Lucene search
K
FreebsdMost viewed

6583 matches found

FreeBSD
FreeBSD
added 2010/01/06 12:0 a.m.21 views

FreeBSD -- ZFS ZIL playback with insecure permissions

Problem Description: When replaying setattr transaction, the replay code would set the attributes with certain insecure defaults, when the logged transaction did not touch these attributes...

1.7AI score
Exploits0
FreeBSD
FreeBSD
added 2010/01/06 12:0 a.m.21 views

powerdns-recursor -- multiple vulnerabilities

PowerDNS Security Advisory reports: PowerDNS Recursor up to and including 3.1.7.1 can be brought down and probably exploited. PowerDNS Recursor up to and including 3.1.7.1 can be spoofed into accepting bogus data...

6.5AI score
Exploits0
FreeBSD
FreeBSD
added 2009/12/03 12:0 a.m.21 views

FreeBSD -- SSL protocol flaw

Problem Description: The SSL version 3 and TLS protocols support session renegotiation without cryptographically tying the new session parameters to the old parameters...

2.7AI score
Exploits0
FreeBSD
FreeBSD
added 2009/10/30 12:0 a.m.21 views

KDE -- multiple vulnerabilities

oCERT reports: Ark input sanitization errors: The KDE archiving tool, Ark, performs insufficient validation which leads to specially crafted archive files, using unknown MIME types, to be rendered using a KHTML instance, this can trigger uncontrolled XMLHTTPRequests to remote sites. IO Slaves inp...

0.3AI score
Exploits0References1
FreeBSD
FreeBSD
added 2009/09/01 12:0 a.m.21 views

opera -- multiple vulnerabilities

Opera Team Reports: Issue where sites using revoked intermediate certificates might be shown as secure Issue where the collapsed address bar didn't show the current domain Issue where pages could trick users into uploading files Some IDNA characters not correctly displaying in the address bar Iss...

2.4AI score
Exploits0References5
FreeBSD
FreeBSD
added 2009/05/22 12:0 a.m.21 views

tiff -- Multiple integer overflows

Tielei Wang: Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large 1 width and 2 height values, which triggers a heap-based buffer overflow in the a...

9.3CVSS7.8AI score0.04152EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2008/12/08 12:0 a.m.21 views

phppgadmin -- directory traversal with register_globals enabled

Secunia reports: Dun has discovered a vulnerability in phpPgAdmin, which can be exploited by malicious people to disclose sensitive information. Input passed via the "language" parameter to libraries/lib.inc.php is not properly sanitised before being used to include files. This can be exploited t...

4.3CVSS6.2AI score0.12865EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2008/11/05 12:0 a.m.21 views

streamripper -- multiple buffer overflows

Secunia reports: A boundary error exists within httpparsescheader in lib/http.c when parsing an overly long HTTP header starting with "Zwitterion v". A boundary error exists within httpgetpls in lib/http.c when parsing a specially crafted pls playlist containing an overly long entry. A boundary...

9.3CVSS6.4AI score0.06477EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2008/10/30 12:0 a.m.21 views

phpmyadmin -- Cross-Site Scripting Vulnerability

SecurityFocus reports: phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This ma...

3.4AI score
Exploits0References1
FreeBSD
FreeBSD
added 2008/04/21 12:0 a.m.21 views

mt-daapd -- integer overflow

FrSIRT reports: A vulnerability has been identified in mt-daapd which could be exploited by remote attackers to cause a denial of service or compromise an affected system. This issue is caused by a buffer overflow error in the wsgetpostvars function when processing a negative Content-Length: head...

7.5CVSS6.9AI score0.03723EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2008/03/30 12:0 a.m.21 views

suphp -- multiple local privilege escalation vulnerabilities

Multiple local privilege escalation are found in the symlink verification code. An attacker may use it to run a PHP script with the victim's privilege. This attack is a little harder when suphp operates in paranoid mode. For suphp that runs in owner mode which is the default in ports, immediate...

4.3CVSS6.5AI score0.00328EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2007/07/24 12:0 a.m.21 views

fsplib -- multiple vulnerabilities

A Secunia Advisory reports: fsplib can be exploited to compromise an application using the library. A boundary error exists in the processing of file names in fspreaddirnative, which can be exploited to cause a stack-based buffer overflow if the defined MAXNAMLEN is bigger than 256. A boundary...

7.5CVSS6.7AI score0.05169EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2007/01/14 12:0 a.m.21 views

lighttpd -- DOS when access files with mtime 0

Lighttpd SA: Lighttpd caches the rendered string for mtime. The cache key has as a default value 0. At that point the pointer to the string are still NULL. If a file with an mtime of 0 is requested it tries to access the pointer and crashes. The bug requires that a malicious user can either uploa...

