Lucene search
K
FreebsdRecent

6583 matches found

FreeBSD
FreeBSD
•added 2019/08/13 12:0 a.m.•81 views

traefik -- Denial of service in HTTP/2

The traefik project reports: Update of dependency to go go1.12.8 resolves potential HTTP/2 denial of service in traefik...

2.5AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2019/08/12 12:0 a.m.•31 views

Gitlab -- Multiple Vulnerabilities

Gitlab reports: Insecure Authentication Methods Disabled for Grafana By Default Multiple Command-Line Flag Injection Vulnerabilities Insecure Cookie Handling on GitLab Pages...

9.8CVSS1.6AI score0.01996EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2019/08/11 12:0 a.m.•31 views

Nokogiri -- injection vulnerability

Nokogiri GitHub release: A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess by Ruby's Kernel.open method. Processes are vulnerable only if the undocumented method Nokogiri::CSS::Tokenizerloadfile is being passed untrusted user input...

9.8CVSS2.9AI score0.05899EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2019/08/08 12:0 a.m.•64 views

PostgresSQL -- TYPE in pg_temp execute arbitrary SQL during `SECURITY DEFINER` execution

The PostgreSQL project reports: Versions Affected: 9.4 - 11 Given a suitable SECURITY DEFINER function, an attacker can execute arbitrary SQL under the identity of the function owner. An attack requires EXECUTE permission on the function, which must itself contain a function call having inexact...

6CVSS1.8AI score0.03184EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/08/07 12:0 a.m.•36 views

asterisk -- Remote Crash Vulnerability in audio transcoding

The Asterisk project reports: When audio frames are given to the audio transcoding support in Asterisk the number of samples are examined and as part of this a message is output to indicate that no samples are present. A change was done to suppress this message for a particular scenario in which...

7.5CVSS0.9AI score0.21924EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/08/07 12:0 a.m.•24 views

KDE Frameworks -- malicious .desktop files execute code

The KDE Community has released a security announcement: The syntax Key$e=$shell command in .desktop files, .directory files, and configuration files typically found in /.config was an intentional feature of KConfig, to allow flexible configuration. This could however be abused by malicious people...

7.8CVSS1.7AI score0.04069EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2019/08/06 12:0 a.m.•17 views

FreeBSD -- Insufficient validation of guest-supplied data (e1000 device)

Problem Description: The e1000 network adapters permit a variety of modifications to an Ethernet packet when it is being transmitted. These include the insertion of IP and TCP checksums, insertion of an Ethernet VLAN header, and TCP segmentation offload "TSO". The e1000 device model uses an...

7.5CVSS2AI score0.01293EPSS
Exploits0
FreeBSD
FreeBSD
•added 2019/08/06 12:0 a.m.•23 views

FreeBSD -- Insufficient message length validation in bsnmp library

Problem Description: A function extracting the length from type-length-value encoding is not properly validating the submitted length. Impact: A remote user could cause, for example, an out-of-bounds read, decoding of unrelated data, or trigger a crash of the software such as bsnmpd resulting in ...

7.5CVSS2.2AI score0.03806EPSS
Exploits0
FreeBSD
FreeBSD
•added 2019/08/06 12:0 a.m.•34 views

FreeBSD -- ICMPv6 / MLDv2 out-of-bounds memory access

Problem Description: The ICMPv6 input path incorrectly handles cases where an MLDv2 listener query packet is internally fragmented across multiple mbufs. Impact: A remote attacker may be able to cause an out-of-bounds read or write that may cause the kernel to attempt to access an unmapped page a...

9.8CVSS1.9AI score0.02128EPSS
Exploits0
FreeBSD
FreeBSD
•added 2019/08/06 12:0 a.m.•36 views

FreeBSD -- Multiple vulnerabilities in bzip2

Problem Description: The decompressor used in bzip2 contains a bug which can lead to an out-of-bounds write when processing a specially crafted bzip21 file. bzip2recover contains a heap use-after-free bug which can be triggered when processing a specially crafted bzip21 file. Impact: An attacker...

1.6AI score
Exploits0
FreeBSD
FreeBSD
•added 2019/08/06 12:0 a.m.•30 views

mongodb -- Bump Windows package dependencies

Rich Mirch reports: An unprivileged user or program on Microsoft Windows which can create OpenSSL configuration files in a fixed location may cause utility programs shipped with MongoDB server versions less than 4.0.11, 3.6.14, and 3.4.22 to run attacker defined code as the user running the utili...

8.2CVSS4.7AI score0.01011EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/08/06 12:0 a.m.•30 views

mongodb -- Our init scripts check /proc/[pid]/stat should validate that `(${procname})` is the process' command name.

