Lucene search
K
FreebsdRecent

6580 matches found

FreeBSD
FreeBSD
•added 2023/09/27 12:0 a.m.•27 views

Account takeover via SQL Injection in UI layout preferences in GLPI

[email protected] reports: GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. UI layout preferences management can be hijacked to lead to SQL...

9.8CVSS8.1AI score0.31871EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/09/27 12:0 a.m.•28 views

glpi-project -- SQL injection in ITIL actors in GLPI

[email protected] reports: GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. The ITIL actors input field from the Ticket form can be used to...

9.8CVSS7.6AI score0.00899EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/09/27 12:0 a.m.•21 views

Privilege Escalation from technician to super-admin in GLPI

[email protected] reports: GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. A user with write access to another user can make requests to chan...

8.8CVSS7.6AI score0.00731EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/09/27 12:0 a.m.•22 views

Account takeover via Kanban feature in GLPI

[email protected] reports: GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. A logged user from any profile can hijack the Kanban feature to...

8.8CVSS7.3AI score0.3095EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/09/27 12:0 a.m.•24 views

Account takeover through API in GLPI

[email protected] reports: GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. An API user that have read access on users resource can steal...

8.8CVSS7.1AI score0.00737EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/09/27 12:0 a.m.•21 views

Users login enumeration by unauthenticated user in GLPI

[email protected] reports: GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. An unauthenticated user can enumerate users logins. Users are...

5.3CVSS7.3AI score0.33874EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/09/27 12:0 a.m.•19 views

Sensitive fields enumeration through API in GLPI

[email protected] reports: GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. An API user can enumerate sensitive fields values on resources on...

6.5CVSS7.1AI score0.00738EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/09/27 12:0 a.m.•23 views

File deletion through document upload process in GLPI

[email protected] reports: GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. The document upload process can be diverted to delete some files...

9.1CVSS7.3AI score0.01043EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/09/27 12:0 a.m.•33 views

Unallowed PHP script execution in GLPI

From the GLPI 10.0.10 Changelog: You will find below security issues fixed in this bugfixes version: SECURITY - Critical Unallowed PHP script execution CVE-2023-42802. The mentioned CVE is invalid...

10CVSS7.7AI score0.00849EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/09/27 12:0 a.m.•31 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This update includes 10 security fixes: 1486441 High CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx. Reported by Clément Lecigne of Google's Threat Analysis Group on 2023-09-25 1478889 High CVE-2023-5186: Use after free in Passwords. Reported by pwn2car on...

8.8CVSS7.9AI score0.49013EPSS
Exploits3References1
FreeBSD
FreeBSD
•added 2023/09/27 12:0 a.m.•26 views

xrdp -- unchecked access to font glyph info

xrdp team reports: Access to the font glyphs in xrdppainter.c is not bounds-checked. Since some of this data is controllable by the user, this can result in an out-of-bounds read within the xrdp executable. The vulnerability allows an out-of-bounds read within a potentially privileged process. On...

6.5CVSS6.5AI score0.0063EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2023/09/23 12:0 a.m.•22 views

Mailpit affected by vulnerability in included go markdown module

Mailpit author reports: Update Go modules to address CVE-2023-42821 go markdown module DoS...

7.5CVSS7AI score0.01042EPSS
Exploits1
FreeBSD
FreeBSD
•added 2023/09/22 12:0 a.m.•29 views

11/libX11 multiple vulnerabilities

The X.Org project reports: CVE-2023-43785: out-of-bounds memory access in XkbReadKeySyms When libX11 is processing the reply from the X server to the XkbGetMap request, if it detected the number of symbols in the new map was less than the size of the buffer it had allocated, it always added room...

7.8CVSS7.4AI score0.00633EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2023/09/22 12:0 a.m.•57 views

x11/libXpm multiple vulnerabilities

The X.Org project reports: CVE-2023-43788: Out of bounds read in XpmCreateXpmImageFromBuffer An out-of-bounds read is located in ParseComment when reading from a memory buffer instead of a file, as it continued to look for the closing comment marker past the end of the buffer. CVE-2023-43789: Out...

