Lucene search
K
FreebsdMost viewed

6585 matches found

FreeBSD
FreeBSD
added 2021/05/05 12:0 a.m.24 views

cyrus-imapd -- Remote authenticated users could bypass intended access restrictions on certain server annotations.

Cyrus IMAP 3.4.1 Release Notes states: Fixed CVE-2021-32056: Remote authenticated users could bypass intended access restrictions on certain server annotations. Additionally, a long-standing bug in replication did not allow server annotations to be replicated. Combining these two bugs, a remote...

4.3CVSS4.3AI score0.017EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2021/04/07 12:0 a.m.24 views

opengrok -- Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise OpenGrok.

Bobby Rauch of Accenture reports: I ended up finding OpenGrok, and after careful testing, discovered that OpenGrok insecurely deserializes XML input, which can lead to Remote Code Execution. This vulnerability was found in all versions of OpenGrok 1.6.8 and was reported to Oracle. The vulnerabili...

8.8CVSS7.1AI score0.01427EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2021/03/20 12:0 a.m.24 views

gitea -- quoting in markdown text

The Gitea Team reports for release 1.13.5: Update to goldmark 1.3.3...

1.8AI score
Exploits0References1
FreeBSD
FreeBSD
added 2021/03/17 12:0 a.m.24 views

Gitlab -- Multiple vulnerabilities

Gigtlab reports: Remote code execution via unsafe user-controlled markdown rendering options...

4.6AI score
Exploits0References1
FreeBSD
FreeBSD
added 2021/01/04 12:0 a.m.24 views

asterisk -- Remote crash in res_pjsip_diversion

The Asterisk project reports: If a registered user is tricked into dialing a malicious number that sends lots of 181 responses to Asterisk, each one will cause a 181 to be sent back to the original caller with an increasing number of entries in the "Supported" header. Eventually the number of...

6.5CVSS1.3AI score0.03914EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2020/12/01 12:0 a.m.24 views

gitea -- multiple vulnerabilities

The Gitea Team reports for release 1.13.0: Add Allow-/Block-List for Migrate and Mirrors Prevent git operations for inactive users Disallow urlencoded new lines in git protocol paths if there is a port Mitigate Security vulnerability in the git hook feature Disable DSA ssh keys by default Set TLS...

0.2AI score
Exploits0References1
FreeBSD
FreeBSD
added 2020/10/01 12:0 a.m.24 views

py-matrix-synapse -- XSS vulnerability

Matrix developers reports: The fallback authentication endpoint served via Synapse were vulnerable to cross-site scripting XSS attacks. The impact depends on the configuration of the domain that Synapse is deployed on, but may allow access to cookies and other browser data, CSRF vulnerabilities,...

6.1CVSS5.1AI score0.01908EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2020/07/28 12:0 a.m.24 views

Ghostscript -- SAFER Sandbox Breakout

NVD reports: A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. Use of a non-standard PostScript operator can allow overriding of file access controls. The 'rsearch' calculation for the 'post' size resulted in a size that was too large, and could underflow to max uint32t...

9.8CVSS9.3AI score0.05186EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2020/06/04 12:0 a.m.24 views

upnp -- denial of service (crash)

CVE mitre reports: Portable UPnP SDK aka libupnp 1.12.1 and earlier allows remote attackers to cause a denial of service crash via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/servicetable/servicetable.c...

7.5CVSS5.2AI score0.03469EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2020/05/12 12:0 a.m.24 views

FreeBSD -- Memory disclosure vulnerability in libalias

Problem Description: The FTP packet handler in libalias incorrectly calculates some packet lengths. This may result in disclosing small amounts of memory from the kernel for the in-kernel NAT implementation or from the process space for natd for the userspace implementation. Impact: A malicious...

5.5CVSS3.2AI score0.00523EPSS
Exploits0
FreeBSD
FreeBSD
added 2020/05/04 12:0 a.m.24 views

Wagtail -- potential timing attack vulnerability

Wagtail release notes: CVE-2020-11037: Potential timing attack on password-protected private pages This release addresses a potential timing attack on pages or documents that have been protected with a shared password through Wagtail's "Privacy" controls. This password check is performed through ...

6.1CVSS1.4AI score0.0025EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2020/03/10 12:0 a.m.24 views

puppetserver and puppetdb -- Puppet Server and PuppetDB may leak sensitive information via metrics API

Puppetlabs reports: Puppet Server and PuppetDB provide useful performance and debugging information via their metrics API endpoints. For PuppetDB this may contain things like hostnames. Puppet Server reports resource names and titles for defined types which may contain sensitive information as we...

