Lucene search
K
FreebsdRecent

6585 matches found

FreeBSD
FreeBSD
•added 2017/06/07 12:0 a.m.•12 views

GnuTLS -- Denial of service vulnerability

The GnuTLS project reports: It was found using the TLS fuzzer tools that decoding a status response TLS extension with valid contents could lead to a crash due to a null pointer dereference. The issue affects GnuTLS server applications...

1.9AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2017/06/06 12:0 a.m.•27 views

irssi -- remote DoS

Joseph Bisch reports: When receiving a DCC message without source nick/host, Irssi would attempt to dereference a NULL pointer. When receiving certain incorrectly quoted DCC files, Irssi would try to find the terminating quote one byte before the allocated memory...

2.3AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2017/06/05 12:0 a.m.•33 views

chromium -- multiple vulnerabilities

Google Chrome releases reports: 30 security fixes in this release Please reference CVE/URL list for details...

8.8CVSS7.1AI score0.31212EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2017/06/03 12:0 a.m.•30 views

python -- possible integer overflow vulnerability

Python issue: There is a possible integer overflow in PyStringDecodeEscape function of the file stringobject.c, which can be abused to gain a heap overflow, possibly leading to arbitrary code execution...

9.8CVSS9.7AI score0.07944EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2017/05/30 12:0 a.m.•33 views

strongswan -- Denial-of-service vulnerability in the x509 plugin

strongSwan security team reports: ASN.1 CHOICE types are not correctly handled by the ASN.1 parser when parsing X.509 certificates with extensions that use such types. This could lead to infinite looping of the thread parsing a specifically crafted certificate...

7.5CVSS1.3AI score0.02222EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/05/30 12:0 a.m.•31 views

strongswan -- multiple vulnerabilities

strongSwan security team reports: RSA public keys passed to the gmp plugin aren't validated sufficiently before attempting signature verification, so that invalid input might lead to a floating point exception. CVE-2017-9022 ASN.1 CHOICE types are not correctly handled by the ASN.1 parser when...

7.5CVSS0.5AI score0.02222EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2017/05/24 12:0 a.m.•74 views

samba -- remote code execution vulnerability

The samba project reports: Remote code execution from a writable share. All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it...

10CVSS6.1AI score0.99448EPSS
Exploits24References1
FreeBSD
FreeBSD
•added 2017/05/23 12:0 a.m.•8 views

vlc -- remote code execution via crafted subtitles

Check Point research team reports: Remote code execution via crafted subtitles...

3.8AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2017/05/23 12:0 a.m.•27 views

libsndfile -- out-of-bounds read memory access

Laurent Delosieres, Secunia Research at Flexera Software reports: Secunia Research has discovered a vulnerability in libsndfile, which can be exploited by malicious people to disclose potentially sensitive information. The vulnerability is caused due to an error in the "aiffreadchanmap" function...

8.8CVSS8.2AI score0.02485EPSS
Exploits1References3
FreeBSD
FreeBSD
•added 2017/05/21 12:0 a.m.•27 views

SquirrelMail -- post-authentication access privileges

Florian Grunow reports: An attacker able to exploit this vulnerability can extract files of the server the application is running on. This may include configuration files, log files and additionally all files that are readable for all users on the system. This issue is post-authentication. That...

8.8CVSS8.4AI score0.04451EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2017/05/21 12:0 a.m.•25 views

adns -- multiple vulnerabilities

Ian Jackson and the adns project reports: Vulnerable applications: all adns callers. Exploitable by: the local recursive resolver. Likely worst case: Remote code execution. Vulnerable applications: those that make SOA queries. Exploitable by: upstream DNS data sources. Likely worst case: DoS cras...

9.8CVSS3.8AI score0.03603EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/05/19 12:0 a.m.•16 views

duo -- Two-factor authentication bypass

The duo security team reports: An untrusted user may be able to set the httpproxy variable to an invalid address. If this happens, this will trigger the configured 'failmode' behavior, which defaults to safe. Safe mode causes the authentication to report a success...

1.4AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2017/05/19 12:0 a.m.•46 views

OpenVPN -- several vulnerabilities

Samuli Seppänen reports: In May/June 2017 Guido Vranken threw a fuzzer at OpenVPN 2.4.2. In the process he found several vulnerabilities and reported them to the OpenVPN project. ... The first releases to have these fixes are OpenVPN 2.4.3 and 2.3.17. This is a list of fixed important...

