Lucene search
K
FreebsdRecent

6583 matches found

FreeBSD
FreeBSD
•added 2019/06/27 12:0 a.m.•33 views

libzmq4 -- Stack overflow

Fang-Pen Lin reports: A remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due to a buffer overflow in the library. Users running...

9.8CVSS4.1AI score0.42464EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2019/06/23 12:0 a.m.•26 views

bzip2 -- multiple issues

bzip2 developers reports: CVE-2016-3189 - Fix use-after-free in bzip2recover Jakub Martisko CVE-2019-12900 - Detect out-of-range nSelectors in corrupted files Albert Astals Cid. Found through fuzzing karchive...

9.8CVSS1.9AI score0.15685EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2019/06/22 12:0 a.m.•25 views

bro -- Null pointer dereference and Signed integer overflow

Jon Siwek of Corelight reports: This is a security patch release to address potential Denial of Service vulnerabilities: Null pointer dereference in the RPC analysis code. RPC analyzers e.g. MOUNT or NFS are not enabled in the default configuration. Signed integer overflow in BinPAC-generated...

1.8AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2019/06/21 12:0 a.m.•35 views

powerdns -- multiple vulnerabilities

PowerDNS Team reports: CVE-2019-10162: An issue has been found in PowerDNS Authoritative Server allowing an authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. The issue is due to the fact that the Authoritative Server will exit whe...

7.5CVSS2.6AI score0.01691EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/06/20 12:0 a.m.•52 views

Mozilla -- multiple vulnerabilities

Mozilla Foundation reports: CVE-2019-11708: sandbox escape using Prompt:Open Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When...

10CVSS2.6AI score0.55874EPSS
Exploits10References1
FreeBSD
FreeBSD
•added 2019/06/20 12:0 a.m.•41 views

PostgreSQL -- Stack-based buffer overflow via setting a password

The PostgreSQL project reports: An authenticated user could create a stack-based buffer overflow by changing their own password to a purpose-crafted value. In addition to the ability to crash the PostgreSQL server, this could be further exploited to execute arbitrary code as the PostgreSQL...

9CVSS2.4AI score0.03711EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/06/20 12:0 a.m.•53 views

Mozilla -- multiple vulnerabilities

Mozilla Foundation reports: CVE-2019-11707: Type confusion in Array.pop A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. CVE-2019-11708...

10CVSS1.4AI score0.55874EPSS
Exploits14References1
FreeBSD
FreeBSD
•added 2019/06/19 12:0 a.m.•17 views

expat2 -- Fix extraction of namespace prefixes from XML names

expat project reports: XML names with multiple colons could end up in the wrong namespace, and take a high amount of RAM and CPU resources while processing, opening the door to use for denial-of-service attacks...

1.3AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2019/06/19 12:0 a.m.•34 views

FreeBSD -- Resource exhaustion in non-default RACK TCP stack

Problem Description: While processing acknowledgements, the RACK code uses several linked lists to maintain state entries. A malicious attacker can cause the lists to grow unbounded. This can cause an expensive list traversal on every packet being processed, leading to resource exhaustion and a...

7.8CVSS3.9AI score0.05226EPSS
Exploits1
FreeBSD
FreeBSD
•added 2019/06/18 12:0 a.m.•102 views

mozilla -- multiple vulnerabilities

Mozilla Foundation reports: CVE-2019-11707: Type confusion in Array.pop A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw...

8.8CVSS1.9AI score0.37951EPSS
Exploits7References1
FreeBSD
FreeBSD
•added 2019/06/15 12:0 a.m.•152 views

GraphicsMagick -- multiple vulnerabilities

GraphicsMagick News: Read "Security Fixes:" section for details...

2.4AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2019/06/13 12:0 a.m.•32 views

asterisk -- Remote crash vulnerability with MESSAGE messages

The Asterisk project reports: A specially crafted SIP in-dialog MESSAGE message can cause Asterisk to crash...

6.5CVSS2.6AI score0.04235EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/06/13 12:0 a.m.•19 views

znc -- privilege escalation

Mitre reports: Modules.cpp in ZNC before 1.7.4-rc1 allows remote authenticated non-admin users to escalate privileges and execute arbitrary code by loading a module with a crafted name...

8.8CVSS6.3AI score0.04127EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/06/13 12:0 a.m.•28 views

Mozilla -- multiple vulnerabilities

Mozilla Foundation reports: CVE-2019-11703: Heap buffer overflow in icalparser.c A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parsergetnextchar when processing certain email messages, resulting in a potentially exploitable crash. CVE-2019-11704: Heap buffer...