7.8CVSS6.5AI score0.02716EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2006/10/19 12:0 a.m.21 views

plone -- unprotected MembershipTool methods

The Plone Team reports: Plone 2.0.5, 2.1.2, and 2.5-beta1 does not restrict access to the: changeMemberPortrait deletePersonalPortrait testCurrentPassword methods, which allows remote attackers to modify portraits...

5CVSS6.5AI score0.03891EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2006/10/10 12:0 a.m.21 views

google-earth -- heap overflow in the KML engine

JAAScois reports: While processing KML/KMZ data Google Earth fails to verify its size prior to copying it into a fixed-sized buffer. This can be exploited as a buffer-overflow vulnerability to cause the application to crash and/or to execute arbitrary code...

2.1AI score
Exploits0References1
FreeBSD
FreeBSD
added 2006/09/29 12:0 a.m.21 views

postnuke -- admin section SQL injection

ISS X-Force reports: PostNuke is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the admin section using the hits parameter, which could allow the attacker to view, add, modify or delete information in the back-end database...

7.5CVSS7.1AI score0.01351EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2006/09/25 12:0 a.m.21 views

eyeOS -- multiple XSS security bugs

eyeOS team reports: EyeOS 0.9.1 release fixes two XSS security bugs, so we recommend all users to upgrade to this new version in order to have the best security. These two bugs were discovered by Jose Carlos Norte, who is a new eyeOS developer...

4.3CVSS6AI score0.01272EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2006/06/10 12:0 a.m.21 views

horde -- multiple parameter cross site scripting vulnerabilities

FrSIRT advisory ADV-2006-2356 reports: Multiple vulnerabilities have been identified in Horde Application Framework, which may be exploited by attackers to execute arbitrary scripting code. These flaws are due to input validation errors in the "test.php" and "templates/problem/problem.inc" script...

6.8CVSS7.2AI score0.02197EPSS
Exploits1References3
FreeBSD
FreeBSD
added 2006/05/30 12:0 a.m.21 views

WebCalendar -- information disclosure vulnerability

Secunia reports: socsam has discovered a vulnerability in WebCalendar, which can be exploited by malicious people to bypass certain security restrictions and disclose sensitive information. Input passed to the "includedir" parameter isn't properly verified, before it is used in an "fopen" call...

6.4CVSS6.4AI score0.02169EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2005/12/21 12:0 a.m.21 views

nbd-server -- buffer overflow vulnerability

Kurt Fitzner reports a buffer overflow vulnerability within nbd. This could potentially allow the execution of arbitrary code on the nbd server...

7.5CVSS7.3AI score0.05988EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2005/12/21 12:0 a.m.21 views

scponly -- local privilege escalation exploits

Max Vozeler reports: If ALL the following conditions are true, administrators using scponly-4.1 or older may be at risk of a local privilege escalation exploit: the chrooted setuid scponlyc binary is installed regular non-scponly users have interactive shell access to the box a user executable...

2AI score
Exploits0References2
FreeBSD
FreeBSD
added 2005/11/30 12:0 a.m.21 views

ffmpeg -- libavcodec buffer overflow vulnerability

Secunia reports: Simon Kilvington has reported a vulnerability in FFmpeg libavcodec, which can be exploited by malicious people to cause a DoS Denial of Service and potentially to compromise a user's system. The vulnerability is caused due to a boundary error in the "avcodecdefaultgetbuffer"...

4.4AI score
Exploits0References2
FreeBSD
FreeBSD
added 2005/09/07 12:0 a.m.21 views

cvsbug -- race condition

Problem description A temporary file is created, used, deleted, and then re-created with the same name. This creates a window during which an attacker could replace the file with a link to another file. While cvsbug1 is based on the send-pr1 utility, this problem does not exist in the version of...

4.6CVSS6AI score0.00443EPSS
Exploits0
FreeBSD
FreeBSD
added 2005/08/02 12:0 a.m.21 views

squid -- Possible Denial Of Service Vulnerability in store.c

The squid patches page notes: Squid crashes with the above assertion failure assertion failed: store.c:523: "e-storestatus == STOREPENDING" in certain conditions involving aborted requests...

5CVSS5.8AI score0.03146EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2005/07/25 12:0 a.m.21 views

vim -- vulnerabilities in modeline handling: glob, expand

Georgi Guninski discovered a way to construct Vim modelines that execute arbitrary shell commands. The vulnerability can be exploited by including shell commands in modelines that call the glob or expand functions. An attacker could trick an user to read or edit a trojaned file with modelines...