9.8CVSS2.7AI score0.05539EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/05/18 12:0 a.m.•176 views

Dropbear -- two vulnerabilities

Matt Johnston reports: Fix double-free in server TCP listener cleanup A double-free in the server could be triggered by an authenticated user if dropbear is running with -a Allow connections to forwarded ports from any host This could potentially allow arbitrary code execution as root by an...

2.5AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2017/05/17 12:0 a.m.•30 views

freetype2 -- buffer overflows

Werner Lemberg reports: CVE-2017-8105, CVE-2017-8287: Older FreeType versions have out-of-bounds writes caused by heap-based buffer overflows related to Type 1 fonts...

9.8CVSS4AI score0.04188EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/05/16 12:0 a.m.•22 views

Wordpress -- multiple vulnerabilities

WordPress versions 4.7.4 and earlier are affected by six security issues Insufficient redirect validation in the HTTP class. Improper handling of post meta data values in the XML-RPC API. Lack of capability checks for post meta data in the XML-RPC API. A Cross Site Request Forgery CRSF...

1.6AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2017/05/15 12:0 a.m.•27 views

NVIDIA UNIX driver -- multiple vulnerabilities in the kernel mode layer handler

NVIDIA Unix security team reports: NVIDIA GPU Display Driver contains vulnerabilities in the kernel mode layer handler where not correctly validated user input, NULL pointer dereference, and incorrect access control may lead to denial of service or potential escalation of privileges...

7.8CVSS7.6AI score0.00381EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/05/11 12:0 a.m.•47 views

Joomla3 -- SQL Injection

JSST reports: Inadequate filtering of request data leads to a SQL Injection vulnerability...

9.8CVSS1.9AI score0.99826EPSS
Exploits21References1
FreeBSD
FreeBSD
•added 2017/05/11 12:0 a.m.•77 views

PostgreSQL vulnerabilities

The PostgreSQL project reports: Security Fixes nested CASE expressions + database and role names with embedded special characters CVE-2017-7484: selectivity estimators bypass SELECT privilege checks. CVE-2017-7485: libpq ignores PGREQUIRESSL environment variable CVE-2017-7486: pgusermappings view...

8.3CVSS4.3AI score0.06331EPSS
Exploits0
FreeBSD
FreeBSD
•added 2017/05/10 12:0 a.m.•40 views

kauth: Local privilege escalation

Albert Astals Cid reports: KAuth contains a logic flaw in which the service invoking dbus is not properly checked. This allows spoofing the identity of the caller and with some carefully crafted calls can lead to gaining root from an unprivileged account...

7.8CVSS4.4AI score0.01805EPSS
Exploits3References2
FreeBSD
FreeBSD
•added 2017/05/10 12:0 a.m.•53 views

libxml2 -- Multiple Issues

libxml2 developers report: The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service buffer over-read or information disclosure. A buffer overflow was discovered in libxml2 20904-GITv2.9.4-16-g0741801. The function xmlSnprintfElementContent i...

7.5CVSS7.4AI score0.07347EPSS
Exploits5References6
FreeBSD
FreeBSD
•added 2017/05/10 12:0 a.m.•65 views

OpenVPN -- two remote denial-of-service vulnerabilities

Samuli Seppänen reports: OpenVPN v2.4.0 was audited for security vulnerabilities independently by Quarkslabs funded by OSTIF and Cryptography Engineering funded by Private Internet Access between December 2016 and April 2017. The primary findings were two remote denial-of-service vulnerabilities...

7.5CVSS2.2AI score0.13892EPSS
Exploits2References4
FreeBSD
FreeBSD
•added 2017/05/09 12:0 a.m.•40 views

ansible -- Input validation flaw in jinja2 templating system

RedHat security team reports: An input validation flaw was found in Ansible, where it fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup calls, they could inject Unicode strings to be parsed by the jinja2 templating system, result in code...

9.8CVSS3.3AI score0.04804EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2017/05/09 12:0 a.m.•36 views

miniupnpc -- integer signedness error

Tintinweb reports: An integer signedness error was found in miniupnp's miniwget allowing an unauthenticated remote entity typically located on the local network segment to trigger a heap corruption or an access violation in miniupnp's http response parser when processing a specially crafted...

9.8CVSS0.8AI score0.24027EPSS
Exploits6References1
FreeBSD
FreeBSD
•added 2017/05/08 12:0 a.m.•22 views

gitlab -- Various security issues

GitLab reports: Please reference CVE/URL list for details...

1AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2017/05/02 12:0 a.m.•28 views

chromium -- race condition vulnerability

Google Chrome Releases reports: 1 security fix in this release: 679306 High CVE-2017-5068: Race condition in WebRTC. Credit to Philipp Hancke...