9.8CVSS2.1AI score0.10527EPSS
Exploits14References1
FreeBSD
FreeBSD
•added 2019/06/11 12:0 a.m.•114 views

Flash Player -- arbitrary code execution

Adobe reports: This update resolves a use-after-free vulnerability that could lead to arbitrary code execution CVE-2019-7845...

8.8CVSS3.1AI score0.05504EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/06/10 12:0 a.m.•19 views

mybb -- vulnerabilities

mybb Team reports: High risk: Theme import stylesheet name RCE High risk: Nested video MyCode persistent XSS Medium risk: Find Orphaned Attachments reflected XSS Medium risk: Post edit reflected XSS Medium risk: Private Messaging folders SQL injection Low risk: Potential phar deserialization...

1.9AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2019/06/04 12:0 a.m.•55 views

phpMyAdmin -- CSRF vulnerability in login form

The phpMyAdmin development team reports: Summary CSRF vulnerability in login form Description A vulnerability was found that allows an attacker to trigger a CSRF attack against a phpMyAdmin user. The attacker can trick the user, for instance through a broken tag pointing at the victim's phpMyAdmi...

6.5CVSS7AI score0.19184EPSS
Exploits4References1
FreeBSD
FreeBSD
•added 2019/06/03 12:0 a.m.•118 views

Gitlab -- Multiple Vulnerabilities

Gitlab reports: Remote Command Execution Vulnerability on Repository Download Feature Confidential Issue Titles Revealed to Restricted Users on Unsubscribe Disclosure of Milestone Metadata through the Search API Private Project Discovery via Comment Links Metadata of Confidential Issues Disclosed...

9.8CVSS2.2AI score0.02644EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/06/03 12:0 a.m.•65 views

Django -- AdminURLFieldWidget XSS

Django security releases issued: The clickable "Current URL" link generated by AdminURLFieldWidget displayed the provided value without validating it as a safe URL. Thus, an unvalidated value stored in the database, or a value provided as a URL query parameter payload, could result in an clickabl...

1.1AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2019/05/30 12:0 a.m.•21 views

ntp -- Multiple vulnerabilities

nwtime.org reports: Three ntp vulnerabilities, Depending on configuration, may have little impact up to termination of the ntpd process. NTP Bug 3610: Processcontrol should exit earlier on short packets. On systems that override the default and enable ntpdc mode 7 fuzz testing detected that a sho...

0.3AI score
Exploits0
FreeBSD
FreeBSD
•added 2019/05/29 12:0 a.m.•31 views

bro -- Unsafe integer conversions can cause unintentional code paths to be executed

Jon Siwek of Corelight reports: The following Denial of Service vulnerabilities are addressed: Integer type mismatches in BinPAC-generated parser code and Bro analyzer code may allow for crafted packet data to cause unintentional code paths in the analysis logic to be taken due to unsafe integer...

7.5CVSS6.8AI score0.01411EPSS
Exploits1
FreeBSD
FreeBSD
•added 2019/05/27 12:0 a.m.•75 views

Exim -- RCE in deliver_message() function

Exim team and Qualys report: We received a report of a possible remote exploit. Currently there is no evidence of an active use of this exploit. A patch exists already, is being tested, and backported to all versions we released since and including 4.87. The severity depends on your configuration...

10CVSS2.3AI score0.99961EPSS
Exploits27References1
FreeBSD
FreeBSD
•added 2019/05/22 12:0 a.m.•45 views

Vim/NeoVim -- Security vulnerability

Security releases for Vim/NeoVim: Sandbox escape allows for arbitrary code execution...

9.3CVSS3.2AI score0.19111EPSS
Exploits5References1
FreeBSD
FreeBSD
•added 2019/05/22 12:0 a.m.•78 views

curl -- multiple vulnerabilities

curl security problems: CVE-2019-5435: Integer overflows in curlurlset libcurl contains two integer overflows in the curlurlset function that if triggered, can lead to a too small buffer allocation and a subsequent heap buffer overflow. The flaws only exist on 32 bit architectures and require...

7.8CVSS0.7AI score0.49739EPSS
Exploits2References3
FreeBSD
FreeBSD
•added 2019/05/21 12:0 a.m.•50 views

mozilla -- multiple vulnerabilities

Mozilla Foundation reports: CVE-2019-9815: Disable hyperthreading on content JavaScript threads on macOS CVE-2019-9816: Type confusion with object groups and UnboxedObjects CVE-2019-9817: Stealing of cross-domain images using canvas CVE-2019-9818: Use-after-free in crash generation server...

