Lucene search
K
FreebsdMost viewed

6583 matches found

FreeBSD
FreeBSD
•added 2010/01/29 12:0 a.m.•65 views

sudo -- Privilege escalation with sudoedit

Todd Miller reports: When sudo performs its command matching, there is a special case for pseudo-commands in the sudoers file currently, the only pseudo-command is sudoedit. Unlike a regular command, pseudo-commands do not begin with a slash '/'. The flaw is that sudo's the matching code would on...

6.9CVSS7.3AI score0.01125EPSS
Exploits2References3
FreeBSD
FreeBSD
•added 2024/09/03 12:0 a.m.•64 views

OpenSSL -- Multiple vulnerabilities

The OpenSSL project reports: Possible denial of service in X.509 name checks Moderate severity Applications performing certificate name checks e.g., TLS clients checking server certificates may attempt to read an invalid memory address resulting in abnormal termination of the application process...

7.5AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2023/10/17 12:0 a.m.•64 views

MySQL -- Multiple vulnerabilities

Oracle reports: This Critical Patch Update contains 37 new security patches, plus additional third party patches noted below, for Oracle MySQL. 9 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials...

9.8CVSS7AI score0.78483EPSS
Exploits7References1
FreeBSD
FreeBSD
•added 2023/03/23 12:0 a.m.•64 views

ghostscript -- exploitable buffer overflow in (T)BCP in PS interpreter

[email protected] reports: In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less...

9.8CVSS9.3AI score0.06341EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2021/11/28 12:0 a.m.•64 views

node_exporter -- bypass security with cache poisoning

Prometheus team reports: Prometheus and its exporters can be secured by a web.yml file that specifies usernames and hashed passwords for basic authentication. Passwords are hashed with bcrypt, which means that even if you have access to the hash, it is very hard to find the original password back...

8.8CVSS8.5AI score0.01166EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2021/06/03 12:0 a.m.•64 views

polkit -- local privilege escalation using polkit_system_bus_name_get_creds_sync

Cedric Buissart reports: The function polkitsystembusnamegetcredssync is used to get the uid and pid of the process requesting the action. It does this by sending the unique bus name of the requesting process, which is typically something like ":1.96", to dbus-daemon. These unique names are...

7.8CVSS0.7AI score0.22193EPSS
Exploits37References3
FreeBSD
FreeBSD
•added 2020/05/12 12:0 a.m.•64 views

Apache Tomcat Remote Code Execution via session persistence

The Apache Software Foundation reports: Under certain circumstances an attacker will be able to trigger remote code execution via deserialization of the file under their control...

7CVSS7AI score0.56636EPSS
Exploits15References4
FreeBSD
FreeBSD
•added 2020/04/28 12:0 a.m.•64 views

CUPS -- memory corruption

Apple reports: CVE-2019-8842: The ippReadIO function may under-read an extension. CVE-2020-3898: The ppdOpen function did not handle invalid UI constraint. ppdcSource::getresolution function did not handle invalid resolution strings. An application may be able to gain elevated privileges...

7.8CVSS2AI score0.02006EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2019/10/24 12:0 a.m.•64 views

php -- env_path_info underflow in fpm_main.c can lead to RCE

The PHP project reports: The PHP development team announces the immediate availability of PHP 7.3.11. This is a security release which also contains several bug fixes. The PHP development team announces the immediate availability of PHP 7.2.24. This is a security release which also contains sever...

9.8CVSS2.2AI score0.9947EPSS
Exploits55References3
FreeBSD
FreeBSD
•added 2019/08/16 12:0 a.m.•64 views

Node.js -- multiple vulnerabilities

Node.js reports: Node.js, as well as many other implementations of HTTP/2, have been found vulnerable to Denial of Service attacks. See https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md for more information. Updates are now available for all active Node....

7.8CVSS1.6AI score0.87806EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2019/08/08 12:0 a.m.•64 views

PostgresSQL -- TYPE in pg_temp execute arbitrary SQL during `SECURITY DEFINER` execution

The PostgreSQL project reports: Versions Affected: 9.4 - 11 Given a suitable SECURITY DEFINER function, an attacker can execute arbitrary SQL under the identity of the function owner. An attack requires EXECUTE permission on the function, which must itself contain a function call having inexact...

