Lucene search
K
FreebsdRecent

6585 matches found

FreeBSD
FreeBSD
•added 2017/04/07 12:0 a.m.•37 views

libsndfile -- multiple vulnerabilities

NVD reports: In libsndfile before 1.0.28, an error in the "flacbuffercopy" function flac.c can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file. In libsndfile before 1.0.28, an error in the "headerread" function common.c when handling ID3 tags can be exploited...

5.5CVSS2.6AI score0.01388EPSS
Exploits2References3
FreeBSD
FreeBSD
•added 2017/04/04 12:0 a.m.•44 views

libXdmcp -- insufficient entropy generating session keys

The freedesktop and x.org project reports: It was discovered that libXdmcp before 1.1.3 used weak entropy to generate session keys on platforms without arc4randombuf but with getentropy. On a multi-user system using xdmcp, a local attacker could potentially use information available from the...

6.5CVSS1.7AI score0.00534EPSS
Exploits3References2
FreeBSD
FreeBSD
•added 2017/04/04 12:0 a.m.•42 views

django -- multiple vulnerabilities

Django team reports: These release addresses two security issues detailed below. We encourage all users of Django to upgrade as soon as possible. Open redirect and possible XSS attack via user-supplied numeric redirect URLs Open redirect vulnerability in django.views.static.serve...

6.1CVSS3.1AI score0.02384EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2017/04/04 12:0 a.m.•33 views

xen-kernel -- broken check in memory_exchange() permits PV guest breakout

The Xen Project reports: The XSA-29 fix introduced an insufficient check on XENMEMexchange input, allowing the caller to drive hypervisor memory accesses outside of the guest provided input/output arrays. A malicious or buggy 64-bit PV guest may be able to access all of system memory, allowing fo...

8.2CVSS2.2AI score0.01569EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2017/04/03 12:0 a.m.•40 views

cURL -- potential memory disclosure

The cURL project reports: There were two bugs in curl's parser for the command line option --write-out or -w for short that would skip the end of string zero byte if the string ended in a % percent or \ backslash, and it would read beyond that buffer in the heap memory and it could then potential...

2.4CVSS0.5AI score0.00581EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/04/01 12:0 a.m.•35 views

tiff -- multiple vulnerabilities

NVD reports: Please reference CVE/URL list for details...

9.8CVSS7.1AI score0.04427EPSS
Exploits8References10
FreeBSD
FreeBSD
•added 2017/03/29 12:0 a.m.•33 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 5 security fixes in this release, including: 698622 Critical CVE-2017-5055: Use after free in printing. Credit to Wadih Matar 699166 High CVE-2017-5054: Heap buffer overflow in V8. Credit to Nicolas Trippar of Zimperium zLabs 662767 High CVE-2017-5052: Bad cast in...

9.6CVSS9.5AI score0.02557EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/03/28 12:0 a.m.•8 views

xen-tools -- xenstore denial of service via repeated update

The Xen Project reports: Unprivileged guests may be able to stall progress of the control domain or driver domain, possibly leading to a Denial of Service DoS of the entire host...

2.4AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2017/03/28 12:0 a.m.•24 views

phpMyAdmin -- bypass 'no password' restriction

The phpMyAdmin team reports: Summary Bypass $cfg'Servers'$i'AllowNoPassword' Description A vulnerability was discovered where the restrictions caused by $cfg'Servers'$i'AllowNoPassword' = false are bypassed under certain PHP versions. This can allow the login of users who have no password set eve...

1.6AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2017/03/27 12:0 a.m.•10 views

asterisk -- Buffer overflow in CDR's set user

The Asterisk project reports: No size checking is done when setting the user field on a CDR. Thus, it is possible for someone to use an arbitrarily large string and write past the end of the user field storage buffer. This allows the possibility of remote code injection...

2.9AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2017/03/23 12:0 a.m.•13 views

codeigniter -- multiple vulnerabilities

The CodeIgniter changelog reports: Fixed a header injection vulnerability in common function setstatusheader under Apache thanks to Guillermo Caminer from Flowgate. Fixed byte-safety issues in Encrypt Library DEPRECATED when mbstring.funcoverload is enabled. Fixed byte-safety issues in Encryption...