5.5CVSS7AI score0.00365EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/09/20 12:0 a.m.•69 views

jenkins -- multiple vulnerabilities

Jenkins Security Advisory: Description Medium SECURITY-3261 / CVE-2023-43494 Builds can be filtered by values of sensitive build variables High SECURITY-3245 / CVE-2023-43495 Stored XSS vulnerability High SECURITY-3072 / CVE-2023-43496 Temporary plugin file created with insecure permissions Low...

8.8CVSS6.4AI score0.03388EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/09/18 12:0 a.m.•26 views

Gitlab -- vulnerability

Gitlab reports: Attacker can abuse scan execution policies to run pipelines as another user...

6.8AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2023/09/16 12:0 a.m.•24 views

vorbistools -- heap buffer overflow in oggenc

Frank-Z7 reports: Heap buffer overflow when vorbis-tools/oggenc converts WAV files to Ogg files...

7.8CVSS7.4AI score0.00448EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2023/09/15 12:0 a.m.•13 views

Roundcube -- XSS vulnerability

The Roundcube webmail project reports: cross-site scripting XSS vulnerability in handling of linkrefs in plain text messages...

6.3AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2023/09/13 12:0 a.m.•27 views

routinator -- Possible path traversal when storing RRDP responses

[email protected] reports: NLnet Labs Routinator 0.9.0 up to and including 0.12.1 contains a possible path traversal vulnerability in the optional, off-by-default keep-rrdp-responses feature that allows users to store the content of responses received for RRDP requests. The location of these store...

9.3CVSS6.8AI score0.00549EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/09/13 12:0 a.m.•43 views

curl -- HTTP headers eat all memory

selmelc on hackerone reports: When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large headers it would accept in a response, allowing a malicious server to stre...

7.5CVSS6.9AI score0.62246EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2023/09/13 12:0 a.m.•49 views

electron{24,25} -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2023-4763. Security: backported fix for CVE-2023-4762. Security: backported fix for CVE-2023-4761. Security: backported fix for CVE-2023-4863...

8.8CVSS7AI score0.99735EPSS
Exploits11References4
FreeBSD
FreeBSD
•added 2023/09/13 12:0 a.m.•47 views

electron22 -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2023-4572. Security: backported fix for CVE-2023-4762. Security: backported fix for CVE-2023-4863...

8.8CVSS7AI score0.99735EPSS
Exploits11References3
FreeBSD
FreeBSD
•added 2023/09/12 12:0 a.m.•40 views

graphics/webp heap buffer overflow

Google Chrome reports: Heap buffer overflow in WebP ... allowed a remote attacker to perform an out of bounds memory write...

8.8CVSS8.8AI score0.99735EPSS
Exploits9References1
FreeBSD
FreeBSD
•added 2023/09/12 12:0 a.m.•32 views

vscode -- VS Code Remote Code Execution Vulnerability

VSCode developers report: Visual Studio Code Remote Code Execution Vulnerability A remote code execution vulnerability exists in VS Code 1.82.0 and earlier versions that working in a maliciously crafted package.json can result in executing commands locally. This scenario would require the attacke...

7.8CVSS7.7AI score0.01206EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2023/09/12 12:0 a.m.•8 views

zeek -- potential DoS vulnerabilities

Tim Wojtulewicz of Corelight reports: File extraction limits were not correctly enforced for files containing large amounts of missing bytes. Sessions are sometimes not cleaned up completely within Zeek during shutdown, potentially causing a crash when using the -B dpd flag for debug logging. A...

7.4AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2023/09/12 12:0 a.m.•48 views

libwebp heap buffer overflow

[email protected] reports: Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical The Tor browser is based on Firefox and GeckoView and uses al...

8.8CVSS8.5AI score0.99735EPSS
Exploits9References1
FreeBSD
FreeBSD
•added 2023/09/12 12:0 a.m.•80 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This update includes 16 security fixes: 1479274 Critical CVE-2023-4863: Heap buffer overflow in WebP. Reported by Apple Security Engineering and Architecture SEAR and The Citizen Lab at The University of Torontoʼs Munk School on 2023-09-06 1430867 Medium CVE-2023-4900:...

