Lucene search
K
FreebsdMost viewed

6585 matches found

FreeBSD
FreeBSD
added 2004/08/16 12:0 a.m.21 views

cacti -- SQL injection

Fernando Quintero reports that Cacti 0.8.5a suffers from a SQL injection attack where an attacker can change the password for any Cacti user. This attack is not possible if the PHP option magicquotesgpc is set to On, which is the default for PHP in FreeBSD...

3.2AI score
Exploits0References1
FreeBSD
FreeBSD
added 2002/11/06 12:0 a.m.21 views

leafnode denial-of-service triggered by article request

The leafnode NNTP server may go into an unterminated loop with 100% CPU use when an article is requested by Message-ID that has been crossposted to several news groups when one of the group names is the prefix of another group name that the article was cross-posted to. Found by Jan Knutar...

5CVSS6.5AI score0.02333EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2000/09/29 12:0 a.m.21 views

pine remotely exploitable buffer overflow in newmail.c

Kris Kennaway reports a remotely exploitable buffer overflow in newmail.c. Mike Silbersack submitted the fix...

4.7AI score
Exploits0References1
FreeBSD
FreeBSD
added 2026/05/24 12:0 a.m.20 views

jellyfin -- multiple vulnerabilities

The Jellyfin project reports: Jellyfin Server 10.11.10 fixes three security vulnerabilities: GHSA-f47c-m7gr-q92j: details pending disclosure GHSA-jg92-mrxq-vv75: details pending disclosure GHSA-wwwm-px48-fpvq: details pending disclosure...

5.8AI score
Exploits0References4
FreeBSD
FreeBSD
added 2025/04/29 12:0 a.m.20 views

Mozilla -- javascript content execution

[email protected] reports: A process isolation vulnerability in Thunderbird stemmed from improper handling of javascript: URIs, which could allow content to execute in the top-level document's process instead of the intended frame, potentially enabling a sandbox escape...

9.1CVSS9.4AI score0.00376EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2025/03/05 12:0 a.m.20 views

Jinja2 -- Sandbox breakout through attr filter selecting format method

[email protected] reports: Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the...

8.8CVSS8AI score0.00476EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2025/01/23 12:0 a.m.20 views

electron32 -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2024-12693. Security: backported fix for CVE-2024-12694. Security: backported fix for CVE-2024-12695. Security: backported fix for CVE-2025-0434. Security: backported fix for CVE-2025-043...

8.8CVSS8.9AI score0.05945EPSS
Exploits3References6
FreeBSD
FreeBSD
added 2025/01/14 12:0 a.m.20 views

chromium -- multiple security fixes

Chrome Releases reports: This update includes 16 security fixes: 374627491 High CVE-2025-0434: Out of bounds memory access in V8. Reported by ddme on 2024-10-21 379652406 High CVE-2025-0435: Inappropriate implementation in Navigation. Reported by Alesandro Ortiz on 2024-11-18 382786791 High...

8.8CVSS9.3AI score0.05945EPSS
Exploits11References1
FreeBSD
FreeBSD
added 2024/11/27 12:0 a.m.20 views

Emacs -- Shell injection vulnerability

Problem Description: An Emacs user who chooses to invoke elisp-completion-at-point for code completion on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. This unsafe expansion also occurs if a user chooses to enable...

7.8CVSS8AI score0.00526EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2024/10/03 12:0 a.m.20 views

Unbound -- Denial of service attack

NLnet labs report: A vulnerability has been discovered in Unbound when handling replies with very large RRsets that Unbound needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression to...

5.3CVSS6.8AI score0.00801EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2024/09/04 12:0 a.m.20 views

FreeBSD -- bhyve(8) privileged guest escape via TPM device passthrough

Problem Description: bhyve can be configured to provide access to the host's TPM device, where it passes the communication through an emulated device provided to the guest. This may be performed on the command-line by starting bhyve with the -l tpm,passthru,/dev/tpmX parameters. The MMIO handler...

8.4CVSS7.5AI score0.00244EPSS
Exploits0
FreeBSD
FreeBSD
added 2024/08/19 12:0 a.m.20 views

frr - BGP

[email protected] reports: An issue was discovered in FRRouting FRR. bgpattrencap in bgpd/bgpattr.c does not check the actual remaining stream length before taking the TLV value...

9.8CVSS6.8AI score0.00641EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2024/01/16 12:0 a.m.20 views

sqlite -- use-after-free bug in jsonparseaddnodearray

[email protected] reports: A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading t...