1.6AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2017/03/23 12:0 a.m.•32 views

samba -- symlink race allows access outside share definition

Samba team reports: A time-of-check, time-of-use race condition can allow clients to access non-exported parts of the file system via symlinks...

7.5CVSS7.9AI score0.11091EPSS
Exploits3References1
FreeBSD
FreeBSD
•added 2017/03/20 12:0 a.m.•34 views

gitlab -- Various security issues

GitLab reports: Information Disclosure in Issue and Merge Request Trackers During an internal code review a critical vulnerability in the GitLab Issue and Merge Request trackers was discovered. This vulnerability could allow a user with access to assign ownership of an issue or merge request to...

6.3CVSS6.3AI score0.01057EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2017/03/17 12:0 a.m.•37 views

firefox -- integer overflow in createImageBitmap()

The Mozilla Foundation reports: An integer overflow in createImageBitmap was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the createImageBitmap API. This function runs in the content sandbox, requiring a second vulnerability to...

9.8CVSS9.3AI score0.03158EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2017/03/17 12:0 a.m.•34 views

NSS -- multiple vulnerabilities

Mozilla Foundation reports: An out-of-bounds write during Base64 decoding operation in the Network Security Services NSS library due to insufficient memory being allocated to the buffer. This results in a potentially exploitable crash. The NSS library has been updated to fix this issue to address...

8AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2017/03/17 12:0 a.m.•29 views

squashfs-tools -- Integer overflow

Phillip Lougher reports: Integer overflow in the readfragmenttable4 function in unsquash-4.c in Squashfs and sasquatch allows remote attackers to cause a denial of service application crash via a crafted input, which triggers a stack-based buffer overflow...

5.5CVSS6.4AI score0.0316EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/03/16 12:0 a.m.•23 views

chicken -- multiple vulnerabilities

CHICKEN reports: CVE-2017-6949: Unchecked malloc call in SRFI-4 constructors when allocating in non-GC memory, resulting in potential 1-word buffer overrun and/or segfault CVE-2017-9334: "length" crashes on improper lists CVE-2017-11343: The randomization factor of the symbol table was set before...

8.1CVSS3.9AI score0.01537EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/03/15 12:0 a.m.•21 views

drupal8 -- multiple vulnerabilities

Drupal Security Team reports: CVE-2017-6377: Editor module incorrectly checks access to inline private files CVE-2017-6379: Some admin paths were not protected with a CSRF token CVE-2017-6381: Remote code execution...

8.1CVSS8AI score0.03901EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/03/14 12:0 a.m.•22 views

id Tech 3 -- remote code execution vulnerability

The content auto-download of id Tech 3 can be used to deliver maliciously crafted content, that triggers downloading of further content and loading and executing it as native code with user credentials. This affects ioquake3, ioUrbanTerror, OpenArena, the original Quake 3 Arena and other forks...

9.3CVSS6.9AI score0.01291EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/03/14 12:0 a.m.•27 views

xen-tools -- Cirrus VGA Heap overflow via display refresh

The Xen Project reports: A privileged user within the guest VM can cause a heap overflow in the device model process, potentially escalating their privileges to that of the device model process...

9.9CVSS3.9AI score0.04448EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/03/14 12:0 a.m.•37 views

Flash Player -- multiple vulnerabilities

Adobe reports: These updates resolve a buffer overflow vulnerability that could lead to code execution CVE-2017-2997. These updates resolve memory corruption vulnerabilities that could lead to code execution CVE-2017-2998, CVE-2017-2999. These updates resolve a random number generator vulnerabili...

9.3CVSS8.7AI score0.0836EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2017/03/13 12:0 a.m.•14 views

moodle -- multiple vulnerabilities

Marina Glancy reports: In addition to a number of bug fixes and small improvements, security vulnerabilities have been discovered and fixed. We highly recommend that you upgrade your sites as soon as possible. Upgrading should be very straightforward. As per our usual policy, admins of all...

0.7AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2017/03/11 12:0 a.m.•18 views

irssi -- use-after-free potential code execution

The irssi project reports: Use after free while producing list of netjoins CWE-416. This issue was found and reported to us by APic. This issue usually leads to segmentation faults. Targeted code execution should be difficult...

