 a.m.•26 views

qutebrowser -- Remote code execution due to CSRF

qutebrowser team reports: Due to a CSRF vulnerability affecting the qute://settings page, it was possible for websites to modify qutebrowser settings. Via settings like editor.command, this possibly allowed websites to execute arbitrary code...

9.3CVSS4.9AI score0.01187EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/07/09 12:0 a.m.•26 views

Libgit2 -- multiple vulnerabilities

The Git community reports: Out-of-bounds reads when reading objects from a packfile...

8.1CVSS2.4AI score0.02051EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/03/26 12:0 a.m.•26 views

mozilla -- use-after-free in compositor

The Mozilla Foundation reports: CVE-2018-5148: Use-after-free in compositor A use-after-free vulnerability can occur in the compositor during certain graphics operations when a raw pointer is used instead of a reference counted one. This results in a potentially exploitable crash...

9.8CVSS9.3AI score0.03013EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/03/20 12:0 a.m.•26 views

Gitlab -- multiple vulnerabilities

GitLab reports: SSRF in services and web hooks There were multiple server-side request forgery issues in the Services feature. An attacker could make requests to servers within the same network of the GitLab instance. This could lead to information disclosure, authentication bypass, or potentiall...

6.5CVSS6.9AI score0.01334EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2018/03/16 12:0 a.m.•26 views

libvorbis -- multiple vulnerabilities

NVD reports: Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbisanalysisheaderout in info.c when vi-channels=0, a similar issue to Mozilla bug 550184. In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the...

9.8CVSS6.8AI score0.05705EPSS
Exploits0
FreeBSD
FreeBSD
•added 2018/03/15 12:0 a.m.•26 views

Loofah -- XSS vulnerability

GitHub issue: This issue has been created for public disclosure of an XSS / code injection vulnerability that was responsibly reported by the Shopify Application Security Team. Loofah allows non-whitelisted attributes to be present in sanitized output when input with specially-crafted HTML...

6.1CVSS6.8AI score0.01984EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2018/01/29 12:0 a.m.•26 views

firefox -- Arbitrary code execution through unsanitized browser UI

The Mozilla Foundation reports: Mozilla developer Johann Hofmann reported that unsanitized output in the browser UI can lead to arbitrary code execution...

7.2AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2018/01/12 12:0 a.m.•26 views

shibboleth-sp -- vulnerable to forged user attribute data

Shibboleth consortium reports: Shibboleth SP software vulnerable to forged user attribute data The Service Provider software relies on a generic XML parser to process SAML responses and there are limitations in older versions of the parser that make it impossible to fully disable Document Type...

6.5CVSS6.3AI score0.01518EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2017/11/30 12:0 a.m.•26 views

asterisk -- DOS Vulnerability in Asterisk chan_skinny

The Asterisk project reports: If the chanskinny AKA SCCP protocol channel driver is flooded with certain requests it can cause the asterisk process to use excessive amounts of virtual memory eventually causing asterisk to stop processing requests of any kind...

7.5CVSS7.7AI score0.81511EPSS
Exploits4References1
FreeBSD
FreeBSD
•added 2017/11/23 12:0 a.m.•26 views

xrdp -- local user can cause a denial of service

xrdp reports: The scpv0saccept function in the session manager uses an untrusted integer as a write length, which allows local users to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted input stream...

8.4CVSS8.5AI score0.00408EPSS
Exploits0
FreeBSD
FreeBSD
•added 2017/10/11 12:0 a.m.•26 views

jenkins -- multiple issues

jenkins developers report: A total of 11 issues are reported, please see reference URL for details...

1.3AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2017/10/09 12:0 a.m.•26 views

asterisk -- Buffer overflow in CDR's set user

The Asterisk project reports: No size checking is done when setting the user field for Party B on a CDR. Thus, it is possible for someone to use an arbitrarily large string and write past the end of the user field storage buffer. The earlier AST-2017-001 advisory for the CDR user field overflow w...

8.8CVSS8.7AI score0.03344EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/04/11 12:0 a.m.•26 views

libsamplerate -- multiple vulnerabilities

NVD reports: In libsamplerate before 0.1.9, a buffer over-read occurs in the calcoutputsingle function in srcsinc.c via a crafted audio file...

5.5CVSS4.2AI score0.00913EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/02/28 12:0 a.m.•26 views

kio: Information Leak when accessing https when using a malicious PAC file

Albert Astals Cid reports: Using a malicious PAC file, and then using exfiltration methods in the PAC function FindProxyForURL enables the attacker to expose full https URLs. This is a security issue since https URLs may contain sensitive information in the URL authentication part...

Exploits0References1
FreeBSD
FreeBSD
•added 2017/01/11 12:0 a.m.•26 views

ikiwiki -- authentication bypass vulnerability

ikiwiki reports: The ikiwiki maintainers discovered further flaws similar to CVE-2016-9646 in the passwordauth plugin's use of CGI::FormBuilder, with a more serious impact: An attacker who can log in to a site with a password can log in as a different and potentially more privileged user. An...

