Lucene search
K
FreebsdRecent

6583 matches found

FreeBSD
FreeBSD
•added 2018/06/13 12:0 a.m.•41 views

botan2 -- ECDSA side channel

botan2 developers report: A side channel in the ECDSA signature operation could allow a local attacker to recover the secret key. Found by Keegan Ryan of NCC Group. Bug introduced in 2.5.0, fixed in 2.7.0. The 1.10 branch is not affected...

5.9CVSS4.1AI score0.00499EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2018/06/12 12:0 a.m.•62 views

OpenSSL -- Client DoS due to large DH parameter

The OpenSSL project reports: During key agreement in a TLS handshake using a DHE based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until...

7.5CVSS0.9AI score0.49268EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/06/12 12:0 a.m.•28 views

node.js -- multiple vulnerabilities

Node.js reports: Denial of Service Vulnerability in HTTP/2 CVE-2018-7161 All versions of 8.x and later are vulnerable and the severity is HIGH. An attacker can cause a denial of service DoS by causing a node server providing an http2 server to crash. This can be accomplished by interacting with t...

7.8CVSS0.7AI score0.10782EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2018/06/11 12:0 a.m.•36 views

asterisk -- PJSIP endpoint presence disclosure when using ACL

The Asterisk project reports: When endpoint specific ACL rules block a SIP request they respond with a 403 forbidden. However, if an endpoint is not identified then a 401 unauthorized response is sent. This vulnerability just discloses which requests hit a defined endpoint. The ACL rules cannot b...

1.5AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2018/06/11 12:0 a.m.•18 views

asterisk -- Infinite loop when reading iostreams

The Asterisk project reports: When connected to Asterisk via TCP/TLS if the client abruptly disconnects, or sends a specially crafted message then Asterisk gets caught in an infinite loop while trying to read the data stream. Thus rendering the system as unusable...

1.8AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2018/06/09 12:0 a.m.•46 views

sinatra -- XSS vulnerability

Sinatra blog: Sinatra had a critical vulnerability since v2.0.0. The purpose of this release is to fix CVE-2018-11627. The vulnerability is that XSS can be executed by using illegal parameters...

6.1CVSS4.1AI score0.02212EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2018/06/07 12:0 a.m.•41 views

gnupg -- unsanitized output (CVE-2018-12020)

GnuPG reports: GnuPG did not sanitize input file names, which may then be output to the terminal. This could allow terminal control sequences or fake status messages to be injected into the output...

7.5CVSS1.6AI score0.08654EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2018/06/07 12:0 a.m.•39 views

Flash Player -- multiple vulnerabilities

Adobe reports: This update resolves a type confusion vulnerability that could lead to arbitrary code execution CVE-2018-4945. This update resolves an integer overflow vulnerability that could lead to information disclosure CVE-2018-5000. This update resolves an out-of-bounds read vulnerability th...

10CVSS3.1AI score0.25353EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/06/06 12:0 a.m.•14 views

firefox -- Heap buffer overflow rasterizing paths in SVG with Skia

The Mozilla Foundation reports: A heap buffer overflow can occur in the Skia library when rasterizing paths using a maliciously crafted SVG file with anti-aliasing turned off. This results in a potentially exploitable crash...

2.2AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2018/06/06 12:0 a.m.•30 views

chromium -- Incorrect handling of CSP header

Google Chrome Releases reports: 1 security fix contributed by external researchers: 845961 High CVE-2018-6148: Incorrect handling of CSP header. Reported by Michal Bentkowski on 2018-05-23...

6.5CVSS2.8AI score0.00704EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/06/06 12:0 a.m.•38 views

vlc -- Use after free vulnerability

Mitre reports: VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions...

8CVSS4.2AI score0.40612EPSS
Exploits10References5
FreeBSD
FreeBSD
•added 2018/06/05 12:0 a.m.•30 views

couchdb -- administrator privilege escalation

Apache CouchDB PMC reports: Database Administrator could achieve privilege escalation to the account that CouchDB runs under, by abusing insufficient validation in the HTTP API, escaping security controls implemented in previous releases...

9CVSS1.9AI score0.08153EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/06/01 12:0 a.m.•26 views

h2o -- heap buffer overflow during logging

Marlies Ruck reports: Fix heap buffer overflow while trying to emit access log - see references for full details. CVE-2018-0608: Buffer overflow in H2O version 2.2.4 and earlier allows remote attackers to execute arbitrary code or cause a denial of service DoS via unspecified vectors...