9.8CVSS0.09393EPSS
Exploits6References3
FreeBSD
FreeBSD
•added 2019/05/20 12:0 a.m.•23 views

vlc -- Double free in Matroska demuxer

The VLC project reports: mkv: Fix potential double free...

9.8CVSS2.7AI score0.02392EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2019/05/17 12:0 a.m.•45 views

Payara -- A Polymorphic Typing issue in FasterXML jackson-databind

Payara Releases reports: The following is a list of tracked Common Vulnerabilities and Exposures that have been reported and analyzed, which can or have impacted Payara Server across releases: CVE-2019-12086 A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9...

7.5CVSS2.6AI score0.21949EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2019/05/14 12:0 a.m.•33 views

FreeBSD -- ICMP/ICMP6 packet filter bypass in pf

Problem Description: States in pf4 let ICMP and ICMP6 packets pass if they have a packet in their payload matching an existing condition. pf4 does not check if the outer ICMP or ICMP6 packet has the same destination IP as the source IP of the inner protocol packet. Impact: A maliciously crafted...

7.5CVSS1.2AI score0.03339EPSS
Exploits1
FreeBSD
FreeBSD
•added 2019/05/14 12:0 a.m.•59 views

FreeBSD -- Microarchitectural Data Sampling (MDS)

Problem Description: On some Intel processors utilizing speculative execution a local process may be able to infer stale information from microarchitectural buffers to obtain a memory disclosure. Impact: An attacker may be able to read secret data from the kernel or from a process when executing...

9CVSS3.3AI score0.04335EPSS
Exploits0
FreeBSD
FreeBSD
•added 2019/05/14 12:0 a.m.•35 views

FreeBSD -- IPv6 fragment reassembly panic in pf(4)

Problem Description: A bug in the pf4 IPv6 fragment reassembly logic incorrectly uses the last extension header offset from the last received packet instead of from the first packet. Impact: Malicious IPv6 packets with different IPv6 extensions could cause a kernel panic or potentially a filterin...

9.1CVSS2.7AI score0.03628EPSS
Exploits1
FreeBSD
FreeBSD
•added 2019/05/14 12:0 a.m.•55 views

samba -- multiple vulnerabilities

The samba project reports: The checksum validation in the S4U2Self handler in the embedded Heimdal KDC did not first confirm that the checksum was keyed, allowing replacement of the requested target client principal Authenticated users with write permission can trigger a symlink traversal to writ...

7.5CVSS2.6AI score0.03392EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2019/05/14 12:0 a.m.•55 views

Flash Player -- arbitrary code execution

Adobe reports: This update resolves a use-after-free vulnerability that could lead to arbitrary code execution CVE-2019-7837...

9.3CVSS3.1AI score0.09732EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/05/09 12:0 a.m.•42 views

sqlite3 -- use after free

MITRE reports: An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigg...

8.1CVSS4.3AI score0.06683EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2019/05/09 12:0 a.m.•46 views

PostgreSQL -- Selectivity estimators bypass row security policies

The PostgreSQL project reports: PostgreSQL maintains statistics for tables by sampling data available in columns; this data is consulted during the query planning process. Prior to this release, a user able to execute SQL queries with permissions to read a given column could craft a leaky operato...

4.3CVSS1.2AI score0.01085EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/05/09 12:0 a.m.•30 views

chromium -- use after free

Google Chrome Releases reports: 961413 High CVE-2019-5842: Use-after-free in Blink. Reported by BUGFENSE Anonymous Bug Bounties https://bugfense.io on 2019-05-09...

6.5CVSS7.6AI score0.00744EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/05/09 12:0 a.m.•35 views

Rust -- violation of Rust's safety guarantees

Sean McArthur reports: The Rust Programming Language Standard Library 1.34.x before 1.34.2 contains a stabilized method which, if overridden, can violate Rust's safety guarantees and cause memory unsafety. If the Error::typeid method is overridden then any type can be safely cast to any other typ...

8.1CVSS2.2AI score0.02216EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2019/05/09 12:0 a.m.•55 views

PostgreSQL -- Memory disclosure in partition routing

The PostgreSQL project reports: Prior to this release, a user running PostgreSQL 11 can read arbitrary bytes of server memory by executing a purpose-crafted INSERT statement to a partitioned table...