6CVSS1.8AI score0.03184EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/04/10 12:0 a.m.•64 views

jenkins -- multiple vulnerabilities

Jenkins Security Advisory: Description Medium SECURITY-1289 Jenkins accepted cached legacy CLI authentication Medium SECURITY-1327 XSS vulnerability in form validation button...

1.8AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2018/06/13 12:0 a.m.•64 views

libgcrypt -- side-channel attack vulnerability

GnuPG reports: Mitigate a local side-channel attack on ECDSA signature as described in the white paper "Return on the Hidden Number Problem"...

4.7CVSS1.1AI score0.00887EPSS
Exploits1References3
FreeBSD
FreeBSD
•added 2018/02/23 12:0 a.m.•64 views

tomcat -- Security constraints ignored or applied too late

The Apache Software Foundation reports: Security constraints defined by annotations of Servlets were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that point, it was possible - depending on the order...

7.1AI score
Exploits0References3
FreeBSD
FreeBSD
•added 2017/05/10 12:0 a.m.•64 views

OpenVPN -- two remote denial-of-service vulnerabilities

Samuli Seppänen reports: OpenVPN v2.4.0 was audited for security vulnerabilities independently by Quarkslabs funded by OSTIF and Cryptography Engineering funded by Private Internet Access between December 2016 and April 2017. The primary findings were two remote denial-of-service vulnerabilities...

7.5CVSS2.2AI score0.13892EPSS
Exploits2References4
FreeBSD
FreeBSD
•added 2015/07/02 12:0 a.m.•64 views

haproxy -- information leak vulnerability

HAProxy reports: A vulnerability was found when HTTP pipelining is used. In some cases, a client might be able to cause a buffer alignment issue and retrieve uninitialized memory contents that exhibit data from a past request or session. I want to address sincere congratulations to Charlie...

5CVSS6.5AI score0.04274EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2014/10/02 12:0 a.m.•64 views

rt42 -- vulnerabilities related to shellshock

Best Practical reports: RT 4.2.0 and above may be vulnerable to arbitrary execution of code by way of CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, or CVE-2014-6271 -- collectively known as "Shellshock." This vulnerability requires a privileged user with access to an RT instance...

8AI score
Exploits148References1
FreeBSD
FreeBSD
•added 2014/09/16 12:0 a.m.•64 views

FreeBSD -- Denial of Service in TCP packet processing

Problem Description: When a segment with the SYN flag for an already existing connection arrives, the TCP stack tears down the connection, bypassing a check that the sequence number in the segment is in the expected window. Impact: An attacker who has the ability to spoof IP traffic can tear down...

5CVSS9AI score0.80855EPSS
Exploits3
FreeBSD
FreeBSD
•added 2013/11/19 12:0 a.m.•64 views

nginx -- Request line parsing vulnerability

The nginx project reports: Ivan Fratric of the Google Security Team discovered a bug in nginx, which might allow an attacker to bypass security restrictions in certain configurations by using a specially crafted request, or might have potential other impact CVE-2013-4547...

7.5CVSS9.1AI score0.67718EPSS
Exploits15References1
FreeBSD
FreeBSD
•added 2013/02/27 12:0 a.m.•64 views

sudo -- Authentication bypass when clock is reset

Todd Miller reports: The flaw may allow someone with physical access to a machine that is not password-protected to run sudo commands without knowing the logged in user's password. On systems where sudo is the principal way of running commands as root, such as on Ubuntu and Mac OS X, there is a...

6.9CVSS7.8AI score0.03176EPSS
Exploits8References1
FreeBSD
FreeBSD
•added 2012/05/08 12:0 a.m.•64 views

php -- multiple vulnerabilities

The PHP Development Team reports: The release of PHP 5.4.13 and 5.4.3 complete a fix for the vulnerability in CGI-based setups as originally described in CVE-2012-1823. CVE-2012-2311 Note: modphp and php-fpm are not vulnerable to this attack. PHP 5.4.3 fixes a buffer overflow vulnerability in the...