9.3CVSS7AI score0.02726EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2005/04/16 12:0 a.m.21 views

axel -- remote buffer overflow

A Debian Security Advisory reports: Ulf Härnhammar from the Debian Security Audit Project discovered a buffer overflow in axel, a light download accelerator. When reading remote input the program did not check if a part of the input can overflow a buffer and maybe trigger the execution of arbitra...

7.5CVSS7.2AI score0.03442EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2005/01/27 12:0 a.m.21 views

f2c -- insecure temporary files

Javier Fernández-Sanguino Peña reports two temporary file vulnerability within f2c. The vulnerabilities are caused due to weak temporary file handling. An attacker could create an symbolic link, causing a local user running f2c to overwrite the symlinked file. This could give the attacker elevate...

2.1CVSS6.2AI score0.00352EPSS
Exploits0
FreeBSD
FreeBSD
added 2004/12/15 12:0 a.m.21 views

tnftp -- mget does not check for directory escapes

When downloading a batch of files from an FTP server the mget command does not check for directory escapes. A specially crafted file on the FTP server could then potentially overwrite an existing file of the user...

5CVSS1.9AI score0.00999EPSS
Exploits1References4
FreeBSD
FreeBSD
added 2004/12/12 12:0 a.m.21 views

fd_set -- bitmap index overflow in multiple applications

3APA3A reports: If programmer fails to check socket number before using select or fdset macros, it's possible to overwrite memory behind fdset structure. Very few select based application actually check FDSETSIZE value. ... Depending on vulnerable application it's possible to overwrite portions o...

3AI score
Exploits0References3
FreeBSD
FreeBSD
added 2004/11/17 12:0 a.m.21 views

up-imapproxy -- multiple vulnerabilities

Timo Sirainen reports: There are various bugs in up-imapproxy which can crash it. Since up-imapproxy runs in a single process with each connection handled in a separate thread, any crash kills all the connections and stops listening for new ones. In 64bit systems it might be possible to make it...

6.4CVSS6.4AI score0.02068EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2004/08/23 12:0 a.m.21 views

nss -- exploitable buffer overflow in SSLv2 protocol handler

ISS X-Force reports that a remotely exploitable buffer overflow exists in the Netscape Security Services NSS library's implementation of SSLv2. From their advisory: The NSS library contains a flaw in SSLv2 record parsing that may lead to remote compromise. When parsing the first record in an SSLv...

3.5AI score
Exploits0References3
FreeBSD
FreeBSD
added 2004/08/16 12:0 a.m.21 views

cacti -- SQL injection

Fernando Quintero reports that Cacti 0.8.5a suffers from a SQL injection attack where an attacker can change the password for any Cacti user. This attack is not possible if the PHP option magicquotesgpc is set to On, which is the default for PHP in FreeBSD...

3.2AI score
Exploits0References1
FreeBSD
FreeBSD
added 2000/09/29 12:0 a.m.21 views

pine remotely exploitable buffer overflow in newmail.c

Kris Kennaway reports a remotely exploitable buffer overflow in newmail.c. Mike Silbersack submitted the fix...

4.7AI score
Exploits0References1
FreeBSD
FreeBSD
added 1999/07/21 12:0 a.m.21 views

GNU finger vulnerability

GNU security announcement: GNU Finger unfortunately has not been updated in many years, and has known security vulnerabilities. Please do not use it in production environments...

7.2CVSS6.5AI score0.00464EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2026/05/24 12:0 a.m.20 views

jellyfin -- multiple vulnerabilities

The Jellyfin project reports: Jellyfin Server 10.11.10 fixes three security vulnerabilities: GHSA-f47c-m7gr-q92j: details pending disclosure GHSA-jg92-mrxq-vv75: details pending disclosure GHSA-wwwm-px48-fpvq: details pending disclosure...

5.8AI score
Exploits0References4
FreeBSD
FreeBSD
added 2026/05/22 12:0 a.m.20 views

putty -- multiple security vulnerabilities

Simon Tatham reports: These features are new in PuTTY 0.84: Security issue: fixed a remotely triggerable double-free in RSA key exchange. We don't know of any way it is exploitable to execute code. Minor security issue: fixed a remotely triggerable crash in NIST ECDSA signature verification. An...