5.5CVSS6.8AI score0.00343EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2023/11/10 12:0 a.m.20 views

Grafana -- Email verification is not required after email change

Grafana Labs reports: The vulnerability impacts instances where Grafana basic authentication is enabled. Grafana has a verifyemailenabled configuration option. When this option is enabled, users are required to confirm their email addresses before the sign-up process is complete. However, the ema...

5.4CVSS7.1AI score0.01385EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2023/10/31 12:0 a.m.20 views

phpmyfaq -- multiple vulnerabilities

phpmyfaq developers report: XSS Insufficient session expiration...

9.8CVSS6.9AI score0.01105EPSS
Exploits2References4
FreeBSD
FreeBSD
added 2023/07/05 12:0 a.m.20 views

GLPI vulnerable to unauthenticated access to Dashboard data

[email protected] reports: GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to version 10.0.8, an incorrect rights check on a file allows an unauthenticated user to be able to access dashboards data. Version 10.0.8 contains a patch for this...

7.5CVSS7.4AI score0.00659EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2023/05/10 12:0 a.m.20 views

Gitlab -- Vulnerability

Gitlab reports: Smuggling code changes via merge requests with refs/replace...

6.5CVSS7.3AI score0.00729EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2022/12/05 12:0 a.m.20 views

rxvt-unicode is vulnerable to a remote code execution

Marc Lehmann reports: The biggest issue is resolving CVE-2022-4170, which allows command execution inside urxvt from within the terminal that means anything that can output text in the terminal can start commands in the context of the urxvt process, even remotely...

9.8CVSS3.3AI score0.02058EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2022/11/08 12:0 a.m.20 views

varnish -- HTTP/2 Request Forgery Vulnerability

Varnish Cache Project reports: A request forgery attack can be performed on Varnish Cache servers that have the HTTP/2 protocol turned on. An attacker may introduce characters through the HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server t...

3.3AI score
Exploits0References1
FreeBSD
FreeBSD
added 2022/08/23 12:0 a.m.20 views

powerdns-recursor -- denial of service

PowerDNS Team reports: PowerDNS Security Advisory 2022-02: incomplete exception handling related to protobuf message generation...

6.5CVSS2.5AI score0.0119EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2022/03/16 12:0 a.m.20 views

py-nicotine-plus -- Denial of service vulnerability

ztauras reports: Denial of service DoS vulnerability in Nicotine+ starting with version 3.0.3 and prior to version 3.2.1 allows a user with a modified Soulseek client to crash Nicotine+ by sending a file download request with a file path containing a null character...

7.5CVSS7.4AI score0.01586EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2021/05/02 12:0 a.m.20 views

wayland -- integer overflow

Tobias Stoeckmann reports: The libXcursor fix for CVE-2013-2003 has never been imported into wayland, leaving it vulnerable to it...

6.8CVSS5.2AI score0.02127EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2021/04/21 12:0 a.m.20 views

drupal7 -- fix possible CSS

Drupal Security team reports: Drupal core's sanitization API fails to properly filter cross-site scripting under certain circumstances. Not all sites and users are affected, but configuration changes to prevent the exploit might be impractical and will vary between sites. Therefore, we recommend...

6.1CVSS0.8AI score0.00671EPSS
Exploits0
FreeBSD
FreeBSD
added 2021/03/15 12:0 a.m.20 views

LibreSSL -- use-after-free

OpenBSD reports: A TLS client using session resumption may cause a use-after-free...

1.2AI score
Exploits0References2
FreeBSD
FreeBSD
added 2020/12/11 12:0 a.m.20 views

phpldapadmin -- XSS vulnerability

[email protected] reports: An XSS issue has been discovered in phpLDAPadmin before 1.2.6.2 that allows users to store malicious values that may be executed by other users at a later time via getrequest in lib/function.php...

5.4CVSS6.4AI score0.01226EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2020/11/05 12:0 a.m.20 views

asterisk -- Remote crash in res_pjsip_session

The Asterisk project reports: Upon receiving a new SIP Invite, Asterisk did not return the created dialog locked or referenced. This caused a gap between the creation of the dialog object, and its next use by the thread that created it. Depending upon some off nominal circumstances, and timing it...

1.6AI score
Exploits0References1
FreeBSD
FreeBSD
added 2020/10/15 12:0 a.m.20 views

jupyter notebook -- open redirect vulnerability

Jupyter reports: 6.1.5 is a security release, fixing one vulnerability: Fix open redirect vulnerability GHSA-c7vm-f5p4-8fqh CVE to be assigned...