9.8CVSS9.8AI score0.99998EPSS
Exploits48
FreeBSD
FreeBSD
•added 2010/12/10 12:0 a.m.•64 views

php -- NULL byte poisoning

PHP-specific version of NULL-byte poisoning was briefly described by ShAnKaR: Poison NULL byte vulnerability for perl CGI applications was described in 1. ShAnKaR noted, that same vulnerability also affects different PHP applications. PHP developers report that branch 5.3 received a fix: Paths wi...

5CVSS7.3AI score0.05363EPSS
Exploits2References2
FreeBSD
FreeBSD
•added 2010/06/22 12:0 a.m.•64 views

mozilla -- multiple vulnerabilities

Mozilla Project reports: MFSA 2010-33 User tracking across sites using Math.random MFSA 2010-32 Content-Disposition: attachment ignored if Content-Type: multipart also present MFSA 2010-31 focus behavior can be used to inject or steal keystrokes MFSA 2010-30 Integer Overflow in XSLT Node Sorting...

10CVSS10.1AI score0.11418EPSS
Exploits8References9
FreeBSD
FreeBSD
•added 1995/06/01 12:0 a.m.•64 views

TCP denial-of-service attacks against long lived connections

NISCC / UNIRAS has published an advisory that re-visits the long discussed spoofed TCP RST denial-of-service vulnerability. This new look emphasizes the fact that for some applications such attacks are practically feasible...

5CVSS2.7AI score0.80855EPSS
Exploits3References1
FreeBSD
FreeBSD
•added 2021/10/18 12:0 a.m.•63 views

mailman -- brute-force vuln on list admin password, and CSRF vuln in releases before 2.1.35

Mark Sapiro reports: A potential for for a list member to carry out an off-line brute force attack to obtain the list admin password has been reported by Andre Protas, Richard Cloke and Andy Nuttall of Apple. This is fixed. A CSRF attack via the user options page could allow takeover of a users...

4AI score
Exploits0References3
FreeBSD
FreeBSD
•added 2021/04/07 12:0 a.m.•63 views

jenkins -- multiple vulnerabilities

Jenkins Security Advisory: Description Low SECURITY-1721 / CVE-2021-21639 Lack of type validation in agent related REST API Medium SECURITY-1871 / CVE-2021-21640 View name validation bypass...

4.3CVSS2.5AI score0.02725EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2021/03/31 12:0 a.m.•63 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This update contains 8 security fixes, including: 1181228 High CVE-2021-21194: Use after free in screen capture. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-02-23 1182647 High CVE-2021-21195: Use after free in V8. Reported by Bohan Liu @P4nda20371774 and...

8.8CVSS0.4AI score0.01793EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/09/02 12:0 a.m.•63 views

Gitlab -- multiple vulnerabilities

Gitlab reports: Vendor Cross-Account Assume-Role Attack Stored XSS on the Vulnerability Page Outdated Job Token Can Be Reused to Access Unauthorized Resources File Disclosure Via Workhorse File Upload Bypass Unauthorized Maintainer Can Edit Group Badge Denial of Service Within Wiki Functionality...

10CVSS1.5AI score0.99019EPSS
Exploits7References1
FreeBSD
FreeBSD
•added 2020/03/30 12:0 a.m.•63 views

glpi -- Remote Code Execution (RCE) via the backup functionality

MITRE Corporation reports: In GLPI before 9.4.6, an attacker can execute system commands by abusing the backup functionality. Theoretically, this vulnerability can be exploited by an attacker without a valid account by using a CSRF. Due to the difficulty of the exploitation, the attack is only...

9CVSS3.9AI score0.10949EPSS
Exploits7References2
FreeBSD
FreeBSD
•added 2019/08/13 12:0 a.m.•63 views

h2o -- multiple HTTP/2 vulnerabilities

Jonathon Loomey of Netflix reports: HTTP/2 implementations do not robustly handle abnormal traffic and resource exhaustion Recently, a series of DoS attack vulnerabilities have been reported on a broad range of HTTP/2 stacks. Among the vulnerabilities, H2O is exposed to the following: CVE-2019-95...