7.5CVSS7.2AI score0.07884EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2020/02/18 12:0 a.m.24 views

puppet6 -- Arbitrary Catalog Retrieval

Puppetlabs reports: Previously, Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate allowed access to everything in the infrastructure. When a node's catalog falls back to the default node, the catalog ca...

6.5CVSS1.5AI score0.00823EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2019/10/29 12:0 a.m.24 views

RabbitMQ-C -- integer overflow leads to heap corruption

alanxz reports: When parsing a frame header, validate that the framesize is less than or equal to INT32MAX. Given framemax is limited between 0 and INT32MAX in amqplogin and friends, this does not change the API. This prevents a potential buffer overflow when a malicious client sends a framesize...

9.8CVSS7.5AI score0.03317EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2019/08/07 12:0 a.m.24 views

KDE Frameworks -- malicious .desktop files execute code

The KDE Community has released a security announcement: The syntax Key$e=$shell command in .desktop files, .directory files, and configuration files typically found in /.config was an intentional feature of KConfig, to allow flexible configuration. This could however be abused by malicious people...

7.8CVSS1.7AI score0.04069EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2019/08/03 12:0 a.m.24 views

doas -- Prevent passing of environment variables

Jesse Smith upstream author of the doas program reported: Previous versions of "doas" transferred most environment variables, such as USER, HOME, and PATH from the original user to the target user. Passing these variables could cause files in the wrong path or home directory to be read or written...

1AI score
Exploits0References2
FreeBSD
FreeBSD
added 2019/07/31 12:0 a.m.24 views

gitea -- multiple vulnerabilities

The Gitea Team reports: This release contains two security fixes, so we highly recommend updating...

1.2AI score
Exploits0References2
FreeBSD
FreeBSD
added 2019/03/21 12:0 a.m.24 views

znc -- Denial of Service

Mitre reports: ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial of Service crash via invalid encoding...

6.5CVSS3AI score0.03133EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2019/02/25 12:0 a.m.24 views

glpi -- stored XSS

MITRE Corporation reports: inc/user.class.php in GLPI before 9.4.3 allows XSS via a user picture...

6.1CVSS2.7AI score0.01327EPSS
Exploits1References3
FreeBSD
FreeBSD
added 2018/12/17 12:0 a.m.24 views

botan2 -- Side channel during ECC key generation

botan2 developers reports: A timing side channel during ECC key generation could leak information about the high bits of the secret scalar. Such information allows an attacker to perform a brute force attack on the key somewhat more efficiently than they would otherwise. Found by Ján Jančár using...

5.9CVSS2AI score0.01525EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2018/10/17 12:0 a.m.24 views

OpenEXR -- heap buffer overflow, and out-of-memory bugs

Cary Phillips reports: OpenEXR IlmBase v2.4.0 fixes the following security vulnerabilities: CVE-2018-18444 Issue 351 Out of Memory CVE-2018-18443 Issue 350 heap-buffer-overflow The relevant patches have been backported to the FreeBSD ports...

8.8CVSS1.4AI score0.02615EPSS
Exploits2References3
FreeBSD
FreeBSD
added 2018/08/14 12:0 a.m.24 views

FreeBSD -- Unauthenticated EAPOL-Key Decryption Vulnerability

Problem Description: When using WPA2, EAPOL-Key frames with the Encrypted flag and without the MIC flag set, the data field was decrypted first without verifying the MIC. When the dta field was encrypted using RC4, for example, when negotiating TKIP as a pairwise cipher, the unauthenticated but...

5.5CVSS0.00383EPSS
Exploits0
FreeBSD
FreeBSD
added 2018/08/13 12:0 a.m.24 views

X11 Session -- SDDM allows unauthorised unlocking

MITRE reports: An issue was discovered in SDDM through 0.17.0. If configured with ReuseSession=true, the password is not checked for users with an already existing session. Any user with access to the system D-Bus can therefore unlock any graphical session. The default configuration of SDDM on...

7.5CVSS3.3AI score0.01019EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2018/04/04 12:0 a.m.24 views

Gitlab -- multiple vulnerabilities

GitLab reports: Confidential issue comments in Slack, Mattermost, and webhook integrations. Persistent XSS in milestones data-milestone-id. Persistent XSS in filename of merge request...

4AI score
Exploits0References1
FreeBSD
FreeBSD
added 2018/03/14 12:0 a.m.24 views

moodle -- multiple vulnerabilities

moodle reports: Unauthenticated users can trigger custom messages to admin via paypal enrol script. Suspended users with OAuth 2 authentication method can still log in to the site...

8.1CVSS6.8AI score0.02135EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2017/11/25 12:0 a.m.24 views

libXfont -- permission bypass when opening files through symlinks

the freedesktop.org project reports: A non-privileged X client can instruct X server running under root to open any file by creating own directory with "fonts.dir", "fonts.alias" or any font file being a symbolic link to any other file in the system. X server will then open it. This can be issue...