9.8CVSS6.8AI score0.03815EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2018/05/30 12:0 a.m.•22 views

slurm -- insecure handling of user_name and gid fields

SchedMD reports: Insecure handling of username and gid fields CVE-2018-10995 While fixes are only available for the supported 17.02 and 17.11 releases, it is believed that similar vulnerabilities do affect past versions as well. The only resolution is to upgrade Slurm to a fixed release...

5.3CVSS2AI score0.01739EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/05/29 12:0 a.m.•14 views

Gitlab -- multiple vulnerabilities

GitLab reports: Removing public deploy keys regression Users can update their password without entering current password Persistent XSS - Selecting users as allowed merge request approvers Persistent XSS - Multiple locations of user selection drop downs include directive in .gitlab-ci.yml allows...

2.8AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2018/05/29 12:0 a.m.•39 views

Git -- Fix memory out-of-bounds and remote code execution vulnerabilities (CVE-2018-11233 and CVE-2018-11235)

The Git community reports: In affected versions of Git, code to sanity-check pathnames on NTFS can result in reading out-of-bounds memory. In affected versions of Git, remote code execution can occur. With a crafted .gitmodules file, a malicious project can execute an arbitrary script on a machin...

7.8CVSS3.2AI score0.49188EPSS
Exploits10References2
FreeBSD
FreeBSD
•added 2018/05/29 12:0 a.m.•47 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 34 security fixes in this release, including: 835639 High CVE-2018-6123: Use after free in Blink. Reported by Looben Yang on 2018-04-22 840320 High CVE-2018-6124: Type confusion in Blink. Reported by Guang Gong of Alpha Team, Qihoo 360 on 2018-05-07 818592 High...

9.6CVSS8.3AI score0.07666EPSS
Exploits3References1
FreeBSD
FreeBSD
•added 2018/05/29 12:0 a.m.•12 views

bro -- multiple memory allocation issues

Corelight reports: Bro 2.5.4 primarily fixes security issues Multiple fixes and improvements to BinPAC generated code related to array parsing, with potential impact to all Bro's BinPAC-generated analyzers in the form of buffer over-reads or other invalid memory accesses depending on whether a...

1.8AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2018/05/29 12:0 a.m.•40 views

Libgit2 -- Fixing insufficient validation of submodule names

The Git community reports: Insufficient validation of submodule names...

7.8CVSS2.3AI score0.49188EPSS
Exploits10References1
FreeBSD
FreeBSD
•added 2018/05/28 12:0 a.m.•34 views

taglib -- heap-based buffer over-read via a crafted audio file

Webin security lab - dbapp security Ltd reports: The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure heap-based buffer over-read via a crafted audio file...

6.5CVSS5.1AI score0.02847EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2018/05/26 12:0 a.m.•12 views

lizard -- Negative size passed to memcpy resulting in memory corruption

[email protected] reports: In Lizard v1.0 and LZ5 v2.0 the prior release, before the product was renamed, there is an unchecked buffer size during a memcpy in the LizarddecompressLIZv1 function lib/lizarddecompressliz.h. Remote attackers can leverage this vulnerability to cause a denial of service vi...

7.8CVSS7.1AI score0.02013EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/05/18 12:0 a.m.•37 views

BIND -- multiple vulnerabilities

ISC reports: An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession. A problem with the implementation of the new serve-stale feature in BIND 9.12 can lea...

2AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2018/05/16 12:0 a.m.•31 views

strongswan -- Fix Denial-of-Service Vulnerability strongSwan (CVE-2018-10811, CVE-2018-5388)

strongSwan security team reports: A denial-of-service vulnerability in the IKEv2 key derivation was fixed if the openssl plugin is used in FIPS mode and HMAC-MD5 is negotiated as PRF which is not FIPS-compliant. So this should only affect very specific setups, but in such configurations all...

7.5CVSS4.4AI score0.07124EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2018/05/16 12:0 a.m.•49 views

cURL -- multiple vulnerabilities

cURL security problems: CVE-2018-1000300: FTP shutdown response buffer overflow curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies. When doing FTP transfers, curl keeps a spare "closure handle" around internally that will be us...

9.8CVSS0.4AI score0.06003EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2018/05/09 12:0 a.m.•42 views

wavpack -- multiple vulnerabilities

Sebastian Ramacher reports: A stack-based buffer over-read in the ParseRiffHeaderConfig function of cli/riff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service attack or possibly have unspecified other impact via a maliciously crafted RF64 file. The...