Sicheng Liu of Beijing DBSEC Technology Co., Ltd reports: Incorrect scoping of kill operations in MongoDB Server's packaged SysV init scripts allow users with write access to the PID file to insert arbitrary PIDs to be killed when the root user stops the MongoDB process via SysV init...

5.3CVSS1.4AI score0.00305EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/08/06 12:0 a.m.•26 views

mongodb -- Attach IDs to users

Mitch Wasson of Cisco's Advanced Malware Protection Group reports: After user deletion in MongoDB Server the improper invalidation of authorization sessions allows an authenticated user's session to persist and become conflated with new accounts, if those accounts reuse the names of deleted ones...

7.1CVSS4.1AI score0.01225EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2019/08/05 12:0 a.m.•32 views

glpi -- Account takeover vulnerability

MITRE Corporation reports: GLPI through 9.4.3 is prone to account takeover by abusing the ajax/autocompletion.php autocompletion feature. The lack of correct validation leads to recovery of the token generated via the password reset functionality, and thus an authenticated attacker can set an...

8.8CVSS1.8AI score0.02234EPSS
Exploits1References3
FreeBSD
FreeBSD
•added 2019/08/05 12:0 a.m.•37 views

asterisk -- Crash when negotiating for T.38 with a declined stream

The Asterisk project reports: When Asterisk sends a re-invite initiating T.38 faxing, and the endpoint responds with a declined media stream a crash will then occur in Asterisk...

6.5CVSS2.4AI score0.0348EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/08/03 12:0 a.m.•24 views

doas -- Prevent passing of environment variables

Jesse Smith upstream author of the doas program reported: Previous versions of "doas" transferred most environment variables, such as USER, HOME, and PATH from the original user to the target user. Passing these variables could cause files in the wrong path or home directory to be read or written...

1AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2019/08/01 12:0 a.m.•38 views

Django -- multiple vulnerabilities

Django release notes: CVE-2019-14232: Denial-of-service possibility in django.utils.text.Truncator If django.utils.text.Truncator's chars and words methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a...

9.8CVSS0.6AI score0.47694EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2019/07/31 12:0 a.m.•65 views

gitea -- multiple vulnerabilities

The Gitea Team reports: This version of Gitea contains security fixes that could not be backported to 1.8. For this reason, we strongly recommend updating...

3.7AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2019/07/31 12:0 a.m.•24 views

gitea -- multiple vulnerabilities

The Gitea Team reports: This release contains two security fixes, so we highly recommend updating...

1.2AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2019/07/29 12:0 a.m.•55 views

Gitlab -- Multiple Vulnerabilities

Gitlab reports: GitHub Integration SSRF Trigger Token Impersonation Build Status Disclosure SSRF Mitigation Bypass Information Disclosure New Issue ID IDOR Label Name Enumeration Persistent XSS Wiki Pages User Revokation Bypass with Mattermost Integration Arbitrary File Upload via Import Project...

3.6AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2019/07/28 12:0 a.m.•33 views

nsd -- Stack-based Buffer Overflow

Frederic Cambus reports: nsd-checkzone in NLnet Labs NSD 4.2.0 has a Stack-based Buffer Overflow in the dnameconcatenate function in dname.c...

9.8CVSS9.3AI score0.02026EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2019/07/26 12:0 a.m.•13 views

mcpp -- Heap-based buffer overflow

[email protected] reports: MCPP 2.7.2 has a heap-based buffer overflow in the domsg function in support.c...

5.5CVSS7.4AI score0.01569EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2019/07/26 12:0 a.m.•20 views

py-matrix-synapse -- multiple vulnerabilities

Matrix developers report: The matrix team releases Synapse 1.2.1 as a critical security update. It contains patches relating to redactions and event federation: Prevent an attack where a federated server could send redactions for arbitrary events in v1 and v2 rooms. Prevent a denial-of-service...

3.1AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2019/07/24 12:0 a.m.•25 views

FreeBSD -- Bhyve out-of-bounds read in XHCI device

Problem Description: The pcixhcidevicedoorbell function does not validate the 'epid' and 'streamid' provided by the guest, leading to an out-of-bounds read. Impact: A misbehaving bhyve guest could crash the system or access memory that it should not be able to...

9.6CVSS1.9AI score0.03094EPSS
Exploits0
FreeBSD
FreeBSD
•added 2019/07/24 12:0 a.m.•26 views

FreeBSD -- File description reference count leak

Problem Description: If a process attempts to transmit rights over a UNIX-domain socket and an error causes the attempt to fail, references acquired on the rights are not released and are leaked. This bug can be used to cause the reference counter to wrap around and free the corresponding file...