5.9AI score
Exploits0References2
FreeBSD
FreeBSD
added 2026/04/06 12:0 a.m.20 views

python -- more webbrowser.open() command injection vulnerabilities

Seth Larson reports: CVE-2026-4786 Incomplete mitigation of CVE-2026-4519, %action expansion for command injection to webbrowser.open There is a HIGH severity vulnerability affecting CPython. Mitgation of CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation could be bypasse...

7.1CVSS5.8AI score0.00308EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2025/07/22 12:0 a.m.20 views

Mozilla -- Incorrect computation of branch address

[email protected] reports: On arm64, a WASM brtable instruction with a lot of entries could lead to the label being too far from the instruction causing truncation and incorrect computation of the branch address...

9.8CVSS6.6AI score0.00472EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2025/04/29 12:0 a.m.20 views

Mozilla -- javascript content execution

[email protected] reports: A process isolation vulnerability in Thunderbird stemmed from improper handling of javascript: URIs, which could allow content to execute in the top-level document's process instead of the intended frame, potentially enabling a sandbox escape...

9.1CVSS9.4AI score0.00376EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2025/03/05 12:0 a.m.20 views

Jinja2 -- Sandbox breakout through attr filter selecting format method

[email protected] reports: Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the...

8.8CVSS8AI score0.00476EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2025/01/23 12:0 a.m.20 views

electron32 -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2024-12693. Security: backported fix for CVE-2024-12694. Security: backported fix for CVE-2024-12695. Security: backported fix for CVE-2025-0434. Security: backported fix for CVE-2025-043...

8.8CVSS8.9AI score0.05945EPSS
Exploits3References6
FreeBSD
FreeBSD
added 2025/01/14 12:0 a.m.20 views

chromium -- multiple security fixes

Chrome Releases reports: This update includes 16 security fixes: 374627491 High CVE-2025-0434: Out of bounds memory access in V8. Reported by ddme on 2024-10-21 379652406 High CVE-2025-0435: Inappropriate implementation in Navigation. Reported by Alesandro Ortiz on 2024-11-18 382786791 High...

8.8CVSS9.3AI score0.05945EPSS
Exploits11References1
FreeBSD
FreeBSD
added 2024/12/03 12:0 a.m.20 views

gstreamer1-plugins-gdkpixbuf -- NULL-pointer dereference

The GStreamer Security Center reports: A NULL-pointer dereference in the gdk-pixbuf decoder that can cause crashes for certain input files...

9.8CVSS7AI score0.00901EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2024/11/27 12:0 a.m.20 views

Emacs -- Shell injection vulnerability

Problem Description: An Emacs user who chooses to invoke elisp-completion-at-point for code completion on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. This unsafe expansion also occurs if a user chooses to enable...

7.8CVSS8AI score0.00526EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2024/09/04 12:0 a.m.20 views

FreeBSD -- bhyve(8) privileged guest escape via TPM device passthrough

Problem Description: bhyve can be configured to provide access to the host's TPM device, where it passes the communication through an emulated device provided to the guest. This may be performed on the command-line by starting bhyve with the -l tpm,passthru,/dev/tpmX parameters. The MMIO handler...

8.4CVSS7.5AI score0.00244EPSS
Exploits0
FreeBSD
FreeBSD
added 2024/09/03 12:0 a.m.20 views

forgejo -- multiple vulnerabilities

Problem Description: Replace v-html with v-text in search inputbox Upgrade webpack to v5.94.0 as a precaution to mitigate CVE-2024-43788, although we were not yet able to confirm that this can be exploited in Forgejo...

6.4CVSS6.8AI score0.00904EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2024/08/19 12:0 a.m.20 views

frr - BGP

[email protected] reports: An issue was discovered in FRRouting FRR. bgpattrencap in bgpd/bgpattr.c does not check the actual remaining stream length before taking the TLV value...

9.8CVSS6.8AI score0.00641EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2024/01/16 12:0 a.m.20 views

sqlite -- use-after-free bug in jsonparseaddnodearray

[email protected] reports: A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading t...

5.5CVSS6.8AI score0.00343EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2023/11/10 12:0 a.m.20 views

Grafana -- Email verification is not required after email change

Grafana Labs reports: The vulnerability impacts instances where Grafana basic authentication is enabled. Grafana has a verifyemailenabled configuration option. When this option is enabled, users are required to confirm their email addresses before the sign-up process is complete. However, the ema...

5.4CVSS7.1AI score0.01385EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2023/10/31 12:0 a.m.20 views

phpmyfaq -- multiple vulnerabilities

phpmyfaq developers report: XSS Insufficient session expiration...

9.8CVSS6.9AI score0.01105EPSS
Exploits2References4
Total number of security vulnerabilities5000