Lucene search
K
FreebsdMost viewed

6583 matches found

FreeBSD
FreeBSD
added 2024/09/02 12:0 a.m.24 views

chromium -- multiple security fixes

Chrome Releases reports: This update includes 4 security fixes: 357391257 High CVE-2024-8362: Use after free in WebAudio. Reported by Cassidy Kim@cassidy6564 on 2024-08-05 358485426 High CVE-2024-7970: Out of bounds write in V8. Reported by Cassidy Kim@cassidy6564 on 2024-08-09...

8.8CVSS7.7AI score0.00526EPSS
Exploits2References1
FreeBSD
FreeBSD
added 2024/08/25 12:0 a.m.24 views

binutils -- Multiple vulnerabilities

[email protected] reports PR/281070: A new version of devel/binutils has been released fixing CVE-2023-1972, CVE-2023-25585, CVE-2023-25586, and CVE-2023-25588...

6.5CVSS8.3AI score0.00895EPSS
Exploits3
FreeBSD
FreeBSD
added 2024/08/21 12:0 a.m.24 views

Gitlab -- vulnerabilities

Gitlab reports: The GitLab Web Interface Does Not Guarantee Information Integrity When Downloading Source Code from Releases Denial of Service by importing maliciously crafted GitHub repository Prompt injection in "Resolve Vulnerabilty" results in arbitrary command execution in victim's pipeline ...

6.5CVSS8.1AI score0.00462EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2024/08/15 12:0 a.m.24 views

electron31 -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2024-6989. Security: backported fix for CVE-2024-6991...

8.8CVSS7.4AI score0.00538EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2024/08/06 12:0 a.m.24 views

chromium -- multiple security fixes

Chrome Releases reports: This update includes 5 security fixes: 350528343 Critical CVE-2024-7532: Out of bounds memory access in ANGLE. Reported by wgslfuzz on 2024-07-02 353552540 High CVE-2024-7533: Use after free in Sharing. Reported by lime@limeSec from TIANGONG Team of Legendsec at QI-ANXIN...

8.8CVSS8.5AI score0.00783EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2024/07/17 12:0 a.m.24 views

electron29 -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2024-6291. Security: backported fix for CVE-2024-6293. Security: backported fix for CVE-2024-6290. Security: backported fix for CVE-2024-6292...

8.8CVSS7AI score0.00546EPSS
Exploits4References4
FreeBSD
FreeBSD
added 2024/06/06 12:0 a.m.24 views

kanboard -- Project Takeover via IDOR in ProjectPermissionController

[email protected] reports: Kanboard is project management software that focuses on the Kanban methodology. The vuln is in app/Controller/ProjectPermissionController.php function addUser. The users permission to add users to a project only get checked on the URL parameter projectid. I...

8.2CVSS8AI score0.00353EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2024/05/16 12:0 a.m.24 views

OpenSSL -- Denial of Service vulnerability

The OpenSSL project reports: Excessive time spent checking DSA keys and parameters Low Checking excessively long DSA keys or parameters may be very slow...

5.3CVSS6.4AI score0.01131EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2024/05/08 12:0 a.m.24 views

QtNetworkAuth -- predictable seeding of PRNG in QAbstractOAuth

Andy Shaw reports: The OAuth1 implementation in QtNetworkAuth created nonces using a PRNG that was seeded with a predictable seed. This means that an attacker that can somehow control the time of the first OAuth1 flow of the process has a high chance of predicting the nonce used in said OAuth flo...

9.8CVSS6.6AI score0.0097EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2024/05/06 12:0 a.m.24 views

Jinja2 -- Vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter

[email protected] reports: Jinja is an extensible templating engine. The xmlattr filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, /, , or =, as each would then be interpreted as starting a separate...

6.9AI score
Exploits0References1
FreeBSD
FreeBSD
added 2024/04/07 12:0 a.m.24 views

frr - Multiple vulnerabilities

[email protected] reports: In FRRouting FRR through 9.1, there are multiples vulnerabilities. CVE-2024-31950: buffer overflow and daemon crash in ospfteparseri for OSPF LSA packets CVE-2024-31951: buffer overflow and daemon crash in ospfteparseextlink for OSPF LSA packets...

6.5CVSS7.9AI score0.0054EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2024/03/26 12:0 a.m.24 views

chromium -- multiple security fixes

Chrome Releases reports: This update includes 7 security fixes: 327807820 Critical CVE-2024-2883: Use after free in ANGLE. Reported by Cassidy Kim@cassidy6564 on 2024-03-03 328958020 High CVE-2024-2885: Use after free in Dawn. Reported by wgslfuzz on 2024-03-11 330575496 High CVE-2024-2886: Use...