7.8CVSS4AI score0.09905EPSS
Exploits9References2
FreeBSD
FreeBSD
•added 2018/05/09 12:0 a.m.•17 views

jenkins -- multiple vulnerabilities

Jenkins developers report: The agent to master security subsystem ensures that the Jenkins master is protected from maliciously configured agents. A path traversal vulnerability allowed agents to escape whitelisted directories to read and write to files they should not be able to access. Black Du...

2.4AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2018/05/09 12:0 a.m.•62 views

mozilla -- multiple vulnerabilities

Mozilla Foundation reports: CVE-2018-5183: Backport critical security fixes in Skia CVE-2018-5154: Use-after-free with SVG animations and clip paths CVE-2018-5155: Use-after-free with SVG animations and text paths CVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF files...

10CVSS9AI score0.21288EPSS
Exploits6References2
FreeBSD
FreeBSD
•added 2018/05/08 12:0 a.m.•66 views

FreeBSD -- Mishandling of x86 debug exceptions

Problem Description: The MOV SS and POP SS instructions inhibit debug exceptions until the instruction boundary following the next instruction. If that instruction is a system call or similar instruction that transfers control to the operating system, the debug exception will be handled in the...

7.8CVSS1AI score0.18262EPSS
Exploits9
FreeBSD
FreeBSD
•added 2018/05/08 12:0 a.m.•30 views

Flash Player -- arbitrary code execution

Adobe reports: This update resolves a type confusion vulnerability that could lead to arbitrary code execution CVE-2018-4944...

10CVSS3.4AI score0.08991EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/05/04 12:0 a.m.•12 views

KWallet-PAM -- Access to privileged files

The KDE Community reports: kwallet-pam was doing file writing and permission changing as root that with correct timing and use of carefully crafted symbolic links could allow a non privileged user to become the owner of any file on the system...

2.5AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2018/05/02 12:0 a.m.•34 views

p7zip -- usage of uninitialized memory

NVD reports: Incorrect initialization logic of RAR decoder objects in 7-Zip 18.03 and before can lead to usage of uninitialized memory, allowing remote attackers to cause a denial of service segmentation fault or execute arbitrary code via a crafted RAR archive...

7.8CVSS7.3AI score0.04666EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2018/05/01 12:0 a.m.•44 views

python 2.7 -- multiple vulnerabilities

python release notes: Multiple vulnerabilities has been fixed in this release. Please refer to the CVE list for details...

9.8CVSS1.9AI score0.13335EPSS
Exploits5References2
FreeBSD
FreeBSD
•added 2018/05/01 12:0 a.m.•16 views

gitea -- TOTP passcode reuse

The Gitea project reports: TOTP passcodes can be reused...

0.9AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2018/04/30 12:0 a.m.•33 views

Gitlab -- multiple vulnerabilities

GitLab reports: Persistent XSS in Move Issue using project namespace Download Archive allowing unauthorized private repo access Mattermost Updates...

6.1CVSS4.2AI score0.00888EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/04/26 12:0 a.m.•12 views

lrzsz -- Integer overflow in zmodem, crash and information leak

[email protected] reports: Lrzsz has an integer overflow vulernability in the src/zm.c:zsdata function. An attacker could exploit this with the sz command to cause a crash or potentially leak information to the receiving server...

7.1CVSS7.1AI score0.00391EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/04/26 12:0 a.m.•33 views

wget -- cookie injection vulnerability

Harry Sintonen of F-Secure Corporation reports: GNU Wget is susceptible to a malicious web server injecting arbitrary cookies to the cookie jar file...

6.5CVSS1.4AI score0.17249EPSS
Exploits5References1
FreeBSD
FreeBSD
•added 2018/04/25 12:0 a.m.•15 views

drupal -- Drupal Core - Multiple Vulnerabilities

Drupal Security Team reports: A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to...

4AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2018/04/24 12:0 a.m.•14 views

quassel -- multiple vulnerabilities

Gentoo reports: quasselcore: corruption of heap metadata caused by qdatastream leading to preauth remote code execution. Severity: high, by default the server port is publicly open and the address can be requested using the /WHOIS command of IRC protocol. Description: In Qdatastream protocol each...

