Lucene search
K
FreebsdRecent

6580 matches found

FreeBSD
FreeBSD
•added 2023/11/14 12:0 a.m.•24 views

typo3 -- Multiple vulnerabilities

[email protected] reports: Weak Authentication in Session Handling in typo3/cms-core: In typo3 installations there are always at least two different sites. Eg. first.example.org and second.example.com. In affected versions a session cookie generated for the first site can be reused o...

6.1CVSS6AI score0.00574EPSS
Exploits1References3
FreeBSD
FreeBSD
•added 2023/11/13 12:0 a.m.•43 views

varnish -- HTTP/2 Rapid Reset Attack

Varnish Cache Project reports: A denial of service attack can be performed on Varnish Cache servers that have the HTTP/2 protocol turned on. An attacker can create a large volume of streams and immediately reset them without ever reaching the maximum number of concurrent streams allowed for the...

7.5CVSS7.4AI score0.99999EPSS
Exploits19References1
FreeBSD
FreeBSD
•added 2023/11/13 12:0 a.m.•37 views

MariaDB -- Denial-of-Service vulnerability

The MariaDB project reports: Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash complete...

4.9CVSS6.4AI score0.01782EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2023/11/10 12:0 a.m.•20 views

Grafana -- Email verification is not required after email change

Grafana Labs reports: The vulnerability impacts instances where Grafana basic authentication is enabled. Grafana has a verifyemailenabled configuration option. When this option is enabled, users are required to confirm their email addresses before the sign-up process is complete. However, the ema...

5.4CVSS7.1AI score0.01385EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2023/11/09 12:0 a.m.•39 views

postgresql-server -- Memory disclosure in aggregate function calls

PostgreSQL Project reports: Certain aggregate function calls receiving "unknown"-type arguments could disclose bytes of server memory from the end of the "unknown"-type value to the next zero byte. One typically gets an "unknown"-type value via a string literal having no type designation. We have...

4.3CVSS7AI score0.02775EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/11/09 12:0 a.m.•57 views

postgresql-server -- Buffer overrun from integer overflow in array modification

PostgreSQL Project reports: While modifying certain SQL array values, missing overflow checks let authenticated database users write arbitrary bytes to a memory area that facilitates arbitrary code execution. Missing overflow checks also let authenticated database users read a wide area of server...

8.8CVSS9.2AI score0.04322EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/11/09 12:0 a.m.•30 views

postgresql-server -- Role pg_cancel_backend can signal certain superuser processes

PostgreSQL Project reports: Documentation says the pgcancelbackend role cannot signal "a backend owned by a superuser". On the contrary, it can signal background workers, including the logical replication launcher. It can signal autovacuum workers and the autovacuum launcher. Signaling autovacuum...

4.4CVSS7.3AI score0.02555EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/11/08 12:0 a.m.•40 views

electron{25,26} -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2023-5849. Security: backported fix for CVE-2023-5482...

8.8CVSS7.5AI score0.07094EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2023/11/08 12:0 a.m.•38 views

FreeBSD -- libc stdio buffer overflow

Problem Description: For line-buffered streams the sflush function did not correctly update the FILE object's write space member when the write2 system call returns an error. Impact: Depending on the nature of an application that calls libc's stdio functions and the presence of errors returned fr...

9.8CVSS7.8AI score0.01073EPSS
Exploits0
FreeBSD
FreeBSD
•added 2023/11/08 12:0 a.m.•24 views

FreeBSD -- Incorrect libcap_net limitation list manipulation

Problem Description: Casper services allow limiting operations that a process can perform. Each service maintains a specific list of permitted operations. Certain operations can be further restricted, such as specifying which domain names can be resolved. During the verification of limits, the...

7.5CVSS6.7AI score0.00511EPSS
Exploits0
FreeBSD
FreeBSD
•added 2023/11/08 12:0 a.m.•33 views

OpenSSL -- DoS in DH generation

The OpenSSL project reports: Excessive time spent in DH check / generation with large Q parameter value low. Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow...

5.3CVSS6.9AI score0.04459EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/11/07 12:0 a.m.•34 views

chromium -- security update

Chrome Releases reports: This update includes 1 security fix: 1497859 High CVE-2023-5996: Use after free in WebAudio. Reported by Huang Xilin of Ant Group Light-Year Security Lab via Tianfu Cup 2023 on 2023-10-30...