8.8CVSS7.6AI score0.19883EPSS
Exploits8References1
FreeBSD
FreeBSD
added 2024/02/21 12:0 a.m.24 views

Gitlab -- Vulnerabilities

Gitlab reports: Stored-XSS in user's profile page User with "admingroupmembers" permission can invite other groups to gain owner access ReDoS issue in the Codeowners reference extractor LDAP user can reset password using secondary email and login using direct authentication Bypassing group ip...

8.7CVSS7.7AI score0.51467EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2024/02/14 12:0 a.m.24 views

FreeBSD -- jail(2) information leak

Problem Description: The jail2 system call has not limited a visiblity of allocated TTYs the kern.ttys sysctl. This gives rise to an information leak about processes outside the current jail. Impact: Attacker can get information about TTYs allocated on the host or in other jails. Effectively, the...

3.3CVSS6.8AI score0.00181EPSS
Exploits0
FreeBSD
FreeBSD
added 2024/01/22 12:0 a.m.24 views

suricata -- multiple vulnerabilities

Suricata team reports: Multiple vulnerabilities fixed in the last release of suricata. No details have been disclosed yet...

8.1CVSS7.6AI score0.01193EPSS
Exploits1
FreeBSD
FreeBSD
added 2023/12/13 12:0 a.m.24 views

Gitlab -- vulnerabilities

Gitlab reports: Smartcard authentication allows impersonation of arbitrary user using user's public certificate When subgroup is allowed to merge or push to protected branches, subgroup members with the Developer role may gain the ability to push or merge The GitLab web interface does not ensure...

8.8CVSS7.8AI score0.00733EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2023/11/14 12:0 a.m.24 views

typo3 -- Multiple vulnerabilities

[email protected] reports: Weak Authentication in Session Handling in typo3/cms-core: In typo3 installations there are always at least two different sites. Eg. first.example.org and second.example.com. In affected versions a session cookie generated for the first site can be reused o...

6.1CVSS6AI score0.00574EPSS
Exploits1References3
FreeBSD
FreeBSD
added 2023/11/08 12:0 a.m.24 views

FreeBSD -- Incorrect libcap_net limitation list manipulation

Problem Description: Casper services allow limiting operations that a process can perform. Each service maintains a specific list of permitted operations. Certain operations can be further restricted, such as specifying which domain names can be resolved. During the verification of limits, the...

7.5CVSS6.7AI score0.00511EPSS
Exploits0
FreeBSD
FreeBSD
added 2023/09/27 12:0 a.m.24 views

Account takeover through API in GLPI

[email protected] reports: GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. An API user that have read access on users resource can steal...

8.8CVSS7.1AI score0.00737EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2023/09/16 12:0 a.m.24 views

vorbistools -- heap buffer overflow in oggenc

Frank-Z7 reports: Heap buffer overflow when vorbis-tools/oggenc converts WAV files to Ogg files...

7.8CVSS7.4AI score0.00448EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2023/09/06 12:0 a.m.24 views

FreeBSD -- pf incorrectly handles multiple IPv6 fragment headers

Problem Description: With a 'scrub fragment reassemble' rule, a packet containing multiple IPv6 fragment headers would be reassembled, and then immediately processed. That is, a packet with multiple fragment extension headers would not be recognized as the correct ultimate payload. Instead a pack...

7.5CVSS7.3AI score0.0068EPSS
Exploits0
FreeBSD
FreeBSD
added 2023/07/13 12:0 a.m.24 views

GLPI vulnerable to SQL injection via dashboard administration

[email protected] reports: GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An administrator can trigger SQL injection via dashboards administration. This vulnerability has been patched in...

9.1CVSS8.3AI score0.00576EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2023/06/30 12:0 a.m.24 views

SoftEtherVPN -- multiple vulnerabilities

Daiyuu Nobori reports: The SoftEther VPN project received a high level code review and technical assistance from Cisco Systems, Inc. of the United States from April to June 2023 to fix several vulnerabilities in the SoftEther VPN code. The risk of exploitation of any of the fixed vulnerabilities ...

9CVSS7.9AI score0.01543EPSS
Exploits6References1
FreeBSD
FreeBSD
added 2023/06/06 12:0 a.m.24 views

Grafana -- Broken access control: viewer can send test alerts

Grafana Labs reports: Grafana can allow an attacker in the Viewer role to send alerts by API Alert - Test. This option, however, is not available in the user panel UI for the Viewer role. The CVSS score for this vulnerability is 4.1 Medium CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N...

