Lucene search
K
FreebsdMost viewed

6587 matches found

FreeBSD
FreeBSD
•added 2005/12/21 12:0 a.m.•21 views

scponly -- local privilege escalation exploits

Max Vozeler reports: If ALL the following conditions are true, administrators using scponly-4.1 or older may be at risk of a local privilege escalation exploit: the chrooted setuid scponlyc binary is installed regular non-scponly users have interactive shell access to the box a user executable...

2AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2005/12/21 12:0 a.m.•21 views

nbd-server -- buffer overflow vulnerability

Kurt Fitzner reports a buffer overflow vulnerability within nbd. This could potentially allow the execution of arbitrary code on the nbd server...

7.5CVSS7.3AI score0.05988EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2005/09/07 12:0 a.m.•21 views

cvsbug -- race condition

Problem description A temporary file is created, used, deleted, and then re-created with the same name. This creates a window during which an attacker could replace the file with a link to another file. While cvsbug1 is based on the send-pr1 utility, this problem does not exist in the version of...

4.6CVSS6AI score0.00443EPSS
Exploits0
FreeBSD
FreeBSD
•added 2005/09/02 12:0 a.m.•21 views

urban -- stack overflow vulnerabilities

Several filename-related stack overflow bugs allow a local attacker to elevate its privileges to the games group, since urban is installed setgid games. Issue discovered and fixed by...

2.1CVSS5.9AI score0.00287EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2005/07/25 12:0 a.m.•21 views

vim -- vulnerabilities in modeline handling: glob, expand

Georgi Guninski discovered a way to construct Vim modelines that execute arbitrary shell commands. The vulnerability can be exploited by including shell commands in modelines that call the glob or expand functions. An attacker could trick an user to read or edit a trojaned file with modelines...

9.3CVSS7AI score0.02726EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2005/07/21 12:0 a.m.•21 views

fetchmail -- denial of service/crash from malicious POP3 server

In fetchmail 6.2.5.1, the remote code injection via POP3 UIDL was fixed, but a denial of service attack was introduced: Two possible NULL-pointer dereferences allow a malicious POP3 server to crash fetchmail by respondig with UID lines containing only the article number but no UID in violation of...

3AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2005/04/16 12:0 a.m.•21 views

axel -- remote buffer overflow

A Debian Security Advisory reports: Ulf Härnhammar from the Debian Security Audit Project discovered a buffer overflow in axel, a light download accelerator. When reading remote input the program did not check if a part of the input can overflow a buffer and maybe trigger the execution of arbitra...

7.5CVSS7.2AI score0.03442EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2005/01/27 12:0 a.m.•21 views

f2c -- insecure temporary files

Javier Fernández-Sanguino Peña reports two temporary file vulnerability within f2c. The vulnerabilities are caused due to weak temporary file handling. An attacker could create an symbolic link, causing a local user running f2c to overwrite the symlinked file. This could give the attacker elevate...

2.1CVSS6.2AI score0.00352EPSS
Exploits0
FreeBSD
FreeBSD
•added 2004/12/15 12:0 a.m.•21 views

tnftp -- mget does not check for directory escapes

When downloading a batch of files from an FTP server the mget command does not check for directory escapes. A specially crafted file on the FTP server could then potentially overwrite an existing file of the user...

5CVSS1.9AI score0.00999EPSS
Exploits1References4
FreeBSD
FreeBSD
•added 2004/12/12 12:0 a.m.•21 views

fd_set -- bitmap index overflow in multiple applications

3APA3A reports: If programmer fails to check socket number before using select or fdset macros, it's possible to overwrite memory behind fdset structure. Very few select based application actually check FDSETSIZE value. ... Depending on vulnerable application it's possible to overwrite portions o...

3AI score
Exploits0References3
FreeBSD
FreeBSD
•added 2004/11/17 12:0 a.m.•21 views

up-imapproxy -- multiple vulnerabilities

Timo Sirainen reports: There are various bugs in up-imapproxy which can crash it. Since up-imapproxy runs in a single process with each connection handled in a separate thread, any crash kills all the connections and stops listening for new ones. In 64bit systems it might be possible to make it...