9.8CVSS4.6AI score0.0336EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/03/11 12:0 a.m.•11 views

mbed TLS (PolarSSL) -- multiple vulnerabilities

Janos Follath reports: If a malicious peer supplies a certificate with a specially crafted secp224k1 public key, then an attacker can cause the server or client to attempt to free block of memory held on stack. Depending on the platform, this could result in a Denial of Service client crash or...

3AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2017/03/09 12:0 a.m.•35 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 36 security fixes in this release Please reference CVE/URL list for details...

8.8CVSS7.4AI score0.41603EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2017/03/07 12:0 a.m.•55 views

mozilla -- multiple vulnerabilities

Mozilla Foundation reports: Please reference CVE/URL list for details...

10CVSS8.1AI score0.17484EPSS
Exploits21References2
FreeBSD
FreeBSD
•added 2017/03/07 12:0 a.m.•17 views

wordpress -- multiple vulnerabilities

WordPress versions 4.7.2 and earlier are affected by six security issues. Cross-site scripting XSS via media file metadata. Control characters can trick redirect URL validation. Unintended files can be deleted by administrators using the plugin deletion functionality. Cross-site scripting XSS via...

2.4AI score
Exploits0References2
FreeBSD
FreeBSD
•added 2017/03/06 12:0 a.m.•51 views

proftpd -- user chroot escape vulnerability

NVD reports: ProFTPD ... controls whether the home directory of a user could contain a symbolic link through the AllowChrootSymlinks configuration option, but checks only the last path component when enforcing AllowChrootSymlinks. Attackers with local access could bypass the AllowChrootSymlinks...

5.5CVSS1.2AI score0.00419EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/03/05 12:0 a.m.•38 views

ImageMagick -- multiple vulnerabilities

Please reference CVE/URL list for details...

9.8CVSS7.1AI score0.05959EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2017/03/01 12:0 a.m.•29 views

zziplib - multiple vulnerabilities

NIST reports by search in the range 2017/01/01 - 2018/07/06: 17 security fixes in this release: Heap-based buffer overflow in the zzipget32 function in fetch.c. Heap-based buffer overflow in the zzipget64 function in fetch.c. Heap-based buffer overflow in the zzipmementryextrablock function in...

6.5CVSS6.7AI score0.02854EPSS
Exploits17References1
FreeBSD
FreeBSD
•added 2017/02/28 12:0 a.m.•26 views

kio: Information Leak when accessing https when using a malicious PAC file

Albert Astals Cid reports: Using a malicious PAC file, and then using exfiltration methods in the PAC function FindProxyForURL enables the attacker to expose full https URLs. This is a security issue since https URLs may contain sensitive information in the URL authentication part...

Exploits0References1
FreeBSD
FreeBSD
•added 2017/02/27 12:0 a.m.•12 views

kdepimlibs -- directory traversal on KTNEF

Albert Aastals Cid reports: A directory traversal issue was found in KTNEF which can be exploited by tricking a user into opening a malicious winmail.dat file. The issue allows to write files with the permission of the user opening the winmail.dat file during extraction...

3.7AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2017/02/24 12:0 a.m.•20 views

tnef -- Invalid read and write operations, controlled by an attacker

[email protected] reports: CVE-2017-6307: An issue was discovered in tnef before 1.4.13. Two OOB Writes have been identified in src/mapiattr.c:mapiattrread. These might lead to invalid read and write operations, controlled by an attacker. CVE-2017-6308: An issue was discovered in tnef before 1.4.13...

7.8CVSS7.3AI score0.0154EPSS
Exploits0References4
FreeBSD
FreeBSD
•added 2017/02/22 12:0 a.m.•58 views

cURL -- ocsp status validation error

The cURL project reports: SSLVERIFYSTATUS ignored curl and libcurl support "OCSP stapling", also known as the TLS Certificate Status Request extension using the CURLOPTSSLVERIFYSTATUS option. When telling curl to use this feature, it uses that TLS extension to ask for a fresh proof of the server'...