8.8CVSS7.4AI score0.99735EPSS
Exploits9References1
FreeBSD
FreeBSD
•added 2023/09/06 12:0 a.m.•28 views

FreeBSD -- Wi-Fi encryption bypass

Problem Description: The net80211 subsystem would fallback to the multicast key for unicast traffic in the event the unicast key was removed. This would result in buffered unicast traffic being exposed to any stations with access to the multicast key. Impact: As described in the "Framing Frames:...

7.5CVSS7AI score0.00897EPSS
Exploits1
FreeBSD
FreeBSD
•added 2023/09/06 12:0 a.m.•40 views

go -- multiple vulnerabilities

The Go project reports: cmd/go: go.mod toolchain directive allows arbitrary execution The go.mod toolchain directive, introduced in Go 1.21, could be leveraged to execute scripts and binaries relative to the root of the module when the "go" command was executed within the module. This applies to...

9.8CVSS6.9AI score0.01424EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/09/06 12:0 a.m.•24 views

FreeBSD -- pf incorrectly handles multiple IPv6 fragment headers

Problem Description: With a 'scrub fragment reassemble' rule, a packet containing multiple IPv6 fragment headers would be reassembled, and then immediately processed. That is, a packet with multiple fragment extension headers would not be recognized as the correct ultimate payload. Instead a pack...

7.5CVSS7.3AI score0.0068EPSS
Exploits0
FreeBSD
FreeBSD
•added 2023/09/06 12:0 a.m.•27 views

redis -- Possible bypassing ACL configuration

yangbodong22011 reports: Redis does not correctly identify keys accessed by SORTRO and, as a result, may grant users executing this command access to keys that are not explicitly authorized by the ACL configuration...

3.3CVSS6.9AI score0.0034EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/09/05 12:0 a.m.•40 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This update includes 4 security fixes: 1476403 High CVE-2023-4761: Out of bounds memory access in FedCM. Reported by DarkNavy on 2023-08-28 1473247 High CVE-2023-4762: Type Confusion in V8. Reported by Rong Jian of VRI on 2023-08-16 1469928 High CVE-2023-4763: Use after...

8.8CVSS7.4AI score0.37987EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2023/09/01 12:0 a.m.•29 views

mediawiki -- multiple vulnerabilities

Mediawikwi reports: T264765, CVE-2023-PENDING SECURITY: Users without correct permission are incorrectly shown MediaWiki:Missing-revision-permission. T333050, CVE-2023-PENDING SECURITY: Fix infinite loop for self-redirects with variants conversion. T340217, CVE-2023-PENDING SECURITY: Vector 2022:...

9CVSS6.2AI score0.01151EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2023/09/01 12:0 a.m.•30 views

Django -- multiple vulnerabilities

Django reports: CVE-2023-41164: Potential denial of service vulnerability in django.utils.encoding.uritoiri...

7.5CVSS6.6AI score0.01284EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/08/31 12:0 a.m.•44 views

Gitlab -- Vulnerabilities

Gitlab reports: Privilege escalation of "external user" to internal access through group service account Maintainer can leak sentry token by changing the configured URL fix bypass Google Cloud Logging private key showed in plain text in GitLab UI leaking to other group owners Information disclosu...

7.5CVSS6.3AI score0.00703EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/08/30 12:0 a.m.•33 views

electron24 -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2023-4427. Security: backported fix for CVE-2023-4428. Security: backported fix for CVE-2023-4430. Security: backported fix for CVE-2023-4572...

8.8CVSS8.4AI score0.3398EPSS
Exploits0References4
FreeBSD
FreeBSD
•added 2023/08/30 12:0 a.m.•9 views

gitea -- missing permission checks

The Gitea team reports: Fix missing check Do some missing checks By crafting an API request, attackers can access the contents of issues even though the logged-in user does not have access rights to these issues...

7.3AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2023/08/30 12:0 a.m.•29 views

electron22 -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2023-4427. Security: backported fix for CVE-2023-4428...

8.1CVSS8.7AI score0.3398EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2023/08/30 12:0 a.m.•32 views

electron25 -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2023-4427. Security: backported fix for CVE-2023-4428. Security: backported fix for CVE-2023-4429. Security: backported fix for CVE-2023-4430. Security: backported fix for CVE-2023-4572...

