Lucene search
K
FreebsdMost viewed

6583 matches found

FreeBSD
FreeBSD
•added 2005/03/01 12:0 a.m.•24 views

xv -- filename handling format string vulnerability

A Gentoo Linux Security Advisory reports: Tavis Ormandy of the Gentoo Linux Security Audit Team identified a flaw in the handling of image filenames by xv. Successful exploitation would require a victim to process a specially crafted image with a malformed filename, potentially resulting in the...

5.1CVSS6.6AI score0.01926EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2005/01/20 12:0 a.m.•24 views

yamt -- buffer overflow and directory traversal issues

Stanislav Brabec discovered errors in yamt's path name handling that lead to buffer overflows and directory traversal issues. When processing a file with a maliciously crafted ID3 tag, yamt might overwrite arbitrary files or possibly execute arbitrary code. The SuSE package ChangeLog contains:...

7.5CVSS7.1AI score0.02081EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2004/12/21 12:0 a.m.•24 views

curl -- authentication buffer overflow vulnerability

Two iDEFENSE Security Advisories reports: An exploitable stack-based buffer overflow condition exists when using NT Lan Manager NTLM authentication. The problem specifically exists within Curlinputntlm defined in lib/httpntlm.c. Successful exploitation allows remote attackers to execute arbitrary...

8.8CVSS7.6AI score0.05732EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2004/12/15 12:0 a.m.•24 views

unrtf -- buffer overflow vulnerability

Yosef Klein and Limin Wang have found a buffer overflow vulnerability in unrtf that can allow an attacker to execute arbitrary code with the permissions of the user running unrtf, by running unrtf on a specially crafted rtf document...

10CVSS5.2AI score0.05954EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2004/12/01 12:0 a.m.•24 views

bugzilla -- cross-site scripting vulnerability

A Bugzilla advisory states: This advisory covers a single cross-site scripting issue that has recently been discovered and fixed in the Bugzilla code: If a malicious user links to a Bugzilla site using a specially crafted URL, a script in the error page generated by Bugzilla will display the URL...

4.3CVSS3.2AI score0.01034EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2004/10/12 12:0 a.m.•24 views

ecartis -- unauthorised access to admin interface

A Debian security advisory reports: A problem has been discovered in ecartis, a mailing-list manager, which allows an attacker in the same domain as the list admin to gain administrator privileges and alter list settings...

4.6CVSS6.6AI score0.00365EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2004/10/09 12:0 a.m.•24 views

bogofilter -- RFC 2047 decoder denial-of-service vulnerability

The bogofilter team has been provided with a test case of a malformatted non-conformant RFC-2047 encoded word that can cause bogofilter versions 0.92.7 and prior to try to write a NUL byte into a memory location that is either one byte past the end of a flex buffer or to a location that is the...

5CVSS6.5AI score0.01926EPSS
Exploits0References4
FreeBSD
FreeBSD
•added 2004/09/29 12:0 a.m.•24 views

squid -- SNMP module denial-of-service vulnerability

The Squid-2.5 patches page notes: If a certain malformed SNMP request is received squid restarts with a Segmentation Fault error. This only affects squid installations where SNMP is explicitly enabled via "make config". As a workaround, SNMP can be disabled by defining "snmpport 0" in squid.conf...

5CVSS6.4AI score0.1603EPSS
Exploits0References4
FreeBSD
FreeBSD
•added 2004/08/04 12:0 a.m.•24 views

gnomevfs -- unsafe URI handling

Alexander Larsson reports that some versions of gnome-vfs and MidnightCommander contain a number of extfs' scripts that do not properly validate user input. If an attacker can cause her victim to process a specially-crafted URI, arbitrary commands can be executed with the privileges of the victim...

7.5CVSS6.5AI score0.01625EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2004/07/06 12:0 a.m.•24 views

cyrus-sasl -- potential buffer overflow in DIGEST-MD5 plugin

The Cyrus SASL DIGEST-MD5 plugin contains a potential buffer overflow when quoting is required in the output...

3.5AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2004/04/15 12:0 a.m.•24 views

ident2 double byte buffer overflow

Jack of RaptureSecurity reported a double byte buffer overflow in ident2. The bug may allow a remote attacker to execute arbitrary code within the context of the ident2 daemon. The daemon typically runs as user-ID nobody', but with group-ID wheel'...

7.5CVSS7.5AI score0.03257EPSS
Exploits0
FreeBSD
FreeBSD
•added 2004/01/30 12:0 a.m.•24 views

mksnap_ffs clears file system options

The kernel interface for creating a snapshot of a filesystem is the same as that for changing the flags on that filesystem. Due to an oversight, the mksnapffs8 command called that interface with only the snapshot flag set, causing all other flags to be reset to the default value. A regularly...