5.3CVSS7.7AI score0.01178EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2016/12/06 12:0 a.m.•26 views

FreeBSD -- bhyve(8) virtual machine escape

Problem Description: The bounds checking of accesses to guest memory greater than 4GB by device emulations is subject to integer overflow. Impact: For a bhyve virtual machine with more than 3GB of guest memory configured, a malicious guest could craft device descriptors that could give it access ...

7.8CVSS1.2AI score0.00326EPSS
Exploits0
FreeBSD
FreeBSD
•added 2016/10/31 12:0 a.m.•26 views

moinmoin -- XSS vulnerabilities

Thomas Waldmann reports: fix XSS in AttachFile view multifile related CVE-2016-7148 fix XSS in GUI editor's attachment dialogue CVE-2016-7146 fix XSS in GUI editor's link dialogue CVE-2016-9119...

6.1CVSS2.5AI score0.01452EPSS
Exploits4References1
FreeBSD
FreeBSD
•added 2016/09/12 12:0 a.m.•26 views

moodle -- multiple vulnerabilities

Marina Glancy reports: MSA-16-0022: Web service tokens should be invalidated when the user password is changed or forced to be changed...

7.3CVSS2.1AI score0.00972EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2016/07/24 12:0 a.m.•26 views

kdelibs -- directory traversal vulnerability

David Faure reports: A maliciously crafted archive .zip or .tar.bz2 with "../" in the file paths could be offered for download via the KNewStuff framework e.g. on www.kde-look.org, and upon extraction would install files anywhere in the user's home directory...

7.5CVSS3.3AI score0.04429EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2016/07/17 12:0 a.m.•26 views

p7zip -- Null pointer dereference

MITRE reports: A null pointer dereference bug affects the 16.02 and many old versions of p7zip. A lack of null pointer check for the variable folders.PackPositions in function CInArchive::ReadAndDecodePackedStreams, as used in the 7z.so library and in 7z applications, will cause a crash and a...

7.5CVSS3.3AI score0.07016EPSS
Exploits1References3
FreeBSD
FreeBSD
•added 2016/04/18 12:0 a.m.•26 views

dnsmasq -- denial of service

reports: Dnsmasq before 2.76 allows remote servers to cause a denial of service crash via a reply with an empty DNS address that has an 1 A or 2 AAAA record defined locally...

7.5CVSS7.5AI score0.02415EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2016/04/02 12:0 a.m.•26 views

ansible -- use of predictable paths in lxc_container

Ansible developers report: CVE-2016-3096: do not use predictable paths in lxccontainer do not use a predictable filename for the LXC attach script don't use predictable filenames for LXC attach script logging don't set a predictable archivepath this should prevent symlink attacks which could resu...

7.8CVSS2.1AI score0.00468EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2016/03/28 12:0 a.m.•26 views

squid -- multiple vulnerabilities

Squid security advisory 2016:3 reports: Due to a buffer overrun Squid pinger binary is vulnerable to denial of service or information leak attack when processing ICMPv6 packets. This bug also permits the server response to manipulate other ICMP and ICMPv6 queries processing to cause information...

1.2AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2016/02/18 12:0 a.m.•26 views

chromium -- same origin bypass

Google Chrome Releases reports: 583431 Critical CVE-2016-1629: Same-origin bypass in Blink and Sandbox escape in Chrome. Credit to anonymous...

10CVSS1.6AI score0.02639EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2016/02/15 12:0 a.m.•26 views

hadoop2 -- unauthorized disclosure of data vulnerability

Arun Suresh reports: RPC traffic from clients, potentially including authentication credentials, may be intercepted by a malicious user with access to run tasks or containers on a cluster...

6.2CVSS6.4AI score0.00318EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2016/01/22 12:0 a.m.•26 views

dhcpcd -- remote code execution/denial of service

MITRE reports: The printoption function in dhcp-common.c in dhcpcd through 6.9.1, as used in dhcp.c in dhcpcd 5.x in Android before 5.1 and other products, misinterprets the return value of the snprintf function, which allows remote DHCP servers to execute arbitrary code or cause a denial of...

6.8CVSS7.9AI score0.01841EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/12/25 12:0 a.m.•26 views

phpMyAdmin -- path disclosure vulnerability

The phpMyAdmin development team reports: By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. We consider these vulnerabilities to ...

5.3CVSS5.9AI score0.02197EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/11/16 12:0 a.m.•26 views

strongswan -- authentication bypass vulnerability in the eap-mschapv2 plugin

Strongswan Release Notes reports: Fixed an authentication bypass vulnerability in the eap-mschapv2 plugin that was caused by insufficient verification of the internal state when handling MSCHAPv2 Success messages received by the client. This vulnerability has been registered as CVE-2015-8023...

5CVSS7.7AI score0.02582EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/11/14 12:0 a.m.•26 views

subversion -- multiple vulnerabilities

Subversion Project reports: Remotely triggerable heap overflow and out-of-bounds read caused by integer overflow in the svn:// protocol parser. Remotely triggerable heap overflow and out-of-bounds read in moddavsvn caused by integer overflow when parsing skel-encoded request bodies...