6.4CVSS6.4AI score0.02068EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2004/08/23 12:0 a.m.•21 views

nss -- exploitable buffer overflow in SSLv2 protocol handler

ISS X-Force reports that a remotely exploitable buffer overflow exists in the Netscape Security Services NSS library's implementation of SSLv2. From their advisory: The NSS library contains a flaw in SSLv2 record parsing that may lead to remote compromise. When parsing the first record in an SSLv...

3.5AI score
Exploits0References3
FreeBSD
FreeBSD
•added 2004/08/16 12:0 a.m.•21 views

cacti -- SQL injection

Fernando Quintero reports that Cacti 0.8.5a suffers from a SQL injection attack where an attacker can change the password for any Cacti user. This attack is not possible if the PHP option magicquotesgpc is set to On, which is the default for PHP in FreeBSD...

3.2AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2003/10/25 12:0 a.m.•21 views

Buffer overflows in libmcrypt

libmcrypt does incomplete input validation, leading to several buffer overflows. Additionally, a memory leak is present. Both of these problems may be exploited in a denial-of-service attack...

7.5CVSS6.6AI score0.01726EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2003/04/08 12:0 a.m.•21 views

seti@home remotely exploitable buffer overflow

The seti@home client contains a buffer overflow in the HTTP response handler. A malicious, spoofed seti@home server can exploit this buffer overflow to cause remote code execution on the client. Exploit programs are widely available...

1.7AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2002/11/06 12:0 a.m.•21 views

leafnode denial-of-service triggered by article request

The leafnode NNTP server may go into an unterminated loop with 100% CPU use when an article is requested by Message-ID that has been crossposted to several news groups when one of the group names is the prefix of another group name that the article was cross-posted to. Found by Jan Knutar...

5CVSS6.5AI score0.02333EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2000/09/29 12:0 a.m.•21 views

pine remotely exploitable buffer overflow in newmail.c

Kris Kennaway reports a remotely exploitable buffer overflow in newmail.c. Mike Silbersack submitted the fix...

4.7AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2026/04/21 12:0 a.m.•20 views

MySQL -- Multiple vulnerabilities

Oracle reports: See linked CVE's for details...

9.8CVSS7AI score0.47621EPSS
Exploits7References1
FreeBSD
FreeBSD
•added 2025/03/05 12:0 a.m.•20 views

Jinja2 -- Sandbox breakout through attr filter selecting format method

[email protected] reports: Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the...

8.8CVSS8AI score0.00476EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2025/01/14 12:0 a.m.•20 views

chromium -- multiple security fixes

Chrome Releases reports: This update includes 16 security fixes: 374627491 High CVE-2025-0434: Out of bounds memory access in V8. Reported by ddme on 2024-10-21 379652406 High CVE-2025-0435: Inappropriate implementation in Navigation. Reported by Alesandro Ortiz on 2024-11-18 382786791 High...

8.8CVSS9.3AI score0.05945EPSS
Exploits11References1
FreeBSD
FreeBSD
•added 2024/11/27 12:0 a.m.•20 views

Emacs -- Shell injection vulnerability

Problem Description: An Emacs user who chooses to invoke elisp-completion-at-point for code completion on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. This unsafe expansion also occurs if a user chooses to enable...

7.8CVSS8AI score0.00526EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2024/11/12 12:0 a.m.•20 views

chromium -- multiple security fixes

Chrome Releases reports: This update includes 12 security fixes: 373263969 High CVE-2024-11110: Inappropriate implementation in Blink. Reported by Vsevolod Kokorin Slonser of Solidlab on 2024-10-14 360520331 Medium CVE-2024-11111: Inappropriate implementation in Autofill. Reported by Narendra...

8.8CVSS9.3AI score0.00362EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2024/10/23 12:0 a.m.•20 views

electron32 -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2024-7966. Security: backported fix for CVE-2024-9370...

8.8CVSS9.1AI score0.00635EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2024/10/03 12:0 a.m.•20 views

Unbound -- Denial of service attack

NLnet labs report: A vulnerability has been discovered in Unbound when handling replies with very large RRsets that Unbound needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression to...

5.3CVSS6.8AI score0.00801EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2024/09/04 12:0 a.m.•20 views

FreeBSD -- bhyve(8) privileged guest escape via TPM device passthrough

Problem Description: bhyve can be configured to provide access to the host's TPM device, where it passes the communication through an emulated device provided to the guest. This may be performed on the command-line by starting bhyve with the -l tpm,passthru,/dev/tpmX parameters. The MMIO handler...