7.5CVSS6.9AI score0.01027EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2023/04/25 12:0 a.m.24 views

element-web -- matrix-react-sdk vulnerable to HTML injection in search results via plaintext message highlighting

Matrix developers report: matrix-react-sdk is a react-based SDK for inserting a Matrix chat/VoIP client into a web page. Prior to version 3.71.0, plain text messages containing HTML tags are rendered as HTML in the search results. To exploit this, an attacker needs to trick a user into searching...

5.4CVSS6.1AI score0.00617EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2023/01/27 12:0 a.m.24 views

py-cinder -- unauthorized data access

Utkarsh Gupta reports: An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. By supplying a specially created VMDK flat image that references a specif...

5.7CVSS5.4AI score0.01025EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2023/01/16 12:0 a.m.24 views

Spotipy -- Path traversal vulnerability

Stéphane Bruckert If a malicious URI is passed to the library, the library can be tricked into performing an operation on a different API endpoint than intended...

4.3CVSS5.2AI score0.00653EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2023/01/04 12:0 a.m.24 views

devel/viewvc-devel is vulnerable to cross-site scripting

C. Michael Pilato reports: security fix: escape revision view copy paths 311 CVE-2023-22464 security fix: escape revision view changed paths 311 CVE-2023-22456...

6.1CVSS6.1AI score0.00694EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2022/12/23 12:0 a.m.24 views

py27-setuptools44 -- denial of service vulnerability

SCH227 reports: Python Packaging Authority PyPA's setuptools is a library designed to facilitate packaging Python projects. Setuptools version 65.5.0 and earlier could allow remote attackers to cause a denial of service by fetching malicious HTML from a PyPI package or custom PackageIndex page du...

5.9CVSS6.2AI score0.02617EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2022/11/21 12:0 a.m.24 views

py-tensorflow -- denial of service vulnerability

Kang Hong Jin, Neophytos Christou, 刘力源 and Pattarakrit Rattankul report: Another instance of CVE-2022-35935, where SobolSample is vulnerable to a denial of service via assumed scalar inputs, was found and fixed. Pattarakrit Rattankul reports: Another instance of CVE-2022-35991, where...

7.5CVSS7.4AI score0.00441EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2022/11/02 12:0 a.m.24 views

pixman -- heap overflow

Pixman reports: for release 0.42.2 Avoid integer overflow leading to out-of-bounds write...

8.8CVSS2.4AI score0.0144EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2022/09/26 12:0 a.m.24 views

py39-joblib -- arbitrary code execution

jimlinntu reports: The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the predispatch flag in Parallel class due to the eval statement...

9.8CVSS9.5AI score0.01975EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2022/04/21 12:0 a.m.24 views

zeek -- potential DoS vulnerabilty

Tim Wojtulewicz of Corelight reports: Fix potential unbounded state growth in the FTP analyzer when receiving a specially-crafted stream of commands. This may lead to a buffer overflow and cause Zeek to crash. Due to the possibility of this happening with packets received from the network, this i...

1.4AI score
Exploits0References1
FreeBSD
FreeBSD
added 2022/04/11 12:0 a.m.24 views

MinIO -- unprivileged users can create service accounts for admin users

MinIO reports: A security issue was found where an unprivileged user is able to create service accounts for root or other admin users and then is able to assume their access policies via the generated credentials...

9CVSS4.9AI score0.02085EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2022/04/06 12:0 a.m.24 views

FreeBSD -- Bhyve e82545 device emulation out-of-bounds write

Problem Description: The e1000 network adapters permit a variety of modifications to an Ethernet packet when it is being transmitted. These include the insertion of IP and TCP checksums, insertion of an Ethernet VLAN header, and TCP segmentation offload "TSO". The e1000 device model uses an...

8.8CVSS1.5AI score0.00209EPSS
Exploits0
FreeBSD
FreeBSD
added 2022/03/25 12:0 a.m.24 views

powerdns -- denial of service

PowerDNS Team reports: PowerDNS Security Advisory 2022-01: incomplete validation of incoming IXFR transfer in Authoritative Server and Recursor...

7.5CVSS4.4AI score0.04908EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2022/01/23 12:0 a.m.24 views

xrdp -- privilege escalation

xrdp project reports: An integer underflow leading to a heap overflow in the sesman server allows any unauthenticated attacker which is accessible to a sesman server listens by default on localhost when installing xrdp, but can be remote if configured otherwise to execute code as root...

7.8CVSS3.9AI score0.00485EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2022/01/12 12:0 a.m.24 views

clamav -- invalid pointer read that may cause a crash

Laurent Delosieres reports: Fix for invalid pointer read that may cause a crash. This issue affects 0.104.1, 0.103.4 and prior when ClamAV is compiled with libjson-c and the CLSCANGENERALCOLLECTMETADATA scan option the clamscan --gen-json option is enabled...

