Lucene search
K
FreebsdMost viewed

6583 matches found

FreeBSD
FreeBSD
•added 2007/03/09 12:0 a.m.•25 views

trac -- cross site scripting vulnerability

Secunia reports: The vulnerability is caused due to an error within the "download wiki page as text" function, which can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation may require that the victim uses IE...

0.3AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2007/02/19 12:0 a.m.•25 views

snort -- DCE/RPC preprocessor vulnerability

A IBM Internet Security Systems Protection Advisory reports: Snort is vulnerable to a stack-based buffer overflow as a result of DCE/RPC reassembly. This vulnerability is in a dynamic-preprocessor enabled in the default configuration, and the configuration for this preprocessor allows for...

10CVSS6.6AI score0.79319EPSS
Exploits15References2
FreeBSD
FreeBSD
•added 2007/02/06 12:0 a.m.•25 views

xmms -- Integer Overflow And Underflow Vulnerabilities

Secunia reports: Secunia Research has discovered two vulnerabilities in XMMS, which can be exploited by malicious people to compromise a user's system. 1 An integer underflow error exists in the processing of skin bitmap images. This can be exploited to cause a stack-based buffer overflow via...

7.3AI score
Exploits0
FreeBSD
FreeBSD
•added 2007/01/16 12:0 a.m.•25 views

zope -- cross-site scripting vulnerability

The Zope Team reports: A vulnerability has been discovered in Zope, where by certain types of misuse of HTTP GET, an attacker could gain elevated privileges. All Zope versions up to and including 2.10.2 are affected...

4.3CVSS6.5AI score0.01562EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2006/11/02 12:0 a.m.•25 views

plone -- user can masquerade as a group

Plone.org reports: PlonePAS-using Plone releases Plone 2.5 and Plone 2.5.1 has a potential vulnerability that allows a user to masquerade as a group. Please update your sites...

4.3CVSS6.4AI score0.00996EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2006/08/02 12:0 a.m.•25 views

drupal -- XSS vulnerability

The Drupal project reports: A malicious user can execute a cross site scripting attack by enticing someone to visit a Drupal site via a specially crafted link...

2.2AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2006/07/03 12:0 a.m.•25 views

libwmf -- integer overflow vulnerability

Secunia reports: infamous41md has reported a vulnerability in libwmf, which potentially can be exploited by malicious people to compromise an application using the vulnerable library. The vulnerability is caused due to an integer overflow error when allocating memory based on a value taken direct...

7.5CVSS6.9AI score0.07745EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2006/06/28 12:0 a.m.•25 views

horde -- various problems in dereferrer

Horde 3.1.2 release announcement: Security Fixes: Closed XSS problems in dereferrer IE only, help viewer and problem reporting screen. Removed unused image proxy code from dereferrer...

4.3CVSS6.1AI score0.02064EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2006/06/14 12:0 a.m.•25 views

sendmail -- Incorrect multipart message handling

Problem Description A suitably malformed multipart MIME message can cause sendmail to exceed predefined limits on its stack usage. Impact An attacker able to send mail to, or via, a server can cause queued messages on the system to not be delivered, by causing the sendmail process which handles...

5CVSS6.1AI score0.05173EPSS
Exploits0
FreeBSD
FreeBSD
•added 2006/06/03 12:0 a.m.•25 views

freeradius -- authentication bypass vulnerability

The freeradius development team reports: A validation issue exists with the EAP-MSCHAPv2 module in all versions from 1.0.0 where the module first appeared to 1.1.0. Insufficient input validation was being done in the EAP-MSCHAPv2 state machine. A malicious attacker could manipulate their...

7.5CVSS6.5AI score0.0276EPSS
Exploits0
FreeBSD
FreeBSD
•added 2006/05/31 12:0 a.m.•25 views

gnupg -- user id integer overflow vulnerability

If GnuPG processes a userid with a very long packet length, GnuPG can crash due to insufficient bounds check. This can result in a denial-of-service condition or potentially execution of arbitrary code with the privileges of the user running GnuPG...

5CVSS7AI score0.07173EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2006/04/25 12:0 a.m.•25 views

ethereal -- Multiple Protocol Dissector Vulnerabilities

Secunia reports: Multiple vulnerabilities have been reported in Ethereal, which can be exploited by malicious people to cause a DoS Denial of Service or compromise a vulnerable system. The vulnerabilities are caused due to various types of errors including boundary errors, an off-by-one error, an...

10CVSS6.9AI score0.05028EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2006/04/13 12:0 a.m.•25 views

plone -- "member_id" Parameter Portrait Manipulation Vulnerability

Secunia reports: The vulnerability is caused due to missing security declarations in "changeMemberPortrait" and "deletePersonalPortrait". This can be exploited to manipulate or delete another user's portrait via the "memberid" parameter...