4.6CVSS6.2AI score0.0033EPSS
Exploits0
FreeBSD
FreeBSD
•added 2026/06/08 12:0 a.m.•23 views

Apache httpd -- Multiple vulnerabilities

The Apache httpd project reports: See links for details...

9.8CVSS5.4AI score0.00805EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2025/04/01 12:0 a.m.•23 views

MongoDB -- crash due to improper validation of explain command

[email protected] reports: When run on commands with certain arguments set, explain may fail to validate these arguments before using them. This can lead to crashes in router servers. This affects MongoDB Server v5.0 prior to 5.0.31, MongoDB Server v6.0 prior to 6.0.20, MongoDB Server v7.0 prior to...

6.5CVSS6.8AI score0.00387EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2025/03/10 12:0 a.m.•23 views

chromium -- multiple security fixes

Chrome Releases reports: This update includes 5 security fixes: 398065918 High CVE-2025-1920: Type Confusion in V8. Reported by Excello s.r.o. on 2025-02-21 400052777 High CVE-2025-2135: Type Confusion in V8. Reported by Zhenghang Xiao @Kipreyyy on 2025-03-02 401059730 High CVE-TBD: Out of bounds...

8.8CVSS7.7AI score0.06387EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2024/11/22 12:0 a.m.•23 views

keycloak -- Multiple security fixes

Keycloak reports: This update includes 5 security fixes: CVE-2024-10451: Sensitive Data Exposure in Keycloak Build Process CVE-2024-10270: Potential Denial of Service CVE-2024-10492: Keycloak path trasversal CVE-2024-9666: Keycloak proxy header handling Denial-of-Service DoS vulnerability...

6.5CVSS7AI score0.01264EPSS
Exploits0
FreeBSD
FreeBSD
•added 2024/09/06 12:0 a.m.•23 views

firefox -- Potential memory corruption and exploitable crash

[email protected] reports: An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash...

7.5CVSS7AI score0.00656EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2024/09/04 12:0 a.m.•23 views

FreeBSD -- Multiple vulnerabilities in libnv

Problem Description: CVE-2024-45287 is a vulnerability that affects both the kernel and userland. A malicious value of size in a structure of packed libnv can cause an integer overflow, leading to the allocation of a smaller buffer than required for the parsed data. CVE-2024-45288 is a...

9.1CVSS7.2AI score0.00511EPSS
Exploits0
FreeBSD
FreeBSD
•added 2024/09/03 12:0 a.m.•23 views

firefox -- multiple vulnerabilities

[email protected] reports: This entry contains 8 vulnerabilities: CVE-2024-8381: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment. CVE-2024-8382: Internal browser event interfaces were exposed to web...

9.8CVSS7.6AI score0.04395EPSS
Exploits1References8
FreeBSD
FreeBSD
•added 2024/07/30 12:0 a.m.•23 views

chromium -- multiple security fixes

Chrome Releases reports: This update includes 3 security fixes: 353034820 Critical CVE-2024-6990: Uninitialized Use in Dawn. Reported by gelatin dessert on 2024-07-15 352872238 High CVE-2024-7255: Out of bounds read in WebTransport. Reported by Marten Richter on 2024-07-13 354748060 High...

8.8CVSS7.2AI score0.00865EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2024/07/11 12:0 a.m.•23 views

electron29 -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2024-6291. Security: backported fix for CVE-2024-6293. Security: backported fix for CVE-2024-6290. Security: backported fix for CVE-2024-6292...

8.8CVSS8.8AI score0.00546EPSS
Exploits4References4
FreeBSD
FreeBSD
•added 2024/07/01 12:0 a.m.•23 views

Django -- multiple vulnerabilities

Django reports: CVE-2024-38875: Potential denial-of-service in django.utils.html.urlize. CVE-2024-39329: Username enumeration through timing difference for users with unusable passwords. CVE-2024-39330: Potential directory-traversal in django.core.files.storage.Storage.save. CVE-2024-39614:...

7.5CVSS6.9AI score0.28637EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2024/04/02 12:0 a.m.•23 views

chromium -- multiple security fixes

Chrome Releases reports: This update includes 3 security fixes: 329130358 High CVE-2024-3156: Inappropriate implementation in V8. Reported by Zhenghang Xiao @Kipreyyy on 2024-03-12 329965696 High CVE-2024-3158: Use after free in Bookmarks. Reported by undoingfish on 2024-03-17 330760873 High...

8.8CVSS7.3AI score0.01599EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2024/03/07 12:0 a.m.•23 views

Unbound -- Denial-of-Service vulnerability

NLNet Labs reports: Unbound 1.18.0 introduced a feature that removes EDE records from responses with size higher than the client's advertised buffer size. Before removing all the EDE records however, it would try to see if trimming the extra text fields on those records would result in an...