7.8CVSS0.8AI score0.00536EPSS
Exploits0
FreeBSD
FreeBSD
•added 2019/07/24 12:0 a.m.•23 views

FreeBSD -- Kernel memory disclosure in freebsd32_ioctl

Problem Description: Due to insufficient initialization of memory copied to userland in the components listed above small amounts of kernel memory may be disclosed to userland processes. Impact: A user who can invoke 32-bit FreeBSD ioctls may be able to read the contents of small portions of kern...

6.8CVSS0.6AI score0.02327EPSS
Exploits0
FreeBSD
FreeBSD
•added 2019/07/24 12:0 a.m.•22 views

FreeBSD -- Reference count overflow in mqueue filesystem

Problem Description: System calls operating on file descriptors obtain a reference to relevant struct file which due to a programming error was not always put back, which in turn could be used to overflow the counter of affected struct file. Impact: A local user can use this flaw to obtain access...

7.8CVSS1.9AI score0.00623EPSS
Exploits0
FreeBSD
FreeBSD
•added 2019/07/24 12:0 a.m.•30 views

FreeBSD -- pts(4) write-after-free

Problem Description: The code which handles a close2 of a descriptor created by posixopenpt2 fails to undo the configuration which causes SIGIO to be raised. This bug can lead to a write-after-free of kernel memory. Impact: The bug permits malicious code to trigger a write-after-free, which may b...

7.8CVSS0.7AI score0.00591EPSS
Exploits0
FreeBSD
FreeBSD
•added 2019/07/24 12:0 a.m.•41 views

FreeBSD -- telnet(1) client multiple vulnerabilities

Problem Description: Insufficient validation of environment variables in the telnet client supplied in FreeBSD can lead to stack-based buffer overflows. A stack- based overflow is present in the handling of environment variables when connecting via the telnet client to remote telnet servers. This...

7.8CVSS2.8AI score0.00587EPSS
Exploits2
FreeBSD
FreeBSD
•added 2019/07/23 12:0 a.m.•32 views

xymon-server -- multiple vulnerabilities

Japheth Cleaver reports: Several buffer overflows were reported by University of Cambridge Computer Security Incident Response Team...

9.8CVSS3.8AI score0.02425EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2019/07/19 12:0 a.m.•23 views

pango -- buffer overflow

Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pangolog2visgetembeddinglevels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when...

9.8CVSS4.3AI score0.06274EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2019/07/18 12:0 a.m.•46 views

Exim -- RCE in ${sort} expansion

Exim team report: A local or remote attacker can execute programs with root privileges - if you've an unusual configuration. If your configuration uses the $sort expansion for items that can be controlled by an attacker e.g. $localpart, $domain. The default config, as shipped by the Exim...

10CVSS3.1AI score0.08622EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/07/17 12:0 a.m.•200 views

jenkins -- multiple vulnerabilities

Jenkins Security Advisory: Description Medium SECURITY-1424 / CVE-2019-10352 Arbitrary file write vulnerability using file parameter definitions High SECURITY-626 / CVE-2019-10353 CSRF protection tokens did not expire Medium SECURITY-534 / CVE-2019-10354 Unauthorized view fragment access...

7.5CVSS1.3AI score0.10225EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2019/07/17 12:0 a.m.•16 views

drupal -- Drupal core - Access bypass

Drupal Security Team reports: In Drupal 8.7.4, when the experimental Workspaces module is enabled, an access bypass condition is created. This can be mitigated by disabling the Workspaces module. It does not affect any release other than Drupal 8.7.4...

2.3AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2019/07/16 12:0 a.m.•56 views

MySQL -- Multiple vulerabilities

Oracle reports: This Critical Patch Update contains 45 new security fixes for Oracle MySQL. 4 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials...

9.8CVSS3.1AI score0.12771EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2019/07/14 12:0 a.m.•30 views

vlc -- multiple vulnerabilities

The VLC project reports: Security: Fix a buffer overflow in the MKV demuxer CVE-2019-14970 Fix a read buffer overflow in the avcodec decoder CVE-2019-13962 Fix a read buffer overflow in the FAAD decoder Fix a read buffer overflow in the OGG demuxer CVE-2019-14437, CVE-2019-14438 Fix a read buffer...

9.8CVSS3.2AI score0.036EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2019/07/14 12:0 a.m.•21 views

PuTTY 0.72 -- buffer overflow in SSH-1 and integer overflow in SSH client

Simon Tatham reports: Vulnerabilities fixed in this release include: A malicious SSH-1 server could trigger a buffer overrun by sending extremely short RSA keys, or certain bad packet length fields. Either of these could happen before host key verification, so even if you trust the server you...

2AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2019/07/09 12:0 a.m.•261 views

mozilla -- multiple vulnerabilities

Mozilla Foundation reports: CVE-2019-9811: Sandbox escape via installation of malicious language pack CVE-2019-11711: Script injection within domain through inner window reuse CVE-2019-11712: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects CVE-2019-11713:...