7.8CVSS1.7AI score0.87806EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2019/01/29 12:0 a.m.•63 views

mozilla -- multiple vulnerabilities

Mozilla Foundation reports: CVE-2018-18500: Use-after-free parsing HTML5 stream CVE-2018-18503: Memory corruption with Audio Buffer CVE-2018-18504: Memory corruption and out-of-bounds read of texture client buffer CVE-2018-18505: Privilege escalation through IPC channel messages CVE-2018-18506:...

10CVSS2.2AI score0.12658EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2016/06/23 12:0 a.m.•63 views

php -- multiple vulnerabilities

The PHP Group reports: Please reference CVE/URL list for details...

9.8CVSS8.1AI score0.15484EPSS
Exploits11References3
FreeBSD
FreeBSD
•added 2015/12/14 12:0 a.m.•63 views

joomla -- multiple vulnerabilities

The JSST and the Joomla! Security Center report: 20151201 - Core - Remote Code Execution Vulnerability Browser information is not filtered properly while saving the session values into the database which leads to a Remote Code Execution vulnerability. 20151202 - Core - CSRF Hardening Add addition...

7.5CVSS8.2AI score0.98283EPSS
Exploits16References5
FreeBSD
FreeBSD
•added 2015/02/11 12:0 a.m.•64 views

elasticsearch -- remote OS command execution via Groovy scripting engine

Elastic reports: Vulnerability Summary: Elasticsearch versions 1.3.0-1.3.7 and 1.4.0-1.4.2 have vulnerabilities in the Groovy scripting engine that were introduced in 1.3.0. The vulnerability allows an attacker to construct Groovy scripts that escape the sandbox and execute shell commands as the...

9.8CVSS9.4AI score0.99906EPSS
Exploits19References5
FreeBSD
FreeBSD
•added 2015/01/08 12:0 a.m.•63 views

OpenSSL -- multiple vulnerabilities

OpenSSL project reports: DTLS segmentation fault in dtls1getrecord CVE-2014-3571 DTLS memory leak in dtls1bufferrecord CVE-2015-0206 no-ssl3 configuration sets method to NULL CVE-2014-3569 ECDHE silently downgrades to ECDH Client CVE-2014-3572 RSA silently downgrades to EXPORTRSA Client...

5CVSS6.7AI score0.98685EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2014/09/23 12:0 a.m.•63 views

Joomla! -- Core - Unauthorized Login vulnerability

The JSST and the Joomla! Security Center report: 20140902 - Core - Unauthorized Logins Inadequate checking allowed unauthorized logins via LDAP authentication...

7.5CVSS6.5AI score0.01716EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2012/08/27 12:0 a.m.•63 views

Java 1.7 -- security manager bypass

US-CERT reports: Oracle Java Runtime Environment JRE 1.7 contains a vulnerability that may allow an applet to call setSecurityManager in a way that allows setting of arbitrary permissions. By leveraging the public, privileged getField function, an untrusted Java applet can escalate its privileges...

10CVSS6.6AI score0.98536EPSS
Exploits10References3
FreeBSD
FreeBSD
•added 2012/03/28 12:0 a.m.•63 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 109574 Medium CVE-2011-3058: Bad interaction possibly leading to XSS in EUC-JP. Credit to Masato Kinugawa. 112317 Medium CVE-2011-3059: Out-of-bounds read in SVG text handling. Credit to Arthur Gerkis. 114056 Medium CVE-2011-3060: Out-of-bounds read in text fragmen...

7.5CVSS0.4AI score0.02187EPSS
Exploits5References1
FreeBSD
FreeBSD
•added 2011/10/05 12:0 a.m.•63 views

apache -- multiple vulnerabilities

CVE MITRE reports: An exposure was found when using modproxy in reverse proxy mode. In certain configurations using RewriteRule with proxy flag or ProxyPassMatch, a remote attacker could cause the reverse proxy to connect to an arbitrary server, possibly disclosing sensitive information from...

2.6CVSS9AI score0.30809EPSS
Exploits0
FreeBSD
FreeBSD
•added 2004/01/27 12:0 a.m.•63 views

gallery -- remote code injection via HTTP_POST_VARS

A web server running Gallery can be exploited for arbitrary PHP code execution through the use of a maliciously crafted URL...