7.5CVSS6.9AI score0.02516EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2024/02/01 12:0 a.m.•23 views

GLPI -- multiple vulnerabilities

GLPI team reports: GLPI 10.0.12 Changelog SECURITY - moderate Reflected XSS in reports pages CVE-2024-23645 SECURITY - moderate LDAP Injection during authentication CVE-2023-51446...

8.1CVSS7AI score0.00886EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/10/18 12:0 a.m.•23 views

Request Tracker -- multiple vulnerabilities

Request Tracker reports: CVE-2023-41259 SECURITY: RT is vulnerable to unvalidated email headers in incoming email and the mail-gateway REST interface. CVE-2023-41260 SECURITY: RT is vulnerable to information leakage via response messages returned from requests sent via the mail-gateway REST...

7.5CVSS6.7AI score0.00717EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/09/27 12:0 a.m.•23 views

File deletion through document upload process in GLPI

[email protected] reports: GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. The document upload process can be diverted to delete some files...

9.1CVSS7.3AI score0.01043EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/07/05 12:0 a.m.•23 views

GLPI vulnerable to reflected XSS in search pages

[email protected] reports: GLPI is a free asset and IT management software package. Starting in version 9.4.0 and prior to version 10.0.8, a malicious link can be crafted by an unauthenticated user that can exploit a reflected XSS in case any authenticated user opens the crafted link...

6.5CVSS7.2AI score0.00511EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/06/21 12:0 a.m.•23 views

FreeBSD -- Network authentication attack via pam_krb5

Problem Description: pamkrb5 authenticates the user by essentially running kinit1 with the password, getting a ticket-granting ticket' tgt from the Kerberos KDC Key Distribution Center over the network, as a way to verify the password. Normally, the system running the pamkrb5 module will also hav...

9.8CVSS7.3AI score0.01098EPSS
Exploits0
FreeBSD
FreeBSD
•added 2023/06/15 12:0 a.m.•23 views

libX11 -- Sub-object overflows

The X.Org project reports: Buffer overflows in InitExt.c in libX11 prior to 1.8.6 CVE-2023-3138 The functions in src/InitExt.c in libX11 prior to 1.8.6 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, usi...

7.5CVSS7AI score0.01656EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/06/14 12:0 a.m.•23 views

jenkins -- CSRF protection bypass vulnerability

Jenkins Security Advisory: Description High SECURITY-3135 / CVE-2023-35141 CSRF protection bypass vulnerability...

8CVSS7.1AI score0.0086EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/01/31 12:0 a.m.•23 views

Gitlab -- Multiple Vulnerabilities

Gitlab reports: Denial of Service via arbitrarily large Issue descriptions CSRF via file upload allows an attacker to take over a repository Sidekiq background job DoS by uploading malicious CI job artifact zips Sidekiq background job DoS by uploading a malicious Helm package...

6.5CVSS7.1AI score0.01247EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/01/25 12:0 a.m.•23 views

Grafana -- Stored XSS in geomap panel plugin via attribution

Grafana Labs reports: During an internal audit of Grafana on January 25, a member of the security team found a stored XSS vulnerability affecting the core geomap plugin. The stored XSS vulnerability was possible because map attributions weren’t properly sanitized, allowing arbitrary JavaScript to...

7.3CVSS5.4AI score0.1546EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2022/08/15 12:0 a.m.•23 views

dendrite -- Incorrect parsing of the event default power level in event auth

Dendrite team reports: The power level parsing within gomatrixserverlib was failing to parse the "eventsdefault" key of the m.room.powerlevels event, defaulting the event default power level to zero in all cases. In rooms where the "eventsdefault" power level had been changed, this could result i...

8.8CVSS3.2AI score0.0065EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2022/08/09 12:0 a.m.•23 views

FreeBSD -- Memory disclosure by stale virtual memory mapping

Problem Description: A particular case of memory sharing is mishandled in the virtual memory system. This is very similar to SA-21:08.vm, but with a different root cause. Impact: An unprivileged local user process can maintain a mapping of a page after it is freed, allowing that process to read...

4CVSS2.8AI score0.00174EPSS
Exploits0
FreeBSD
FreeBSD
•added 2022/04/28 12:0 a.m.•23 views

py-httpx -- input validation vulnerability

lebr0nli reports: Encode OSS httpx =1.0.0.beta0 is affected by improper input validation in httpx.URL, httpx.Client and some functions using httpx.URL.copywith...

9.1CVSS7.3AI score0.02026EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2021/04/06 12:0 a.m.•23 views

syncthing -- crash due to malformed relay protocol message

syncthing developers report: syncthing can be caused to crash and exit if sent a malformed relay protocol message message with a negative length field. The relay server strelaysrv can be caused to crash and exit if sent a malformed relay protocol message with a negative length field...