1.3AI score
Exploits0References2
FreeBSD
FreeBSD
added 2020/08/27 12:0 a.m.20 views

powerdns -- Various issues in GSS-TSIG support

PowerDNS developers report: A remote, unauthenticated attacker can trigger a race condition leading to a crash, or possibly arbitrary code execution, by sending crafted queries with a GSS-TSIG signature. A remote, unauthenticated attacker can cause a denial of service by sending crafted queries...

3.9AI score
Exploits0References1
FreeBSD
FreeBSD
added 2019/11/22 12:0 a.m.20 views

phpmyadmin -- multiple vulnerabilities

the phpmyadmin team reports: This security fix is part of an ongoing effort to improve the security of the Designer feature and is designated PMASA-2019-5. There is also an improvement for how we sanitize git version information shown on the home page...

2.5AI score
Exploits0References1
FreeBSD
FreeBSD
added 2019/08/20 12:0 a.m.20 views

FreeBSD -- Reference count overflow in mqueue filesystem 32-bit compat

Problem Description: System calls operating on file descriptors obtain a reference to relevant struct file which due to a programming error was not always put back, which in turn could be used to overflow the counter of affected struct file. Impact: A local user can use this flaw to obtain access...

7.8CVSS1.9AI score0.00623EPSS
Exploits0
FreeBSD
FreeBSD
added 2019/07/26 12:0 a.m.20 views

py-matrix-synapse -- multiple vulnerabilities

Matrix developers report: The matrix team releases Synapse 1.2.1 as a critical security update. It contains patches relating to redactions and event federation: Prevent an attack where a federated server could send redactions for arbitrary events in v1 and v2 rooms. Prevent a denial-of-service...

3.1AI score
Exploits0References2
FreeBSD
FreeBSD
added 2019/07/02 12:0 a.m.20 views

FreeBSD -- iconv buffer overflow

Problem Description: With certain inputs, iconv may write beyond the end of the output buffer. Impact: Depending on the way in which iconv is used, an attacker may be able to create a denial of service, provoke incorrect program behavior, or induce a remote code execution. iconv is a libc library...

9.8CVSS2.2AI score0.04861EPSS
Exploits0
FreeBSD
FreeBSD
added 2019/06/13 12:0 a.m.20 views

znc -- privilege escalation

Mitre reports: Modules.cpp in ZNC before 1.7.4-rc1 allows remote authenticated non-admin users to escalate privileges and execute arbitrary code by loading a module with a crafted name...

8.8CVSS6.3AI score0.04127EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2019/02/11 12:0 a.m.20 views

msmtp -- certificate-verification issue

msmtp developers report: In msmtp 1.8.2, when tlstrustfile has its default configuration, certificate-verification results are not properly checked...

5.3CVSS2.8AI score0.00919EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2019/01/31 12:0 a.m.20 views

gitea -- multiple vulnerabilities

Gitea Team reports: Disable redirect for i18n Only allow local login if password is non-empty Fix go-get URL generation...

1.8AI score
Exploits0References1
FreeBSD
FreeBSD
added 2019/01/16 12:0 a.m.20 views

drupal -- Drupal core - Arbitrary PHP code execution

Drupal Security Team reports: A remote code execution vulnerability exists in PHP's built-in phar stream wrapper when performing file operations on an untrusted phar:// URI. Some Drupal code core, contrib, and custom may be performing file operations on insufficiently validated user input, thereb...

2.3AI score
Exploits0References1
FreeBSD
FreeBSD
added 2019/01/14 12:0 a.m.20 views

Helm -- client unpacking chart that contains malicious content

Helm security notice A specially crafted chart may be able to unpack content into locations on the filesystem outside of the chart's path, potentially overwriting existing files...

2AI score
Exploits0References1
FreeBSD
FreeBSD
added 2018/08/01 12:0 a.m.20 views

Plex Media Server -- Information Disclosure Vulnerability

Chris reports: The XML parsing engine for Plex Media Server's SSDP/UPNP functionality is vulnerable to an XML External Entity Processing XXE attack. Unauthenticated attackers on the same LAN can use this vulnerability to: Access arbitrary files from the filesystem with the same permission as the...