8.8CVSS7.5AI score0.01976EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/10/31 12:0 a.m.•20 views

phpmyfaq -- multiple vulnerabilities

phpmyfaq developers report: XSS Insufficient session expiration...

9.8CVSS6.9AI score0.01105EPSS
Exploits2References4
FreeBSD
FreeBSD
•added 2023/10/31 12:0 a.m.•35 views

Gitlab -- Vulnerabilities

Gitlab reports: Disclosure of CI/CD variables using Custom project templates GitLab omnibus DoS crash via OOM with CI Catalogs Parsing gitlab-ci.yml with large string via timeout input leads to Denial of Service DoS - Blocking FIFO files in Tar archives Titles exposed by service-desk template...

8.5CVSS5.9AI score0.00643EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2023/10/31 12:0 a.m.•37 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This update includes 15 security fixes: 1492698 High CVE-2023-5480: Inappropriate implementation in Payments. Reported by Vsevolod Kokorin Slonser of Solidlab on 2023-10-14 1492381 High CVE-2023-5482: Insufficient data validation in USB. Reported by DarkNavy on 2023-10-13...

8.8CVSS6.9AI score0.07094EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/10/27 12:0 a.m.•14 views

zeek -- potential DoS vulnerabilities

Tim Wojtulewicz of Corelight reports: A specially-crafted SSL packet could cause Zeek to leak memory and potentially crash. A specially-crafted series of FTP packets could cause Zeek to log entries for requests that have already been completed, using resources unnecessarily and potentially causin...

7.1AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2023/10/26 12:0 a.m.•21 views

openexr -- Heap Overflow in Scanline Deep Data Parsing

Austin Hackers Anonymous report: Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEXR image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. ... it is...

9.1CVSS7.8AI score0.01258EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2023/10/26 12:0 a.m.•18 views

open-vm-tools -- Multiple vulnerabilities

VMware reports: This update includes 2 security fixes: High CVE-2023-34058: SAML token signature bypass vulnerability High CVE-2023-34059: File descriptor hijack vulnerability in the vmware-user-suid-wrapper...

7.5CVSS6.4AI score0.00667EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2023/10/25 12:0 a.m.•35 views

xorg-server -- Multiple vulnerabilities

The X.Org project reports: ZDI-CAN-22153/CVE-2023-5367: X.Org server: OOB write in XIChangeDeviceProperty/RRChangeOutputProperty When prepending values to an existing property an invalid offset calculation causes the existing values to be appended at the wrong offset. The resulting memcpy would...

7.8CVSS7.3AI score0.00715EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/10/24 12:0 a.m.•18 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This update includes 2 security fixes: 1491296 High CVE-2023-5472: Use after free in Profiles. Reported by @18楼梦想改造家 on 2023-10-10...

8.8CVSS7.4AI score0.01234EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/10/24 12:0 a.m.•26 views

OpenSSL -- potential loss of confidentiality

The OpenSSL team reports: Moderate severity: A bug has been identified in the processing of key and initialisation vector IV lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers...

7.5CVSS6.7AI score0.03332EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/10/21 12:0 a.m.•17 views

squid -- Multiple vulnerabilities

The squid-cache project reports: Denial of Service in FTP Request/Response smuggling in HTTP/1.1 and ICAP Denial of Service in HTTP Digest Authentication...

7AI score
Exploits0References3
FreeBSD
FreeBSD
•added 2023/10/20 12:0 a.m.•24 views

sdl2_sound -- multiple vulnerabilities

GitHub Security Lab reports: stbimage.h and stbvorbis libraries contain several memory access violations of different severity Wild address read in stbigifloadnext GHSL-2023-145. Multi-byte read heap buffer overflow in stbiverticalflip GHSL-2023-146. Disclosure of uninitialized memory in...

7.8CVSS7.5AI score0.0056EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/10/19 12:0 a.m.•83 views

Apache httpd -- Multiple vulnerabilities

The Apache httpd project reports: CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST CVE-2023-43622: Apache HTTP Server: DoS in HTTP/2 with initial windows size 0 CVE-2023-31122: modmacro buffer over-read...

7.5CVSS7.2AI score0.70595EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2023/10/18 12:0 a.m.•23 views

Request Tracker -- multiple vulnerabilities

Request Tracker reports: CVE-2023-41259 SECURITY: RT is vulnerable to unvalidated email headers in incoming email and the mail-gateway REST interface. CVE-2023-41260 SECURITY: RT is vulnerable to information leakage via response messages returned from requests sent via the mail-gateway REST...