5CVSS7.2AI score0.07353EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2022/06/27 12:0 a.m.•62 views

cURL -- Multiple vulnerabilities

The cURL project reports: CVE-2022-32205: Set-Cookie denial of service CVE-2022-32206: HTTP compression denial of service CVE-2022-32207: Unpreserved file permissions CVE-2022-32208: FTP-KRB bad message verification...

9.8CVSS1.1AI score0.3197EPSS
Exploits4References1
FreeBSD
FreeBSD
•added 2021/05/02 12:0 a.m.•62 views

RDoc -- command injection vulnerability

Alexandr Savca reports: RDoc used to call Kernelopen to open a local file. If a Ruby project has a file whose name starts with | and ends with tags, the command following the pipe character is executed. A malicious Ruby project could exploit it to run an arbitrary command execution against a user...

7CVSS2.2AI score0.0148EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/05/12 12:0 a.m.•62 views

typo3 -- multiple vulnerabilities

Typo3 News: CVE-2020-11063: TYPO3-CORE-SA-2020-001: Information Disclosure in Password Reset It has been discovered that time-based attacks can be used with the password reset functionality for backend users. This allows an attacker to verify whether a backend user account with a given email...

10CVSS6.5AI score0.0199EPSS
Exploits0References9
FreeBSD
FreeBSD
•added 2019/09/29 12:0 a.m.•62 views

samba -- multiple vulnerabilities

The samba project reports: Malicious servers can cause Samba client code to return filenames containing path separators to calling code. When the password contains multi-byte non-ASCII characters, the check password script does not receive the full password string. Users with the "get changes"...

6.5CVSS1.6AI score0.03515EPSS
Exploits1References3
FreeBSD
FreeBSD
•added 2018/06/12 12:0 a.m.•62 views

OpenSSL -- Client DoS due to large DH parameter

The OpenSSL project reports: During key agreement in a TLS handshake using a DHE based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until...

7.5CVSS0.9AI score0.49268EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/05/09 12:0 a.m.•62 views

mozilla -- multiple vulnerabilities

Mozilla Foundation reports: CVE-2018-5183: Backport critical security fixes in Skia CVE-2018-5154: Use-after-free with SVG animations and clip paths CVE-2018-5155: Use-after-free with SVG animations and text paths CVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF files...

10CVSS9AI score0.21288EPSS
Exploits6References2
FreeBSD
FreeBSD
•added 2011/08/18 12:0 a.m.•62 views

php -- multiple vulnerabilities

PHP development team reports: Security Enhancements and Fixes in PHP 5.3.7: Updated cryptblowfish to 1.2. CVE-2011-2483 Fixed crash in errorlog. Reported by Mateusz Kocielski Fixed buffer overflow on overlog salt in crypt. Fixed bug 54939 File path injection vulnerability in RFC1867 File upload...

7.5CVSS7.7AI score0.22724EPSS
Exploits15
FreeBSD
FreeBSD
•added 2010/02/09 12:0 a.m.•62 views

OpenSSL -- Remote Data Injection / DoS

Applications that use SSLMODERELEASEBUFFERS, such as nginx, are prone to a race condition which may allow a remote attacker to inject random data into other connections...

4CVSS7.9AI score0.34132EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2023/03/28 12:0 a.m.•61 views

OpenSSL -- Multiple vulnerabilities

The OpenSSL project reports: Severity: low Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. The function X509VERIFYPARAMadd0policy is documented to implicitly enable the certificate policy check...

5.3CVSS5.8AI score0.01583EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2022/06/01 12:0 a.m.•61 views

go -- multiple vulnerabilities

The Go project reports: crypto/rand: rand.Read hangs with extremely large buffers On Windows, rand.Read will hang indefinitely if passed a buffer larger than 1 32 - 1 bytes. crypto/tls: session tickets lack random ticketageadd Session tickets generated by crypto/tls did not contain a randomly...

7.5CVSS7AI score0.01647EPSS
Exploits2References5
Total number of security vulnerabilities5000