7.5CVSS3AI score0.0197EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2021/02/11 12:0 a.m.•23 views

asterisk -- An unsuspecting user could crash Asterisk with multiple hold/unhold requests

The Asterisk project reports: Due to a signedness comparison mismatch, an authenticated WebRTC client could cause a stack overflow and Asterisk crash by sending multiple hold/unhold requests in quick succession...

9.8CVSS2AI score0.02516EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/11/02 12:0 a.m.•23 views

darkhttpd -- DOS vulnerability

Mitre reports: flaw was found in darkhttpd. Invalid error handling allows remote attackers to cause denial-of-service by accessing a file with a large modification date. The highest threat from this vulnerability is to system availability...

7.5CVSS3.8AI score0.01265EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/08/31 12:0 a.m.•23 views

py-Flask-Cors -- directory traversal vulnerability

praetorian-colby-morgan reports: An issue was discovered in Flask-CORS aka CORS Middleware for Flask before 3.0.9. It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format...

7.5CVSS7AI score0.04017EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2020/06/25 12:0 a.m.•23 views

glpi -- SQL injection for all usages of "Clone" feature

MITRE Corporation reports: In glpi before 9.5.1, there is a SQL injection for all usages of "Clone" feature. This has been fixed in 9.5.1...

7.1CVSS1.7AI score0.01233EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2020/05/24 12:0 a.m.•23 views

sympa - Security flaws in setuid wrappers

A vulnerability has been discovered in Sympa web interface by which attacker can execute arbitrary code with root privileges. Sympa uses two sorts of setuid wrappers: FastCGI wrappers newaliases wrapper The FastCGI wrappers wwsympa-wrapper.fcgi and sympasoapserver-wrapper.fcgi were used to make t...

4.6AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2020/03/30 12:0 a.m.•23 views

glpi -- Reflexive XSS in Dropdown menus

MITRE Corporation reports: In GLPI after 0.68.1 and before 9.4.6, multiple reflexive XSS occur in Dropdown endpoints due to an invalid Content-Type. This has been fixed in version 9.4.6...

6CVSS4AI score0.00543EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2020/02/24 12:0 a.m.•23 views

sympa -- Denial of service caused by malformed CSRF token

Javier Moreno discovered a vulnerability in Sympa web interface that can cause denial of service DoS attack. By submitting requests with malformed parameters, this flaw allows to create junk files in Sympa's directory for temporary files. And particularly by tampering token to prevent CSRF, it...

7.5CVSS5.4AI score0.02843EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2020/01/15 12:0 a.m.•23 views

x11/cde -- Local privilege escalation via CDE dtsession

Marco Ivaldi marco.ivaldi mediaservice net reports: A buffer overflow in the CheckMonitor function in the Common Desktop Environment 2.3.1 and earlier and 1.6 and earlier, as distributed with Oracle Solaris 10 1/13 Update 11 and earlier, allows local users to gain root privileges via a long palet...

8.8CVSS5.8AI score0.00643EPSS
Exploits7References1
FreeBSD
FreeBSD
•added 2019/09/06 12:0 a.m.•23 views

Mbed TLS -- Side channel attack on deterministic ECDSA

Janos Follath reports: Mbed TLS does not have a constant-time/constant-trace arithmetic library and uses blinding to protect against side channel attacks. In the ECDSA signature routine previous Mbed TLS versions used the same RNG object for generating the ephemeral key pair and for generating th...

1.7AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2019/08/06 12:0 a.m.•23 views

FreeBSD -- Insufficient message length validation in bsnmp library

Problem Description: A function extracting the length from type-length-value encoding is not properly validating the submitted length. Impact: A remote user could cause, for example, an out-of-bounds read, decoding of unrelated data, or trigger a crash of the software such as bsnmpd resulting in ...

7.5CVSS2.2AI score0.03806EPSS
Exploits0
FreeBSD
FreeBSD
•added 2019/07/24 12:0 a.m.•23 views

FreeBSD -- Kernel memory disclosure in freebsd32_ioctl

Problem Description: Due to insufficient initialization of memory copied to userland in the components listed above small amounts of kernel memory may be disclosed to userland processes. Impact: A user who can invoke 32-bit FreeBSD ioctls may be able to read the contents of small portions of kern...

6.8CVSS0.6AI score0.02327EPSS
Exploits0
FreeBSD
FreeBSD
•added 2019/07/19 12:0 a.m.•23 views

pango -- buffer overflow

Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pangolog2visgetembeddinglevels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when...

9.8CVSS4.3AI score0.06274EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2019/05/20 12:0 a.m.•23 views

vlc -- Double free in Matroska demuxer

The VLC project reports: mkv: Fix potential double free...

9.8CVSS2.7AI score0.02392EPSS
Exploits0References2
Total number of security vulnerabilities5000