7.5CVSS6.7AI score0.00717EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/10/18 12:0 a.m.•32 views

electron{25,26} -- Use after free in Site Isolation

Electron developers report: This update fixes the following vulnerability: Security: backported fix for CVE-2023-5218...

8.8CVSS7AI score0.0126EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/10/18 12:0 a.m.•27 views

redis -- Possible bypassing Unix socket permissions

Redis core team reports: The wrong order of listen2 and chmod2 calls creates a race condition that can be used by another process to bypass desired Unix socket permissions on startup...

3.6CVSS7.1AI score0.00444EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/10/18 12:0 a.m.•57 views

jenkins -- HTTP/2 denial of service vulnerability in bundled Jetty

Jenkins Security Advisory: Description High SECURITY-3291 / CVE-2023-36478, CVE-2023-44487 HTTP/2 denial of service vulnerability in bundled Jetty...

7.5CVSS7.4AI score0.99999EPSS
Exploits20References1
FreeBSD
FreeBSD
•added 2023/10/17 12:0 a.m.•64 views

MySQL -- Multiple vulnerabilities

Oracle reports: This Critical Patch Update contains 37 new security patches, plus additional third party patches noted below, for Oracle MySQL. 9 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials...

9.8CVSS7AI score0.78483EPSS
Exploits7References1
FreeBSD
FreeBSD
•added 2023/10/16 12:0 a.m.•56 views

nebula -- security fix for terrapin vulnerability

Upstream reports: Security fix: Update golang.org/x/crypto, which includes a fix for CVE-2023-48795...

5.9CVSS7AI score0.9378EPSS
Exploits4References3
FreeBSD
FreeBSD
•added 2023/10/16 12:0 a.m.•87 views

putty -- add protocol extension against 'Terrapin attack'

Simon Tatham reports: PuTTY version 0.80 contains one security fix ... for a newly discovered security issue known as the 'Terrapin' attack, also numbered CVE-2023-48795. The issue affects widely-used OpenSSH extensions to the SSH protocol: the ChaCha20+Poly1305 cipher system, and...

5.9CVSS7.4AI score0.9378EPSS
Exploits4References4
FreeBSD
FreeBSD
•added 2023/10/16 12:0 a.m.•13 views

Roundcube -- XSS vulnerability in SVG

The Roundcube project reports: cross-site scripting XSS vulnerability in handling of SVG in HTML messages...

6.2AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2023/10/14 12:0 a.m.•52 views

mantis -- multiple vulnerabilities

Mantis 2.25.8 release reports: Security and maintenance release 0032432: Update guzzlehttp/psr7 to 1.9.1 CVE-2023-29197 0032981: Information Leakage on DokuWiki Integration CVE-2023-44394...

7.5CVSS7.3AI score0.01216EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2023/10/11 12:0 a.m.•34 views

apache -- Apache ZooKeeper: Authorization bypass in SASL Quorum Peer Authentication

[email protected] reports: Authorization Bypass Through User-Controlled Key vulnerability in Apache ZooKeeper. If SASL Quorum Peer authentication is enabled in ZooKeeper quorum.auth.enableSasl=true, the authorization is done by verifying that the instance part in SASL authentication ID is liste...

9.1CVSS7.4AI score0.01713EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/10/11 12:0 a.m.•34 views

electron25 -- Use after free in extensions vulnerability

Electron developers report: This update fixes the following vulnerability: Security: backported fix for CVE-2023-5187...

8.8CVSS8.7AI score0.00833EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/10/10 12:0 a.m.•84 views

traefik -- Resource exhaustion by malicious HTTP/2 client

The traefik authors report: There is a vulnerability in GO managing HTTP/2 requests, which impacts Traefik. This vulnerability could be exploited to cause a denial of service...

6.8AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2023/10/10 12:0 a.m.•76 views

h2o -- HTTP/2 Rapid Reset attack vulnerability

Kazuo Okuhu reports: H2O is vulnerable to the HTTP/2 Rapid Reset attack. An attacker might be able to consume more than adequate amount of processing power of h2o and the backend servers by mounting the attack...