9.8CVSS4.5AI score0.31809EPSS
Exploits5References1
FreeBSD
FreeBSD
added 2018/02/06 12:0 a.m.20 views

uwsgi -- a stack-based buffer overflow

Uwsgi developers report: It was discovered that the uwsgiexpandpath function in utils.c in Unbit uWSGI, an application container server, has a stack-based buffer overflow via a large directory length that can cause a denial-of-service application crash or stack corruption...

9.8CVSS8.8AI score0.02086EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2017/12/12 12:0 a.m.20 views

asterisk -- Remote Crash Vulnerability in RTCP Stack

The Asterisk project reports: If a compound RTCP packet is received containing more than one report for example a Receiver Report and a Sender Report the RTCP stack will incorrectly store report information outside of allocated memory potentially causing a crash...

2.1AI score
Exploits0References1
FreeBSD
FreeBSD
added 2017/11/28 12:0 a.m.20 views

libXcursor -- integer overflow that can lead to heap buffer overflow

The freedesktop.org project reports: It is possible to trigger heap overflows due to an integer overflow while parsing images and a signedness issue while parsing comments. The integer overflow occurs because the chosen limit 0x10000 for dimensions is too large for 32 bit systems, because each...

7.5CVSS7.9AI score0.05173EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2017/10/27 12:0 a.m.20 views

shadowsocks-libev -- command injection via shell metacharacters

MITRE reports: Improper parsing allows command injection via shell metacharacters in a JSON configuration request received via 127.0.0.1 UDP traffic...

7.8CVSS8AI score0.01274EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2017/09/07 12:0 a.m.20 views

aacplusenc -- denial of service

Gentoo developers report: DeleteBitBuffer in libbitbuf/bitbuffer.c in mp4tools aacplusenc 0.17.5 allows remote attackers to cause a denial of service invalid memory write, SEGV on unknown address 0x000000000030, and application crash or possibly have unspecified other impact via a crafted .wav...

7.8CVSS7.9AI score0.01009EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2017/09/05 12:0 a.m.20 views

ledger -- multiple vulnerabilities

Talos reports: An exploitable buffer overflow vulnerability exists in the tag parsing functionality of Ledger-CLI 3.1.1. A specially crafted journal file can cause an integer underflow resulting in code execution. An attacker can construct a malicious journal file to trigger this vulnerability. A...

8.1AI score
Exploits0References4
FreeBSD
FreeBSD
added 2017/07/19 12:0 a.m.20 views

h2o -- DoS in workers

Frederik Deweerdt reports: Multiple Denial-of-Service vulnerabilities exist in h2o workers - see references for full details. CVE-2017-10868: Worker processes may crash when receiving a request with invalid framing. CVE-2017-10869: The stack may overflow when proxying huge requests...

7.5CVSS7.8AI score0.03467EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2017/02/24 12:0 a.m.20 views

tnef -- Invalid read and write operations, controlled by an attacker

[email protected] reports: CVE-2017-6307: An issue was discovered in tnef before 1.4.13. Two OOB Writes have been identified in src/mapiattr.c:mapiattrread. These might lead to invalid read and write operations, controlled by an attacker. CVE-2017-6308: An issue was discovered in tnef before 1.4.13...

7.8CVSS7.3AI score0.0154EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2016/09/30 12:0 a.m.20 views

kde-runtime -- kdesu: displayed command truncated by unicode string terminator

Albert Aastals Cid reports: A maliciously crafted command line for kdesu can result in the user only seeing part of the commands that will actually get executed as super user...

4.9CVSS1.7AI score0.01661EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2016/07/26 12:0 a.m.20 views

codeigniter -- multiple vulnerabilities

The CodeIgniter changelog reports: Fixed an SQL injection in the ‘odbc’ database driver. Updated setrealpath Path Helper function to filter-out php:// wrapper inputs...

1.1AI score
Exploits0References1
FreeBSD
FreeBSD
added 2016/06/23 12:0 a.m.20 views

icingaweb2 -- remote code execution

Eric Lippmann reports: Possibility of remote code execution via the remote command transport...

4AI score
Exploits0References1
FreeBSD
FreeBSD
added 2016/05/17 12:0 a.m.20 views

FreeBSD -- Incorrect argument handling in sendmsg(2)

Problem Description: Incorrect argument handling in the socket code allows malicious local user to overwrite large portion of the kernel memory. Impact: Malicious local user may crash kernel or execute arbitrary code in the kernel, potentially gaining superuser privileges...

7.8CVSS3.1AI score0.01111EPSS
Exploits2
Total number of security vulnerabilities5000