9CVSS8AI score0.57037EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2015/10/20 12:0 a.m.•26 views

libebml -- multiple vulnerabilities

Mortiz Bunkus reports: Multiple invalid memory accesses vulnerabilities...

9.6CVSS6.1AI score0.02126EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/09/30 12:0 a.m.•26 views

james -- multiple vulnerabilities

The Apache James Project reports: This release has many enhancements and bug fixes over the previous release. See the Release Notes for a detailed list of changes. Some of the earlier defects could turn a James mail server into an Open Relay and allow files to be written on disk. All users of Jam...

9.3CVSS7.9AI score0.68603EPSS
Exploits5References2
FreeBSD
FreeBSD
•added 2015/09/16 12:0 a.m.•26 views

openslp -- denial of service vulnerability

Qinghao Tang reports: The function ParseExtension in openslp 1.2.1 contains vulnerability: an attacker can cause a denial of service infinite loop via a packet with crafted "nextoffset" value and "extid" value...

4.2AI score
Exploits1References1
FreeBSD
FreeBSD
•added 2015/09/13 12:0 a.m.•26 views

shutter -- arbitrary code execution

Luke Farone reports: In the "Shutter" screenshot application, I discovered that using the "Show in folder" menu option while viewing a file with a specially-crafted path allows for arbitrary code execution with the permissions of the user running Shutter...

9.3CVSS8AI score0.02504EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2015/09/04 12:0 a.m.•26 views

ganglia-webfrontend -- auth bypass

Ivan Novikov reports: It's easy to bypass auth by using boolean serialization...

9.8CVSS9.2AI score0.03562EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2015/08/28 12:0 a.m.•26 views

freeimage -- multiple integer overflows

Pcheng pcheng reports: An integer overflow issue in the FreeImage project was reported and fixed recently...

5CVSS7.9AI score0.02975EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/08/25 12:0 a.m.•26 views

FreeBSD -- Local privilege escalation in IRET handler

Problem Description: If the kernel-mode IRET instruction generates an SS or NP exception, but the exception handler does not properly ensure that the right GS register base for kernel is reloaded, the userland GS segment may be used in the context of the kernel exception handler. Impact: By causi...

7.8CVSS7.6AI score0.00568EPSS
Exploits0
FreeBSD
FreeBSD
•added 2015/08/13 12:0 a.m.•26 views

unreal -- denial of service

Unreal reports: Summary: If SASL support is enabled in UnrealIRCd this is not the default and is also enabled in your services package then a malicious user with a services account can cause UnrealIRCd to crash...

1.8AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2015/08/12 12:0 a.m.•26 views

pear-twig -- remote code execution

Fabien Potencier reports: End users can craft valid Twig code that allows them to execute arbitrary code RCEs via the self variable, which is always available, even in sandboxed templates...

6.8CVSS7.3AI score0.03398EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/08/08 12:0 a.m.•26 views

libpgf -- use-after-free

Pengsu Cheng reports: An use-after-free issue in Decoder.cpp was reported to upstream. The problem is due to lack of validation of ColorTableSize...

9.8CVSS9.1AI score0.01908EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2015/08/05 12:0 a.m.•26 views

FreeBSD -- routed(8) remote denial of service vulnerability

Problem Description: The input path in routed8 will accept queries from any source and attempt to answer them. However, the output path assumes that the destination address for the response is on a directly connected network. Impact: Upon receipt of a query from a source which is not on a directl...

6.5CVSS6.4AI score0.02649EPSS
Exploits0
FreeBSD
FreeBSD
•added 2015/08/03 12:0 a.m.•26 views

qemu, xen-tools -- use-after-free in QEMU/Xen block unplug protocol

The Xen Project reports: When unplugging an emulated block device the device was not fully unplugged, meaning a second unplug attempt would attempt to unplug the device a second time using a previously freed pointer. An HVM guest which has access to an emulated IDE disk device may be able to...

7.2CVSS6.8AI score0.00426EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2015/07/22 12:0 a.m.•26 views

logstash -- SSL/TLS vulnerability with Lumberjack input

Elastic reports: Vulnerability Summary: All Logstash versions prior to 1.5.2 that use Lumberjack input in combination with Logstash Forwarder agent are vulnerable to a SSL/TLS security issue called the FREAK attack. This allows an attacker to intercept communication and access secure data. Users...

7.5CVSS7.4AI score0.02462EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/06/17 12:0 a.m.•26 views

ghostscript -- denial of service (crash) via crafted Postscript files

MITRE reports: Integer overflow in the gsheapallocbytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service crash via a crafted Postscript ps file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or wri...

6.8CVSS6.4AI score0.03748EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2015/04/07 12:0 a.m.•26 views

dnsmasq -- data exposure and denial of service

Nick Sampanis reported a potential memory exposure and denial of service vulnerability against dnsmasq 2.72. The CVE entry summarizes this as: The tcprequest function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setupreply function, which allows remote attackers to...

6.4CVSS8.7AI score0.04456EPSS
Exploits1References2
Total number of security vulnerabilities5000