7.5CVSS8.2AI score0.01019EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/04/30 12:0 a.m.•24 views

libmad -- multiple vulnerabilities

National Vulnerability Database: CVE-2017-8372: The madlayerIII function in layer3.c in Underbit MAD libmad 0.15.1b, if NDEBUG is omitted, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted audio file. CVE-2017-8373: The madlayerIII function ...

7.8CVSS5.5AI score0.02538EPSS
Exploits3References7
FreeBSD
FreeBSD
•added 2017/04/29 12:0 a.m.•17 views

libetpan -- null dereference vulnerability in MIME parsing component

rwhitworth reports: I was using American Fuzzy Lop afl-fuzz to fuzz input to the mime-parse test program. Is fixing these crashes something you're interested in? The input files can be found here: https://github.com/rwhitworth/libetpan-fuzz/. The files can be executed as ./mime-parse idfilename t...

7.5CVSS1.1AI score0.01836EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/04/28 12:0 a.m.•33 views

roundcube -- arbitrary password resets

Roundcube reports: Roundcube Webmail allows arbitrary password resets by authenticated users. The problem is caused by an improperly restricted exec call in the virtualmin and sasl drivers of the password plugin...

8.8CVSS4.8AI score0.03471EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2017/04/27 12:0 a.m.•24 views

FreeBSD -- ipfilter(4) fragment handling panic

Problem Description: ipfilter4, capable of stateful packet inspection, using the "keep state" or "keep frags" rule options, will not only maintain the state of connections, such as TCP streams or UDP communication, it also maintains the state of fragmented packets. When a packet fragments are...

7.8CVSS7.4AI score0.02666EPSS
Exploits0
FreeBSD
FreeBSD
•added 2017/04/27 12:0 a.m.•28 views

LibreSSL -- TLS verification vulnerability

Jakub Jirutka reports: LibreSSL 2.5.1 to 2.5.3 lacks TLS certificate verification if SSLgetverifyresult is relied upon for a later check of a verification result, in a use case where a user-provided verification callback returns 1, as demonstrated by acceptance of invalid certificates by nginx...

5.3CVSS1.9AI score0.01021EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2017/04/26 12:0 a.m.•88 views

jenkins -- multiple vulnerabilities

Jenkins Security Advisory: Description SECURITY-412 through SECURITY-420 / CVE-2017-1000356 CSRF: Multiple vulnerabilities SECURITY-429 / CVE-2017-1000353 CLI: Unauthenticated remote code execution SECURITY-466 / CVE-2017-1000354 CLI: Login command allowed impersonating any Jenkins user...

9.8CVSS8.1AI score0.99686EPSS
Exploits39References1
FreeBSD
FreeBSD
•added 2017/04/23 12:0 a.m.•35 views

weechat -- multiple vulnerabilities

Common Vulnerabilities and Exposures: WeeChat before 1.7.1 allows a remote crash by sending a filename via DCC to the IRC plugin. This occurs in the ircctcpdccfilenamewithoutquotes function during quote removal, with a buffer overflow...

7.5CVSS4.9AI score0.03107EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/04/19 12:0 a.m.•29 views

SquirrelMail -- post-authentication remote code execution

SquirrelMail developers report: SquirrelMail 1.4.22 and other versions before 201704270200-SVN allows post-authentication remote code execution via a sendmail.cf file that is mishandled in a popen call. It's possible to exploit this vulnerability to execute arbitrary shell commands on the remote...

9CVSS7.1AI score0.32156EPSS
Exploits7References1
FreeBSD
FreeBSD
•added 2017/04/19 12:0 a.m.•19 views

drupal8 -- Drupal Core - Critical - Access Bypass

Drupal Security Team Reports: CVE-2017-6919: Access bypass...

7.5CVSS1.9AI score0.01606EPSS
Exploits1
FreeBSD
FreeBSD
•added 2017/04/19 12:0 a.m.•34 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 29 security fixes in this release, including: 695826 High CVE-2017-5057: Type confusion in PDFium. Credit to Guang Gong of Alpha Team, Qihoo 360 694382 High CVE-2017-5058: Heap use after free in Print Preview. Credit to Khalil Zhani 684684 High CVE-2017-5059: Type...

8.8CVSS8AI score0.03362EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2017/04/19 12:0 a.m.•37 views

graphite2 -- out-of-bounds write with malicious font

Mozilla Foundation reports: An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products...