5.5CVSS5.8AI score0.0042EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2017/11/15 12:0 a.m.24 views

FreeBSD -- POSIX shm allows jails to access global namespace

Problem Description: Named paths are globally scoped, meaning a process located in one jail can read and modify the content of POSIX shared memory objects created by a process in another jail or the host system. Impact: A malicious user that has access to a jailed system is able to abuse shared...

7.8CVSS7.3AI score0.00415EPSS
Exploits0
FreeBSD
FreeBSD
added 2017/11/15 12:0 a.m.24 views

FreeBSD -- Kernel data leak via ptrace(PT_LWPINFO)

Problem Description: Not all information in the struct ptracelwpinfo is relevant for the state of any thread, and the kernel does not fill the irrelevant bytes or short strings. Since the structure filled by the kernel is allocated on the kernel stack and copied to userspace, a leak of informatio...

3.3CVSS4.9AI score0.00362EPSS
Exploits0
FreeBSD
FreeBSD
added 2017/09/27 12:0 a.m.24 views

node -- access to unintended files

node developers report: Node.js 8.5.0 before 8.6.0 allows remote attackers to access unintended files, because a change to ".." handling was incompatible with the pathname validation used by unspecified community modules...

7.5CVSS7.4AI score0.53416EPSS
Exploits2References1
FreeBSD
FreeBSD
added 2017/09/20 12:0 a.m.24 views

libraw -- Out-of-bounds Read

libraw developers report: In LibRaw through 0.18.4, an out of bounds read flaw related to kodak65000loadraw has been reported in dcraw/dcraw.c and internal/dcrawcommon.cpp. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash...

9.1CVSS8.8AI score0.02095EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2017/09/09 12:0 a.m.24 views

libbson -- Denial of Service

mongodb developers report: In MongoDB libbson 1.7.0, the bsonitercodewscope function in bson-iter.c miscalculates a bsonutf8validate length argument, which allows remote attackers to cause a denial of service heap-based buffer over-read in the bsonutf8validate function in bson-utf8.c, as...

7.5CVSS7.4AI score0.02797EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2017/04/27 12:0 a.m.24 views

FreeBSD -- ipfilter(4) fragment handling panic

Problem Description: ipfilter4, capable of stateful packet inspection, using the "keep state" or "keep frags" rule options, will not only maintain the state of connections, such as TCP streams or UDP communication, it also maintains the state of fragmented packets. When a packet fragments are...

7.8CVSS7.4AI score0.02666EPSS
Exploits0
FreeBSD
FreeBSD
added 2017/04/12 12:0 a.m.24 views

asterisk -- Buffer Overrun in PJSIP transaction layer

The Asterisk project reports: A remote crash can be triggered by sending a SIP packet to Asterisk with a specially crafted CSeq header and a Via header with no branch parameter. The issue is that the PJSIP RFC 2543 transaction key generation algorithm does not allocate a large enough buffer. By...

2.1AI score
Exploits0References2
FreeBSD
FreeBSD
added 2017/03/28 12:0 a.m.24 views

phpMyAdmin -- bypass 'no password' restriction

The phpMyAdmin team reports: Summary Bypass $cfg'Servers'$i'AllowNoPassword' Description A vulnerability was discovered where the restrictions caused by $cfg'Servers'$i'AllowNoPassword' = false are bypassed under certain PHP versions. This can allow the login of users who have no password set eve...

1.6AI score
Exploits0References1
FreeBSD
FreeBSD
added 2016/12/06 12:0 a.m.24 views

FreeBSD -- Possible login(1) argument injection in telnetd(8)

Problem Description: An unexpected sequence of memory allocation failures combined with insufficient error checking could result in the construction and execution of an argument sequence that was not intended. Impact: An attacker who controls the sequence of memory allocation failures and success...

7.5CVSS2.2AI score0.01875EPSS
Exploits0
FreeBSD
FreeBSD
added 2016/07/26 12:0 a.m.24 views

collectd -- Network plugin heap overflow

The collectd Project reports: Emilien Gaspar has identified a heap overflow in collectd's network plugin which can be triggered remotely and is potentially exploitable...

9.1CVSS2.5AI score0.05695EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2016/05/01 12:0 a.m.24 views

jansson -- local denial of service vulnerabilities

QuickFuzz reports: A crash caused by stack exhaustion parsing a JSON was found...

7.5CVSS3.4AI score0.01894EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2016/02/15 12:0 a.m.24 views

kamailio -- SEAS Module Heap overflow

Stelios Tsampas reports: A remotely exploitable heap overflow vulnerability was found in Kamailio v4.3.4...