8.4CVSS7.5AI score0.00244EPSS
Exploits0
FreeBSD
FreeBSD
•added 2024/08/19 12:0 a.m.•20 views

frr - BGP

[email protected] reports: An issue was discovered in FRRouting FRR. bgpattrencap in bgpd/bgpattr.c does not check the actual remaining stream length before taking the TLV value...

9.8CVSS6.8AI score0.00641EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2024/01/16 12:0 a.m.•20 views

sqlite -- use-after-free bug in jsonparseaddnodearray

[email protected] reports: A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading t...

5.5CVSS6.8AI score0.00343EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2023/10/31 12:0 a.m.•20 views

phpmyfaq -- multiple vulnerabilities

phpmyfaq developers report: XSS Insufficient session expiration...

9.8CVSS6.9AI score0.01105EPSS
Exploits2References4
FreeBSD
FreeBSD
•added 2023/07/05 12:0 a.m.•20 views

GLPI vulnerable to unauthenticated access to Dashboard data

[email protected] reports: GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to version 10.0.8, an incorrect rights check on a file allows an unauthenticated user to be able to access dashboards data. Version 10.0.8 contains a patch for this...

7.5CVSS7.4AI score0.00659EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/05/10 12:0 a.m.•20 views

Gitlab -- Vulnerability

Gitlab reports: Smuggling code changes via merge requests with refs/replace...

6.5CVSS7.3AI score0.00729EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2022/12/05 12:0 a.m.•20 views

rxvt-unicode is vulnerable to a remote code execution

Marc Lehmann reports: The biggest issue is resolving CVE-2022-4170, which allows command execution inside urxvt from within the terminal that means anything that can output text in the terminal can start commands in the context of the urxvt process, even remotely...

9.8CVSS3.3AI score0.02058EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2022/11/08 12:0 a.m.•20 views

varnish -- HTTP/2 Request Forgery Vulnerability

Varnish Cache Project reports: A request forgery attack can be performed on Varnish Cache servers that have the HTTP/2 protocol turned on. An attacker may introduce characters through the HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server t...

3.3AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2022/08/23 12:0 a.m.•20 views

powerdns-recursor -- denial of service

PowerDNS Team reports: PowerDNS Security Advisory 2022-02: incomplete exception handling related to protobuf message generation...

6.5CVSS2.5AI score0.0119EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2022/03/16 12:0 a.m.•20 views

py-nicotine-plus -- Denial of service vulnerability

ztauras reports: Denial of service DoS vulnerability in Nicotine+ starting with version 3.0.3 and prior to version 3.2.1 allows a user with a modified Soulseek client to crash Nicotine+ by sending a file download request with a file path containing a null character...

7.5CVSS7.4AI score0.01586EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2021/05/02 12:0 a.m.•20 views

wayland -- integer overflow

Tobias Stoeckmann reports: The libXcursor fix for CVE-2013-2003 has never been imported into wayland, leaving it vulnerable to it...

6.8CVSS5.2AI score0.02127EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2021/04/21 12:0 a.m.•20 views

drupal7 -- fix possible CSS

Drupal Security team reports: Drupal core's sanitization API fails to properly filter cross-site scripting under certain circumstances. Not all sites and users are affected, but configuration changes to prevent the exploit might be impractical and will vary between sites. Therefore, we recommend...

6.1CVSS0.8AI score0.00671EPSS
Exploits0
FreeBSD
FreeBSD
•added 2021/03/15 12:0 a.m.•20 views

LibreSSL -- use-after-free

OpenBSD reports: A TLS client using session resumption may cause a use-after-free...

1.2AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2020/12/11 12:0 a.m.•20 views

phpldapadmin -- XSS vulnerability

[email protected] reports: An XSS issue has been discovered in phpLDAPadmin before 1.2.6.2 that allows users to store malicious values that may be executed by other users at a later time via getrequest in lib/function.php...