8.8CVSS9.3AI score0.02414EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/04/19 12:0 a.m.•42 views

cURL -- TLS session resumption client cert bypass (again)

cURL security advisory: libcurl would attempt to resume a TLS session even if the client certificate had changed. That is unacceptable since a server by specification is allowed to skip the client certificate check on resume, and may instead use the old identity which was established by the...

7.5CVSS0.2AI score0.15063EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/04/19 12:0 a.m.•66 views

MySQL -- multiple vulnerabilities

Oracle reports: This Critical Patch Update contains 39 new security fixes for Oracle MySQL. 11 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials...

7.8CVSS7.2AI score0.89924EPSS
Exploits8References1
FreeBSD
FreeBSD
•added 2017/04/19 12:0 a.m.•54 views

mozilla -- multiple vulnerabilities

Mozilla Foundation reports: Please reference CVE/URL list for details...

9.8CVSS8AI score0.18756EPSS
Exploits26References3
FreeBSD
FreeBSD
•added 2017/04/16 12:0 a.m.•29 views

raptor2 -- buffer overflow

CVE MITRE reports: raptorxmlwriterstartelementcommon in raptorxmlwriter.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows sometimes seen in raptorqnameformatasxml...

7.1CVSS3AI score0.03079EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2017/04/13 12:0 a.m.•15 views

asterisk -- Memory exhaustion on short SCCP packets

The Asterisk project reports: A remote memory exhaustion can be triggered by sending an SCCP packet to Asterisk system with "chanskinny" enabled that is larger than the length of the SCCP header but smaller than the packet length specified in the header. The loop that reads the rest of the packet...

0.9AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2017/04/13 12:0 a.m.•23 views

osip -- Improper Restriction of Operations within the Bounds of a Memory Buffer

osip developers reports: In libosip2 in GNU oSIP 4.1.0 and 5.0.0, a malformed SIP message can lead to a heap buffer overflow in the msgosipbodyparse function defined in osipparser2/osipmessageparse.c, resulting in a remote DoS...

7.5CVSS2.7AI score0.02462EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2017/04/13 12:0 a.m.•32 views

heimdal -- bypass of capath policy

Viktor Dukhovni reports: Commit f469fc6 2010-10-02 inadvertently caused the previous hop realm to not be added to the transit path of issued tickets. This may, in some cases, enable bypass of capath policy in Heimdal versions 1.5 through 7.2. Note, this may break sites that rely on the bug. With...

7.5CVSS7.8AI score0.01759EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/04/12 12:0 a.m.•42 views

libsndfile -- multiple vulnerabilities

Agostino Sarubbo, Gentoo reports: CVE-2017-8361 Medium: The flacbuffercopy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted audio file. CVE-2017-8362 Medium: T...

9.8CVSS8.5AI score0.03978EPSS
Exploits0References15
FreeBSD
FreeBSD
•added 2017/04/12 12:0 a.m.•24 views

asterisk -- Buffer Overrun in PJSIP transaction layer

The Asterisk project reports: A remote crash can be triggered by sending a SIP packet to Asterisk with a specially crafted CSeq header and a Via header with no branch parameter. The issue is that the PJSIP RFC 2543 transaction key generation algorithm does not allocate a large enough buffer. By...

2.1AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2017/04/12 12:0 a.m.•44 views

FreeBSD -- Multiple vulnerabilities of ntp

Problem Description: A vulnerability was discovered in the NTP server's parsing of configuration directives. CVE-2017-6464 A vulnerability was found in NTP, in the parsing of packets from the DPTS Clock. CVE-2017-6462 A vulnerability was discovered in the NTP server's parsing of configuration...

7.8CVSS6.8AI score0.05239EPSS
Exploits2
FreeBSD
FreeBSD
•added 2017/04/12 12:0 a.m.•31 views

BIND -- multiple vulnerabilities

ISC reports: A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other...

7AI score
Exploits0References3
FreeBSD
FreeBSD
•added 2017/04/11 12:0 a.m.•26 views

libsamplerate -- multiple vulnerabilities

NVD reports: In libsamplerate before 0.1.9, a buffer over-read occurs in the calcoutputsingle function in srcsinc.c via a crafted audio file...

5.5CVSS4.2AI score0.00913EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/04/10 12:0 a.m.•42 views

chromium -- vulnerability

Google Chrome Releases reports: 62 security fixes in this release: 826626 Critical CVE-2018-6085: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-28 827492 Critical CVE-2018-6086: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-30 813876 High CVE-2018-6087:...

8.8CVSS0.4AI score0.09186EPSS
Exploits4References1
Total number of security vulnerabilities6585