10CVSS2.7AI score0.30518EPSS
Exploits4References3
FreeBSD
FreeBSD
added 2016/01/19 12:0 a.m.24 views

xymon-server -- multiple vulnerabilities

J.C. Cleaver reports: CVE-2016-2054: Buffer overflow in xymond handling of "config" command CVE-2016-2055: Access to possibly confidential files in the Xymon configuration directory CVE-2016-2056: Shell command injection in the "useradm" and "chpasswd" web applications CVE-2016-2057: Incorrect...

9.8CVSS1.8AI score0.54507EPSS
Exploits7References1
FreeBSD
FreeBSD
added 2016/01/14 12:0 a.m.24 views

FreeBSD -- Linux compatibility layer setgroups(2) system call

Problem Description: A programming error in the Linux compatibility layer setgroups2 system call can lead to an unexpected results, such as overwriting random kernel memory contents. Impact: It is possible for a local attacker to overwrite portions of kernel memory, which may result in a privileg...

7.8CVSS2.2AI score0.00392EPSS
Exploits0
FreeBSD
FreeBSD
added 2016/01/07 12:0 a.m.24 views

php -- multiple vulnerabilities

PHP reports: Core: Fixed bug 70755 fpmlog.c memory leak and buffer overflow. GD: Fixed bug 70976 Memory Read via gdImageRotateInterpolated Array Index Out of Bounds. SOAP: Fixed bug 70900 SoapClient systematic out of memory error. Wddx Fixed bug 70661 Use After Free Vulnerability in WDDX Packet...

2.1AI score
Exploits0References2
FreeBSD
FreeBSD
added 2015/11/25 12:0 a.m.24 views

Salt -- information disclosure

Salt release notes report: CVE-2015-8034: Saving state.sls cache data to disk with insecure permissions This affects users of the state.sls function. The state run cache on the minion was being created with incorrect permissions. This file could potentially contain sensitive data that was inserte...

3.3CVSS4.7AI score0.00407EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2015/11/14 12:0 a.m.24 views

redmine -- multiple vulnerabilities

Redmine reports: Potential changeset message disclosure in issues API. Data disclosure on the time logging form...

5.3CVSS5.6AI score0.01931EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2015/10/08 12:0 a.m.24 views

codeigniter -- multiple XSS vulnerabilities

The CodeIgniter changelog reports: Fixed a number of XSS attack vectors in Security Library method xssclean thanks to Frans Rosén from Detectify...

3.9AI score
Exploits0References1
FreeBSD
FreeBSD
added 2015/08/21 12:0 a.m.24 views

pcre -- heap overflow vulnerability

Guanxing Wen reports: PCRE library is prone to a vulnerability which leads to Heap Overflow. During the compilation of a malformed regular expression, more data is written on the malloced block than the expected size output by compileregex. The Heap Overflow vulnerability is caused by the followi...

0.4AI score
Exploits0References2
FreeBSD
FreeBSD
added 2015/07/06 12:0 a.m.24 views

squid -- Improper Protection of Alternate Path with CONNECT requests

Squid security advisory 2015:2 reports: Squid configured with cachepeer and operating on explicit proxy traffic does not correctly handle CONNECT method peer responses. The bug is important because it allows remote clients to bypass security in an explicit gateway proxy. However, the bug is...

6.8CVSS8.5AI score0.16525EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2015/06/30 12:0 a.m.24 views

Joomla! -- Core - Open Redirect vulnerability

The JSST and the Joomla! Security Center report: 20150601 - Core - Open Redirect Inadequate checking of the return value allowed to redirect to an external page...

6.1CVSS6.4AI score0.00714EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2015/06/02 12:0 a.m.24 views

xen-tools -- PCI MSI mask bits inadvertently exposed to guests

The Xen Project reports: The mask bits optionally available in the PCI MSI capability structure are used by the hypervisor to occasionally suppress interrupt delivery. Unprivileged guests were, however, nevertheless allowed direct control of these bits. Interrupts may be observed by Xen at...

7.8CVSS8AI score0.03427EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2015/04/07 12:0 a.m.24 views

FreeBSD -- Insecure default GELI keyfile permissions

Problem Description: The default permission set by bsdinstall8 installer when configuring full disk encrypted ZFS is too open. Impact: A local attacker may be able to get a copy of the geli8 provider's keyfile which is located at a fixed location...

2.1CVSS6AI score0.0035EPSS
Exploits2
FreeBSD
FreeBSD
added 2015/01/18 12:0 a.m.24 views

ha -- Directory traversals

Alexander Cherepanov reports: Version 0.999b and older of ha archiver is susceptible to directory traversal vulnerabilities via absolute and relative paths...

7.5CVSS7.6AI score0.03323EPSS
Exploits0References1
Total number of security vulnerabilities5000