5CVSS6.4AI score0.03891EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2006/03/28 12:0 a.m.•25 views

horde -- remote code execution vulnerability in the help viewer

Horde 3.1.1 release announcement: Major changes compared to Horde 3.1 are: Fix for remote code execution vulnerability in the help viewer, discovered by Jan Schneider from the Horde team...

7.5CVSS7.3AI score0.38441EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2005/12/05 12:0 a.m.•25 views

phpmyadmin -- XSS vulnerabilities

A phpMyAdmin security advisory reports: It was possible to conduct an XSS attack via the HTTPHOST variable; also, some scripts in the libraries directory that handle header generation were vulnerable to XSS...

4.3CVSS5.9AI score0.01801EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2005/10/24 12:0 a.m.•25 views

phpbb -- multiple vulnerabilities

Multiple vulnerabilities have been reported within phpbb. phpbb is proven vulnerable to: script insertion, bypassing of protetion mechanisms, multiple cross site scripting vulnerabilities, SQL injection, arbitrary code execution...

7.5CVSS6.7AI score0.02367EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2005/10/02 12:0 a.m.•25 views

ruby -- vulnerability in the safe level settings

Ruby home page reports: The Object Oriented Scripting Language Ruby supports safely executing an untrusted code with two mechanisms: safe level and taint flag on objects. A vulnerability has been found that allows bypassing these mechanisms. By using the vulnerability, arbitrary code can be...

7.5CVSS6.8AI score0.03256EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2005/08/22 12:0 a.m.•25 views

pam_ldap -- authentication bypass vulnerability

Luke Howard reports: If a pamldap client authenticates against an LDAP server that returns a passwordPolicyResponse control, but omits the optional "error" field of the PasswordPolicyResponseValue, then the LDAP authentication result will be ignored and the authentication step will always succeed...

7.5CVSS6.6AI score0.03645EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2005/08/03 12:0 a.m.•25 views

openvpn -- multiple TCP clients connecting with the same certificate at the same time can crash the server

James Yonan reports: If two or more client machines try to connect to the server at the same time via TCP, using the same client certificate, and when --duplicate-cn is not enabled on the server, a race condition can crash the server with "Assertion failed at mtcp.c:411"...

2.6CVSS6.4AI score0.00967EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2005/08/02 12:0 a.m.•25 views

unzip -- permission race vulnerability

Imran Ghory reports a vulnerability within unzip. The vulnerability is caused by a race condition between extracting an archive and changing the permissions of the extracted files. This would give an attacker enough time to remove a file and hardlink it to another file owned by the user running...

1.2CVSS9.1AI score0.00399EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2005/07/24 12:0 a.m.•25 views

clamav -- multiple remote buffer overflows

An Secunia Advisory reports: Neel Mehta and Alex Wheeler have reported some vulnerabilities in Clam AntiVirus, which can be exploited by malicious people to cause a DoS Denial of Service or compromise a vulnerable system. Two integer overflow errors in "libclamav/tnef.c" when processing TNEF file...

2AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2005/05/04 12:0 a.m.•25 views

leafnode -- fetchnews denial-of-service triggered by transmission abort/timeout

When an upstream server aborts the transmission or stops sending data after the fetchnews program has requested an article header or body, fetchnews may crash, without querying further servers that are configured. This can prevent articles from being fetched...

5CVSS6.5AI score0.0143EPSS
Exploits0References8
FreeBSD
FreeBSD
•added 2005/03/29 12:0 a.m.•25 views

horde -- Horde Page Title Cross-Site Scripting Vulnerability

Secunia Advisory: SA14730 A vulnerability has been reported in Horde, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed when setting the parent frame's page title via JavaScript is not properly sanitised before being returned to the user. This can be...

4.3CVSS6.7AI score0.01235EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2005/02/28 12:0 a.m.•25 views

postnuke -- cross-site scripting (XSS) vulnerabilities

A cross-site scripting vulnerability is present in the PostNuke PHP content management system. By passing data injected through exploitable errors in input validation, an attacker can insert code which will run on the machine of anybody viewing the page. It is feasible that this attack could be...

4.3CVSS6.1AI score0.01164EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2005/02/03 12:0 a.m.•25 views

ngircd -- format string vulnerability

A No System Group security advisory reports that ngircd is vulnerable to a format string vulnerability in the LogResolver function of log.c, if IDENT support is enabled. This could allow a remote attacker to execute arbitrary code with the permissions of the ngircd daemon, which is root by defaul...