7.5CVSS1.8AI score0.03061EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2021/11/18 12:0 a.m.24 views

py-matrix-synapse -- several vulnerabilities

Matrix developers report: This release patches one high severity issue affecting Synapse installations 1.47.0 and earlier using the media repository. An attacker could cause these Synapses to download a remote file and store it in a directory outside the media repository. Note that: This only...

7.5CVSS7.3AI score0.01514EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2021/10/12 12:0 a.m.24 views

minio -- policy restriction issue

minio developers report: Looks like policy restriction was not working properly for normal users when they are not svc or STS accounts. svc accounts are now properly fixed to get right permissions when its inherited, so we do not have to set 'owner = true' sts accounts have always been using righ...

8.8CVSS2.4AI score0.01244EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2021/09/13 12:0 a.m.24 views

tcpslice -- heap-based use-after-free in extract_slice()

The Tcpdump Group reports: heap-based use-after-free in extractslice...

5.5CVSS0.6AI score0.0087EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2021/08/24 12:0 a.m.24 views

FreeBSD -- Remote code execution in ggatec(8)

Problem Description: The ggatec8 daemon does not validate the size of a response before writing it to a fixed-sized buffer. This allows to overwrite the stack of ggatec8. Impact: A malicious ggated8 or an attacker in a priviledged network position can overwrite the stack with crafted content and...

8.1CVSS5.1AI score0.01578EPSS
Exploits0
FreeBSD
FreeBSD
added 2021/05/05 12:0 a.m.24 views

cyrus-imapd -- Remote authenticated users could bypass intended access restrictions on certain server annotations.

Cyrus IMAP 3.4.1 Release Notes states: Fixed CVE-2021-32056: Remote authenticated users could bypass intended access restrictions on certain server annotations. Additionally, a long-standing bug in replication did not allow server annotations to be replicated. Combining these two bugs, a remote...

4.3CVSS4.3AI score0.017EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2021/04/07 12:0 a.m.24 views

opengrok -- Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise OpenGrok.

Bobby Rauch of Accenture reports: I ended up finding OpenGrok, and after careful testing, discovered that OpenGrok insecurely deserializes XML input, which can lead to Remote Code Execution. This vulnerability was found in all versions of OpenGrok 1.6.8 and was reported to Oracle. The vulnerabili...

8.8CVSS7.1AI score0.01427EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2021/03/20 12:0 a.m.24 views

gitea -- quoting in markdown text

The Gitea Team reports for release 1.13.5: Update to goldmark 1.3.3...

1.8AI score
Exploits0References1
FreeBSD
FreeBSD
added 2021/03/17 12:0 a.m.24 views

Gitlab -- Multiple vulnerabilities

Gigtlab reports: Remote code execution via unsafe user-controlled markdown rendering options...

4.6AI score
Exploits0References1
FreeBSD
FreeBSD
added 2021/01/04 12:0 a.m.24 views

asterisk -- Remote crash in res_pjsip_diversion

The Asterisk project reports: If a registered user is tricked into dialing a malicious number that sends lots of 181 responses to Asterisk, each one will cause a 181 to be sent back to the original caller with an increasing number of entries in the "Supported" header. Eventually the number of...

6.5CVSS1.3AI score0.03914EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2020/12/01 12:0 a.m.24 views

gitea -- multiple vulnerabilities

The Gitea Team reports for release 1.13.0: Add Allow-/Block-List for Migrate and Mirrors Prevent git operations for inactive users Disallow urlencoded new lines in git protocol paths if there is a port Mitigate Security vulnerability in the git hook feature Disable DSA ssh keys by default Set TLS...

0.2AI score
Exploits0References1
FreeBSD
FreeBSD
added 2020/10/01 12:0 a.m.24 views

py-matrix-synapse -- XSS vulnerability

Matrix developers reports: The fallback authentication endpoint served via Synapse were vulnerable to cross-site scripting XSS attacks. The impact depends on the configuration of the domain that Synapse is deployed on, but may allow access to cookies and other browser data, CSRF vulnerabilities,...

6.1CVSS5.1AI score0.01908EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2020/07/28 12:0 a.m.24 views

Ghostscript -- SAFER Sandbox Breakout

NVD reports: A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. Use of a non-standard PostScript operator can allow overriding of file access controls. The 'rsearch' calculation for the 'post' size resulted in a size that was too large, and could underflow to max uint32t...

9.8CVSS9.3AI score0.05186EPSS
Exploits0References1
Total number of security vulnerabilities5000