9.8CVSS9.2AI score0.20271EPSS
Exploits4References2
FreeBSD
FreeBSD
•added 2019/07/03 12:0 a.m.•38 views

oniguruma -- multiple vulnerabilities

A use-after-free in onignewdeluxe in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte...

9.8CVSS4.9AI score0.04047EPSS
Exploits0References4
FreeBSD
FreeBSD
•added 2019/07/03 12:0 a.m.•12 views

GnuPG -- denial of service

From the GnuPG 2.2.17 changelog: gpg: Ignore all key-signatures received from keyservers. This change is required to mitigate a DoS due to keys flooded with faked key-signatures...

3.9AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2019/07/03 12:0 a.m.•152 views

Gitlab -- Multiple Vulnerabilities

Gitlab reports: Ability to Write a Note to a Private Snippet Recent Pipeline Information Disclosed to Unauthorised Users Resource Exhaustion Attack Error Caused by Encoded Characters in Comments Authorization Issues in GraphQL Number of Merge Requests was Accessible Enabling One of the Service...

7.5CVSS2AI score0.01403EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/07/02 12:0 a.m.•27 views

FreeBSD -- Privilege escalation in cd(4) driver

Problem Description: To implement one particular ioctl, the Linux emulation code used a special interface present in the cd4 driver which allows it to copy subchannel information directly to a kernel address. This interface was erroneously made accessible to userland, allowing users with read...

9CVSS4.2AI score0.0409EPSS
Exploits0
FreeBSD
FreeBSD
•added 2019/07/02 12:0 a.m.•27 views

FreeBSD -- Kernel stack disclosure in UFS/FFS

Problem Description: A bug causes up to three bytes of kernel stack memory to be written to disk as uninitialized directory entry padding. This data can be viewed by any user with read access to the directory. Additionally, a malicious user with write access to a directory can cause up to 254 byt...

6.5CVSS1.9AI score0.01567EPSS
Exploits0
FreeBSD
FreeBSD
•added 2019/07/02 12:0 a.m.•29 views

SDL2_image -- multiple vulnerabilities

SDLimage developers report: Fixed a number of security issues: TALOS-2019-0820 TALOS-2019-0821 TALOS-2019-0841 TALOS-2019-0842 TALOS-2019-0843 TALOS-2019-0844...

8.8CVSS3.3AI score0.04515EPSS
Exploits3References6
FreeBSD
FreeBSD
•added 2019/07/02 12:0 a.m.•20 views

FreeBSD -- iconv buffer overflow

Problem Description: With certain inputs, iconv may write beyond the end of the output buffer. Impact: Depending on the way in which iconv is used, an attacker may be able to create a denial of service, provoke incorrect program behavior, or induce a remote code execution. iconv is a libc library...

9.8CVSS2.2AI score0.04861EPSS
Exploits0
FreeBSD
FreeBSD
•added 2019/07/01 12:0 a.m.•22 views

ettercap -- out-of-bound read vulnerability

Ettercap GitHub issue: Etterfilter results in an invalid read of 8 bytes when parsing a crafted file...

5.5CVSS2.7AI score0.01972EPSS
Exploits2References2
FreeBSD
FreeBSD
•added 2019/07/01 12:0 a.m.•91 views

Django -- Incorrect HTTP detection with reverse-proxy connecting via HTTPS

Django security releases issued: When deployed behind a reverse-proxy connecting to Django via HTTPS, django.http.HttpRequest.scheme would incorrectly detect client requests made via HTTP as using HTTPS. This entails incorrect results for issecure, and buildabsoluteuri, and that HTTP requests wou...

5.3CVSS0.8AI score0.01697EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/06/29 12:0 a.m.•47 views

irssi -- Use after free when sending SASL login to the server

Irssi reports: Use after free when sending SASL login to the server found by ilbelkyr. CWE-416, CWE-825...

8.1CVSS2.1AI score0.03333EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/06/28 12:0 a.m.•32 views

asterisk -- Remote Crash Vulnerability in chan_sip channel driver

The Asterisk project reports: When T.38 faxing is done in Asterisk a T.38 reinvite may be sent to an endpoint to switch it to T.38. If the endpoint responds with an improperly formatted SDP answer including both a T.38 UDPTL stream and an audio or video stream containing only codecs not allowed o...

5.3CVSS1.5AI score0.04031EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/06/28 12:0 a.m.•48 views

TYPO3 -- multiple vulnerabilities

TYPO3 news: Please read the corresponding Security Advisories for details...

8.8CVSS1.7AI score0.02302EPSS
Exploits1References3
Total number of security vulnerabilities6583