7.5CVSS7.1AI score0.0972EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2005/02/03 12:0 a.m.•25 views

htdig -- cross site scripting vulnerability

Michael Krax reports a vulnerability within htdig. The vulnerability lies within an unsanitized config parameter, allowing a malicious attacker to execute arbitrary scripting code on the target's browser. This might allow the attacker to obtain the user's cookies which are associated with the sit...

6.8CVSS7.1AI score0.02273EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2005/01/25 12:0 a.m.•25 views

zhcon -- unauthorized file access

Martin Joey Schulze reports: Erik Sjöund discovered that zhcon, a fast console CJK system using the Linux framebuffer, accesses a user-controlled configuration file with elevated privileges. Thus, it is possible to read arbitrary files. When installed from the FreeBSD Ports Collection, zhcon is...

2.1CVSS6.4AI score0.00477EPSS
Exploits1
FreeBSD
FreeBSD
•added 2005/01/18 12:0 a.m.•25 views

ethereal -- multiple protocol dissectors vulnerabilities

An Ethreal Security Advisories reports: Issues have been discovered in the following protocol dissectors: The COPS dissector could go into an infinite loop. CVE: CAN-2005-0006 The DLSw dissector could cause an assertion. CVE: CAN-2005-0007 The DNP dissector could cause memory corruption. CVE:...

7.5CVSS6.9AI score0.06308EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2004/11/14 12:0 a.m.•25 views

Overflow error in fetch

An integer overflow condition in fetch1 in the processing of HTTP headers can result in a buffer overflow. A malicious server or CGI script can respond to an HTTP or HTTPS request in such a manner as to cause arbitrary portions of the client's memory to be overwritten, allowing for arbitrary code...

10CVSS3.6AI score0.03062EPSS
Exploits0
FreeBSD
FreeBSD
•added 2004/10/26 12:0 a.m.•25 views

putty -- buffer overflow vulnerability in ssh2 support

There is a bug in SSH2 support that allows a server to execute malicious code on a connecting PuTTY client. This attack can be performed before host key verification happens, so a different machine -- man in the middle attack -- could fake the machine you are connecting to...

3.1AI score
Exploits0References3
FreeBSD
FreeBSD
•added 2004/10/25 12:0 a.m.•25 views

xtrlock -- X display locking bypass

The X display locking program xtrlock contains an integer overflow bug. It is possible for an attacker with physical access to the system to bypass the display lock...

4.6CVSS6.6AI score0.00382EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2004/10/18 12:0 a.m.•25 views

cabextract -- insecure directory handling

cabextract has insufficient checks for file names that contain ../. This can cause files to be extracted to the parent directory...

5CVSS6.4AI score0.03588EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2004/08/24 12:0 a.m.•25 views

openoffice -- document disclosure

OpenOffice creates a working directory in /tmp on startup, and uses this directory to temporarily store document content. However, the permissions of the created directory may allow other user on the system to read these files, potentially exposing information the user likely assumed was...

2.1CVSS6.2AI score0.00559EPSS
Exploits1References3
FreeBSD
FreeBSD
•added 2004/08/20 12:0 a.m.•25 views

imwheel -- insecure handling of PID file

A Computer Academic Underground advisory describes the consequences of imwheel's handling of the process ID file PID file: imwheel exclusively uses a predictably named PID file for management of multiple imwheel processes. A race condition exists when the -k command-line option is used to kill...

0.2AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2004/06/23 12:0 a.m.•25 views

distcc -- incorrect parsing of IP access control rules

Fix bug that might cause IP-based access control rules not to be interpreted correctly on 64-bit platforms...

7.5CVSS6.5AI score0.01585EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2004/06/19 12:0 a.m.•25 views

sup -- format string vulnerability

Debian Security Advisory reports: [email protected] discovered a format string vulnerability in sup, a set of programs to synchronize collections of files across a number of machines, whereby a remote attacker could potentially cause arbitrary code to be executed with the privileges of the...

10CVSS6.8AI score0.0439EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2004/05/29 12:0 a.m.•25 views

bmon -- unsafe set-user-ID application

Jon Nistor reported that the FreeBSD port of bmon was installed set-user-ID root, and executes commands using relative paths. This could allow local user to easily obtain root privileges...

3.2AI score
Exploits0
FreeBSD
FreeBSD
•added 2004/05/05 12:0 a.m.•25 views

Several vulnerabilities found in PHPNuke

Janek Vind "waraxe" reports that several issues in the PHPNuke software may be exploited via carefully crafted URL requests. These URLs will permit the injection of SQL code, cookie theft, and the readability of the PHPNuke administrator account...