5.4CVSS6.4AI score0.01226EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2020/11/05 12:0 a.m.•20 views

asterisk -- Remote crash in res_pjsip_session

The Asterisk project reports: Upon receiving a new SIP Invite, Asterisk did not return the created dialog locked or referenced. This caused a gap between the creation of the dialog object, and its next use by the thread that created it. Depending upon some off nominal circumstances, and timing it...

1.6AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2020/10/15 12:0 a.m.•20 views

jupyter notebook -- open redirect vulnerability

Jupyter reports: 6.1.5 is a security release, fixing one vulnerability: Fix open redirect vulnerability GHSA-c7vm-f5p4-8fqh CVE to be assigned...

1.3AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2020/08/27 12:0 a.m.•20 views

powerdns -- Various issues in GSS-TSIG support

PowerDNS developers report: A remote, unauthenticated attacker can trigger a race condition leading to a crash, or possibly arbitrary code execution, by sending crafted queries with a GSS-TSIG signature. A remote, unauthenticated attacker can cause a denial of service by sending crafted queries...

3.9AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2019/11/22 12:0 a.m.•20 views

phpmyadmin -- multiple vulnerabilities

the phpmyadmin team reports: This security fix is part of an ongoing effort to improve the security of the Designer feature and is designated PMASA-2019-5. There is also an improvement for how we sanitize git version information shown on the home page...

2.5AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2019/08/20 12:0 a.m.•20 views

FreeBSD -- Reference count overflow in mqueue filesystem 32-bit compat

Problem Description: System calls operating on file descriptors obtain a reference to relevant struct file which due to a programming error was not always put back, which in turn could be used to overflow the counter of affected struct file. Impact: A local user can use this flaw to obtain access...

7.8CVSS1.9AI score0.00623EPSS
Exploits0
FreeBSD
FreeBSD
•added 2019/07/26 12:0 a.m.•20 views

py-matrix-synapse -- multiple vulnerabilities

Matrix developers report: The matrix team releases Synapse 1.2.1 as a critical security update. It contains patches relating to redactions and event federation: Prevent an attack where a federated server could send redactions for arbitrary events in v1 and v2 rooms. Prevent a denial-of-service...

3.1AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2019/07/02 12:0 a.m.•20 views

FreeBSD -- iconv buffer overflow

Problem Description: With certain inputs, iconv may write beyond the end of the output buffer. Impact: Depending on the way in which iconv is used, an attacker may be able to create a denial of service, provoke incorrect program behavior, or induce a remote code execution. iconv is a libc library...

9.8CVSS2.2AI score0.04861EPSS
Exploits0
FreeBSD
FreeBSD
•added 2019/06/13 12:0 a.m.•20 views

znc -- privilege escalation

Mitre reports: Modules.cpp in ZNC before 1.7.4-rc1 allows remote authenticated non-admin users to escalate privileges and execute arbitrary code by loading a module with a crafted name...

8.8CVSS6.3AI score0.04127EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/02/11 12:0 a.m.•20 views

msmtp -- certificate-verification issue

msmtp developers report: In msmtp 1.8.2, when tlstrustfile has its default configuration, certificate-verification results are not properly checked...

5.3CVSS2.8AI score0.00919EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/01/14 12:0 a.m.•20 views

Helm -- client unpacking chart that contains malicious content

Helm security notice A specially crafted chart may be able to unpack content into locations on the filesystem outside of the chart's path, potentially overwriting existing files...

2AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2018/08/01 12:0 a.m.•20 views

Plex Media Server -- Information Disclosure Vulnerability

Chris reports: The XML parsing engine for Plex Media Server's SSDP/UPNP functionality is vulnerable to an XML External Entity Processing XXE attack. Unauthenticated attackers on the same LAN can use this vulnerability to: Access arbitrary files from the filesystem with the same permission as the...

9.8CVSS4.5AI score0.31809EPSS
Exploits5References1
FreeBSD
FreeBSD
•added 2018/07/14 12:0 a.m.•20 views

wesnoth -- Code Injection vulnerability

shadowm reports: A severe bug was found in the game client which could allow a malicious user to execute arbitrary code through the Lua engine by using specially-crafted code in add-ons, saves, replays, or networked games. This issue affects all platforms and all existing releases since Wesnoth...

8.8CVSS5.2AI score0.01724EPSS
Exploits0References1
Total number of security vulnerabilities5000