8.8CVSS8.4AI score0.3398EPSS
Exploits0References5
FreeBSD
FreeBSD
•added 2023/08/30 12:0 a.m.•26 views

xrdp -- Improper handling of session establishment errors allows bypassing OS-level session restrictions

xrdp team reports: In versions prior to 0.9.23 improper handling of session establishment errors allows bypassing OS-level session restrictions. The authstartsession function can return non-zero 1 value on, e.g., PAM error which may result in session restrictions such as max concurrent sessions p...

6.5CVSS7AI score0.00728EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2023/08/30 12:0 a.m.•12 views

gitea -- block user account creation from blocked email domains

The Gitea team reports: check blocklist for emails when adding them to account...

7.1AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2023/08/29 12:0 a.m.•46 views

openvpn -- 2.6.0...2.6.6 --fragment option division by zero crash, and TLS data leak

The OpenVPN community project team reports: CVE-2023-46849 OpenVPN versions between 2.6.0 and 2.6.6 incorrectly restore "--fragment" configuration in some circumstances, leading to a division by zero when "--fragment" is used. On platforms where division by zero is fatal, this will cause an OpenV...

9.8CVSS6.7AI score0.01982EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/08/29 12:0 a.m.•42 views

chromium -- use after free in MediaStream

Chrome Releases reports: This update includes 1 security fix: 1472492 High CVE-2023-4572: Use after free in MediaStream. Reported by fwnfwn@fwnfwn on 2023-08-12...

9.8CVSS7.4AI score0.0088EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/08/23 12:0 a.m.•36 views

electron{22,24} -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2023-4355. Security: backported fix for CVE-2023-4354. Security: backported fix for CVE-2023-4353. Security: backported fix for CVE-2023-4352. Security: backported fix for CVE-2023-4351...

8.8CVSS8.7AI score0.26819EPSS
Exploits2References5
FreeBSD
FreeBSD
•added 2023/08/23 12:0 a.m.•59 views

electron25 -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2023-4071. Security: backported fix for CVE-2023-4070. Security: backported fix for CVE-2023-4075. Security: backported fix for CVE-2023-4076. Security: backported fix for CVE-2023-4074...

8.8CVSS8.7AI score0.26819EPSS
Exploits0References12
FreeBSD
FreeBSD
•added 2023/08/22 12:0 a.m.•17 views

hwloc2 -- Denial of service or other unspecified impacts

[email protected] reports: An issue was discovered in open-mpi hwloc 2.1.0 allows attackers to cause a denial of service or other unspecified impacts via glibc-cpuset in topology-linux.c...

4.7CVSS6.9AI score0.00286EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2023/08/22 12:0 a.m.•34 views

chromium -- multiple vulnerabilities

Chrome Releases reports: This update includes 5 security fixes: 1469542 High CVE-2023-4430: Use after free in Vulkan. Reported by Cassidy Kim@cassidy6564 on 2023-08-02 1469754 High CVE-2023-4429: Use after free in Loader. Reported by Anonymous on 2023-08-03 1470477 High CVE-2023-4428: Out of boun...

8.8CVSS7.3AI score0.3398EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/08/22 12:0 a.m.•31 views

Python -- multiple vulnerabilities

Python reports: gh-108310: Fixed an issue where instances of ssl.SSLSocket were vulnerable to a bypass of the TLS handshake and included protections like certificate verification and treating sent unencrypted data as if it were post-handshake TLS encrypted data...

5.3CVSS7AI score0.0079EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/08/17 12:0 a.m.•5 views

www/varnish-libvmod-digest -- base64 decoding vulnerability

varnish developers report: Common usage of vmod-digest is for basic HTTP authentication, in which case it may be possible for an attacker to circumvent the authentication check. If the decoded result string is somehow being made visible to the attacker for example the result of the decoding is...

6.5CVSS6.5AI score0.0049EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2023/08/15 12:0 a.m.•30 views

clamav -- Possible denial of service vulnerability in the AutoIt file parser

The ClamAV project reports: There is a possible denial of service vulnerability in the AutoIt file parser...

7.5CVSS6.8AI score0.02599EPSS
Exploits0References1
Total number of security vulnerabilities6580