7.5CVSS7AI score0.99999EPSS
Exploits19References1
FreeBSD
FreeBSD
•added 2023/10/10 12:0 a.m.•30 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This update includes 20 security fixes: 1487110 Critical CVE-2023-5218: Use after free in Site Isolation. Reported by @18楼梦想改造家 on 2023-09-27 1062251 Medium CVE-2023-5487: Inappropriate implementation in Fullscreen. Reported by Anonymous on 2020-03-17 1414936 Medium...

8.8CVSS7.9AI score0.0126EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/10/09 12:0 a.m.•21 views

libcue -- out-of-bounds array access

The libcue team reports: There is a vulnerability to out-of-bounds array access...

8.8CVSS6.5AI score0.1657EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2023/10/03 12:0 a.m.•18 views

FreeBSD -- copy_file_range insufficient capability rights check

Problem Description: The syscall checked only for the CAPREAD and CAPWRITE capabilities on the input and output file descriptors, respectively. Using an offset is logically equivalent to seeking, and the syscall must additionally require the CAPSEEK capability. Impact: A sandboxed process with on...

7.1CVSS7AI score0.00185EPSS
Exploits0
FreeBSD
FreeBSD
•added 2023/10/03 12:0 a.m.•26 views

FreeBSD -- msdosfs data disclosure

Problem Description: In certain cases using the truncate or ftruncate system call to extend a file size populates the additional space in the file with unallocated data from the underlying disk device, rather than zero bytes. Impact: A user with write access to files on a msdosfs file system may ...

6.5CVSS6.9AI score0.00535EPSS
Exploits0
FreeBSD
FreeBSD
•added 2023/10/03 12:0 a.m.•30 views

FreeBSD -- arm64 boot CPUs may lack speculative execution protections

Problem Description: On CPU 0 the check for the SMCCC workaround is called before SMCCC support has been initialized. Impact: No speculative execution workarounds are installed on CPU 0...

5.5CVSS7.1AI score0.00191EPSS
Exploits0
FreeBSD
FreeBSD
•added 2023/10/03 12:0 a.m.•28 views

chromium -- type confusion in v8

Chrome Releases reports: This update includes 1 security fix: 1485829 High CVE-2023-5346: Type Confusion in V8. Reported by Amit Kumar on 2023-09-22...

8.8CVSS7AI score0.01738EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/10/01 12:0 a.m.•31 views

Django -- multiple vulnerabilities

Django reports: CVE-2023-43665: Denial-of-service possibility in django.utils.text.Truncator...

7.5CVSS7AI score0.01236EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/09/30 12:0 a.m.•12 views

PptiPNG -- Global-buffer-overflow

Frank-Z7 reports: Running optipng with the "-zm 3 -zc 1 -zw 256 -snip -out" configuration options enabled raises a global-buffer-overflow bug, which could allow a remote attacker to conduct a denial-of-service attack or other unspecified effect on a crafted file...

7.8CVSS7AI score0.00518EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2023/09/30 12:0 a.m.•40 views

curl -- SOCKS5 heap buffer overflow

The curl team reports: This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the hostname to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that hostname can be is 255...

9.8CVSS7AI score0.78483EPSS
Exploits6References1
FreeBSD
FreeBSD
•added 2023/09/29 12:0 a.m.•26 views

Remote Code Execution via web-accessible composer

Composer project reports: Description: Users publishing a composer.phar to a public web-accessible server where the composer.phar can be executed as a php file may be impacted if PHP also has registerargcargv enabled in php.ini. Workaround: Make sure registerargcargv is disabled in php.ini, and...

8.8CVSS7AI score0.01378EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/09/28 12:0 a.m.•55 views

electron{22,24,25} -- Heap buffer overflow in vp8 encoding in libvpx

Electron developers report: This update fixes the following vulnerability: Security: backported fix for CVE-2023-5217...

8.8CVSS7AI score0.49013EPSS
Exploits3References1
FreeBSD
FreeBSD
•added 2023/09/28 12:0 a.m.•51 views

Gitlab -- vulnerabilities

Attacker can add other projects policy bot as member to their own project and use that bot to trigger pipelines in victims project Group import allows impersonation of users in CI pipelines Developers can bypass code owners approval by changing a MR's base branch Leaking source code of restricted...

8.8CVSS6.8AI score0.01094EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/09/27 12:0 a.m.•25 views

Phishing through a login page malicious URL in GLPI

[email protected] reports: GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. The lack of path filtering on the GLPI URL may allow an attacker t...

5.4CVSS7.2AI score0.00417EPSS
Exploits0References1
Total number of security vulnerabilities6580