0.9AI score
Exploits0References3
FreeBSD
FreeBSD
•added 2018/04/18 12:0 a.m.•14 views

drupal -- Drupal core - Moderately critical

The Drupal security team reports: CKEditor, a third-party JavaScript library included in Drupal core, has fixed a cross-site scripting XSS vulnerability. The vulnerability stemmed from the fact that it was possible to execute XSS inside CKEditor when using the image2 plugin which Drupal 8 core al...

1.5AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2018/04/17 12:0 a.m.•17 views

phpmyadmin -- CSRF vulnerability allowing arbitrary SQL execution

The phpMyAdmin development team reports: Summary CSRF vulnerability allowing arbitrary SQL execution Description By deceiving a user to click on a crafted URL, it is possible for an attacker to execute arbitrary SQL commands. Severity We consider this vulnerability to be critical...

4AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2018/04/17 12:0 a.m.•53 views

MySQL -- multiple vulnerabilities

Oracle reports: MySQL Multiple Flaws Let Remote Authenticated Users Access and Modify Data, Remote and Local Users Deny Service, and Local Users Access Data and Gain Elevated Privileges A local user can exploit a flaw in the Replication component to gain elevated privileges CVE-2018-2755. A remot...

7.7CVSS2.1AI score0.0401EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/04/16 12:0 a.m.•48 views

OpenSSL -- Cache timing vulnerability

The OpenSSL project reports: The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key...

5.9CVSS4.3AI score0.12046EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/04/16 12:0 a.m.•36 views

patch -- multiple vulnerabilities

NVD reports: An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuitdifftype function in pch.c, aka a "mangled rename" issue. A double free exists in the anotherhunk function in pch...

9.3CVSS7.3AI score0.08585EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2018/04/14 12:0 a.m.•36 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 4 security fixes in this release: 835887 Critical: Chain leading to sandbox escape. Reported by Anonymous on 2018-04-23 836858 High CVE-2018-6121: Privilege Escalation in extensions 836141 High CVE-2018-6122: Type confusion in V8 833721 High CVE-2018-6120: Heap...

8.8CVSS1.6AI score0.02422EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/04/14 12:0 a.m.•36 views

perl -- multiple vulnerabilities

perldelta: CVE-2018-6797: heap-buffer-overflow WRITE of size 1 in Sregatom regcomp.c A crafted regular expression could cause a heap buffer write overflow, with control over the bytes written. perl 132227 CVE-2018-6798: Heap-buffer-overflow in Perlbytedumpstring utf8.c Matching a crafted locale...

9.8CVSS1.5AI score0.10866EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2018/04/12 12:0 a.m.•36 views

chromium -- vulnerability

Google Chrome Releases reports: 3 security fixes in this release: 831963 Critical CVE-2018-6118: Use after free in Media Cache. Reported by Ned Williamson on 2018-04-12 837635 Various fixes from internal audits, fuzzing and other initiatives...

8.8CVSS2AI score0.01495EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/04/11 12:0 a.m.•34 views

roundcube -- IMAP command injection vulnerability

Upstream reports: This update primarily fixes a recently discovered IMAP-cmd-injection vulnerability caused by insufficient input validation within the archive plugin. Details about the vulnerability are published under CVE-2018-9846...

8.8CVSS2.2AI score0.02289EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2018/04/11 12:0 a.m.•11 views

jenkins -- multiple vulnerabilities

Jenkins developers report: The Jenkins CLI sent different error responses for commands with view and agent arguments depending on the existence of the specified views or agents to unauthorized users. This allowed attackers to determine whether views or agents with specified names exist. The Jenki...

2.7AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2018/04/10 12:0 a.m.•32 views

Flash Player -- multiple vulnerabilities

Adobe reports: This update resolves a use-after-free vulnerability that could lead to remote code execution CVE-2018-4932. This update resolves out-of-bounds read vulnerabilities that could lead to information disclosure CVE-2018-4933, CVE-2018-4934. This update resolves out-of-bounds write...

9.3CVSS1.6AI score0.29073EPSS
Exploits8References1
FreeBSD
FreeBSD
•added 2018/04/04 12:0 a.m.•44 views

nghttp2 -- Denial of service due to NULL pointer dereference

nghttp2 blog: If ALTSVC frame is received by libnghttp2 and it is larger than it can accept, the pointer field which points to ALTSVC frame payload is left NULL. Later libnghttp2 attempts to access another field through the pointer, and gets segmentation fault. ALTSVC frame is defined by RFC 7838...

7.5CVSS2AI score0.10782EPSS
Exploits0References1
Total number of security vulnerabilities6583