6.5CVSS2AI score0.01633EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/05/08 12:0 a.m.•36 views

drupal -- Drupal core - Moderately critical

Drupal Security Team reports: CVE-2019-11831: By-passing protection of Phar Stream Wrapper Interceptor. In order to intercept file invocations like fileexists or stat on compromised Phar archives the base name has to be determined and checked before allowing to be handled by PHP Phar stream...

9.8CVSS0.7AI score0.05586EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/05/07 12:0 a.m.•26 views

buildbot -- OAuth Authentication Vulnerability

Buildbot accepted user-submitted authorization token from OAuth and used it to authenticate user. The vulnerability can lead to malicious attackers to authenticate as legitimate users of a Buildbot instance without knowledge of the victim's login credentials on certain scenarios. If an attacker h...

9.8CVSS4.4AI score0.01825EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2019/05/01 12:0 a.m.•26 views

serendipity -- XSS

MITRE: Serendipity before 2.1.5 has XSS via EXIF data that is mishandled in the templates/2k11/admin/mediachoose.tpl Editor Preview feature or the templates/2k11/admin/mediaitems.tpl Media Library feature...

6.1CVSS2.8AI score0.01293EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/04/30 12:0 a.m.•32 views

Gitlab -- Information Disclosure

Gitlab reports: Information Disclosure with Limited Scope Token...

7.5CVSS0.8AI score0.01163EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/04/29 12:0 a.m.•48 views

Gitlab -- Multiple vulnerabilities

Gitlab reports: Moving an Issue to Private Repo Leaks Project Namespace Notification Emails Sent to Restricted Users Unauthorized Comments on Confidential Issues Merge Request Approval Count Inflation Unsanitized Branch Names on New Merge Request Notification Emails Improper Sanitation of...

6.5CVSS3.5AI score0.01322EPSS
Exploits6References1
FreeBSD
FreeBSD
•added 2019/04/23 12:0 a.m.•67 views

mediawiki -- multiple vulnerabilities

Mediawiki reports: Security fixes: T197279, CVE-2019-12468: Directly POSTing to Special:ChangeEmail would allow for bypassing reauthentication, allowing for potential account takeover. T204729, CVE-2019-12473: Passing invalid titles to the API could cause a DoS by querying the entire watchlist...

9.8CVSS1.5AI score0.87218EPSS
Exploits4References1
FreeBSD
FreeBSD
•added 2019/04/21 12:0 a.m.•22 views

gitea -- multiple vulnerabilities

Gitea Team reports: This release contains two new security fixes which cannot be backported to the 1.7.0 branch, so it is recommended to update to this version...

3.6AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2019/04/19 12:0 a.m.•79 views

cyrus-imapd -- buffer overrun in httpd

Cyrus IMAP 3.0.10 Release Notes states: Fixed CVE-2019-11356: buffer overrun in httpd...

9.8CVSS1.2AI score0.07622EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/04/19 12:0 a.m.•27 views

www/varnish7 -- Denial of Service

The Varnish Development Team reports: A denial of service attack can be performed on Varnish Cacher servers that have the HTTP/2 protocol turned on. An attacker can let the servers HTTP/2 connection control flow window run out of credits indefinitely and prevent progress in the processing of...

7.5CVSS6.8AI score0.70595EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2019/04/18 12:0 a.m.•15 views

FreeBSD -- EAP-pwd message reassembly issue with unexpected fragment

Problem Description: EAP-pwd implementation in hostapd EAP server and wpasupplicant EAP peer does not to validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process termination due to NULL pointer dereference. See...

0.4AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2019/04/17 12:0 a.m.•40 views

drupal -- Drupal core - Moderately critical

Drupal Security Team reports: CVE-2019-10909: Escape validation messages in the PHP templating engine. CVE-2019-10910: Check service IDs are valid. CVE-2019-10911: Add a separator in the remember me cookie hash. jQuery 3.4.0 includes a fix for some unintended behavior when using jQuery.extendtrue...

9.8CVSS1.2AI score0.0595EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2019/04/13 12:0 a.m.•38 views

Dovecot -- improper input validation

Aki Tuomi reports: Vulnerability Details: IMAP and ManageSieve protocol parsers do not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes. Risk: This vulnerability allows for out-of-bounds writes to objects stored on the heap up to 8096 byte...

9.8CVSS2.8AI score0.62579EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2019/04/13 12:0 a.m.•14 views

gitea -- remote code execution

The Gitea team reports: Prevent remote code execution vulnerability with mirror repo URL settings...

2.6AI score
Exploits0References1
Total number of security vulnerabilities6583