6.4CVSS7.4AI score0.08095EPSS
Exploits2References2
FreeBSD
FreeBSD
•added 2004/03/23 12:0 a.m.•25 views

mysql -- erroneous access restrictions applied to table renames

A Red Hat advisory reports: Oleksandr Byelkin discovered that "ALTER TABLE ... RENAME" checked the CREATE/INSERT rights of the old table instead of the new one. Table access restrictions, on the affected MySQL servers, may accidently or intentially be bypassed due to this bug...

7.5CVSS6.4AI score0.22352EPSS
Exploits1References3
FreeBSD
FreeBSD
•added 2004/01/26 12:0 a.m.•25 views

Several remotely exploitable buffer overflows in gaim

Stefan Esser of e-matters found almost a dozen remotely exploitable vulnerabilities in Gaim. From the e-matters advisory: While developing a custom add-on, an integer overflow in the handling of AIM DirectIM packets was revealed that could lead to a remote compromise of the IM client. After...

9.8CVSS6.3AI score0.11214EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2004/01/14 12:0 a.m.•25 views

kdepim exploitable buffer overflow in VCF reader

A buffer overflow is present in some versions of the KDE personal information manager kdepim which may be triggered when processing a specially crafted VCF file...

7.5CVSS6.7AI score0.06151EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2002/10/23 12:0 a.m.•25 views

pine remote denial-of-service attack

An attacker may send a specially-formatted email message that will cause pine to crash...

5CVSS6.3AI score0.09617EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2002/01/10 12:0 a.m.•25 views

nwclient -- multiple vulnerabilities

Insecure file permissions, network access control and DNS usage put systems that use Legato NetWorker at risk. When the software is running, several files that contain sensitive information are created with insecure permissions. The information exposed include passwords and can therefore be used...

6.2AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2000/05/23 12:0 a.m.•25 views

qpopper format string vulnerability

An authenticated user may trigger a format string vulnerability present in qpopper's UIDL code, resulting in arbitrary code execution with group ID mail' privileges...

7.5CVSS7.2AI score0.03349EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2025/02/13 12:0 a.m.•24 views

PostgreSQL -- PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation

The PostgreSQL Project reports: Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral, PQescapeIdentifier, PQescapeString, and PQescapeStringConn allows a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection...

8.1CVSS8AI score0.89472EPSS
Exploits10References1
FreeBSD
FreeBSD
•added 2024/12/18 12:0 a.m.•24 views

chromium -- multiple security fixes

Chrome Releases reports: This update includes 3 security fixes: 382291459 High CVE-2024-12692: Type Confusion in V8. Reported by Seunghyun Lee @0x10n on 2024-12-05 382190919 High CVE-2024-12693: Out of bounds memory access in V8. Reported by 303f06e3 on 2024-12-04 368222741 High CVE-2024-12694: U...

8.8CVSS7.7AI score0.06087EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2024/10/29 12:0 a.m.•24 views

chromium -- multiple security fixes

Chrome Releases reports: This update includes 2 security fixes: 375123371 Critical CVE-2024-10487: Out of bounds write in Dawn. Reported by Apple Security Engineering and Architecture SEAR on 2024-10-23 374310077 High CVE-2024-10488: Use after free in WebRTC. Reported by Cassidy Kim@cassidy6564 o...

8.8CVSS7.4AI score0.00653EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2024/10/02 12:0 a.m.•24 views

oauth2-proxy -- multiple vulnerabilities

The oauth2-proxy project reports: Vulnerabilities have been addressed: CVE-2024-24786 CVE-2024-24791 CVE-2024-24790 CVE-2024-24784 CVE-2024-28180 CVE-2023-45288...

9.8CVSS8.2AI score0.91969EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2024/09/26 12:0 a.m.•24 views

qt6-webengine -- Multiple vulnerabilities

Qt qtwebengine-chromium repo reports: Backports for 16 security bugs in Chromium: CVE-2024-9120: Use after free in Dawn CVE-2024-9122: Type Confusion in V8 CVE-2024-9123: Integer overflow in Skia CVE-2024-9369: Insufficient data validation in Mojo CVE-2024-9602: Type confusion in V8 CVE-2024-9603...

9.8CVSS8.4AI score0.05811EPSS
Exploits3References1
FreeBSD
FreeBSD
•added 2024/09/25 12:0 a.m.•24 views

Gitlab -- vulnerabilities

Gitlab reports: Maintainer can leak Dependency Proxy password by changing Dependency Proxy URL via crafted POST request AI feature reads unsanitized content, allowing for attacker to hide prompt injection Project reference can be exposed in system notes...

5.5CVSS6.8AI score0.00276EPSS
Exploits0References1
Total number of security vulnerabilities5000