6.5CVSS6.9AI score0.01391EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/02/21 12:0 a.m.•31 views

xen-tools -- cirrus_bitblt_cputovideo does not check if memory region is safe

The Xen Project reports: In CIRRUSBLTMODEMEMSYSSRC mode the bitblit copy routine cirrusbitbltcputovideo fails to check whether the specified memory region is safe. A malicious guest administrator can cause an out of bounds memory write, very likely exploitable as a privilege escalation...

9.9CVSS9.4AI score0.03559EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/02/18 12:0 a.m.•22 views

MPD -- buffer overflows in http output

The MPD project reports: httpd: fix two buffer overflows in IcyMetaData length calculation...

1.1AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2017/02/16 12:0 a.m.•57 views

openssl -- crash on handshake

The OpenSSL project reports: Severity: High During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake or vice-versa then this can cause OpenSSL to crash dependent on ciphersuite. Both clients and servers are affected. This issue do...

7.5CVSS7.5AI score0.12874EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/02/14 12:0 a.m.•12 views

fbsdmon -- information disclosure vulnerability

Alan Somers reports: The web site used by this port, http://fbsdmon.org, has been taken over by cybersquatters. That means that users are sending their system info to an unknown party...

0.7AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2017/02/14 12:0 a.m.•34 views

NVIDIA UNIX driver -- multiple vulnerabilities in the kernel mode layer handler

NVIDIA Unix security team reports: NVIDIA GPU Display Driver contains vulnerabilities in the kernel mode layer handler where multiple integer overflows, improper access control, and improper validation of a user input may cause a denial of service or potential escalation of privileges...

8.8CVSS7.2AI score0.00389EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/02/13 12:0 a.m.•31 views

collectd5 -- Denial of service by sending a signed network packet to a server which is not set up to check signatures

marcinguy reports: After sending this payload, collectd seems to be entering endless while loop in packetparse consuming high CPU resources, possibly crash/gets killed after a while...

7.5CVSS1.5AI score0.03997EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/02/10 12:0 a.m.•51 views

xen-tools -- oob access in cirrus bitblt copy

The Xen Project reports: When doing bitblt copy backwards, qemu should negate the blit width. This avoids an oob access before the start of video memory. A malicious guest administrator can cause an out of bounds memory access, possibly leading to information disclosure or privilege escalation...

9.1CVSS9AI score0.03648EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/02/09 12:0 a.m.•29 views

gtk-vnc -- bounds checking vulnerabilities

Daniel P. Berrange reports: CVE-2017-5884 - fix bounds checking for RRE, hextile and copyrect encodings CVE-2017-5885 - fix color map index bounds checking...

9.8CVSS8.8AI score0.04985EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2017/02/09 12:0 a.m.•30 views

diffoscope -- arbitrary file write

Ximin Luo reports: v67 introduced a security hole where diffoscope may write to arbitrary locations on disk depending on the contents of an untrusted archive...

10CVSS9.2AI score0.01893EPSS
Exploits4References1
FreeBSD
FreeBSD
•added 2017/02/03 12:0 a.m.•49 views

FreeRADIUS -- TLS resumption authentication bypass

Stefan Winter reports: The TLS session cache in FreeRADIUS before 3.0.14 fails to reliably prevent resumption of an unauthenticated session, which allows remote attackers such as malicious 802.1X supplicants to bypass authentication via PEAP or TTLS...

9.8CVSS5.6AI score0.03914EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2017/02/01 12:0 a.m.•95 views

jenkins -- multiple vulnerabilities

Jenkins Security Advisory: Please reference CVE/URL list for details...

8.8CVSS6.4AI score0.19191EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2017/01/31 12:0 a.m.•31 views

libevent -- multiple vulnerabilities

Debian Security reports: CVE-2016-10195: The nameparse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the labellen variable, which triggers an out-of-bounds stack read. CVE-2016-10196: Stack-based buffer overflow in the...

9.8CVSS8.9AI score0.06681EPSS
Exploits3References5
FreeBSD
FreeBSD
•added 2017/01/31 12:0 a.m.•14 views

shotwell -- failure to encrypt authentication

Jens Georg reports: I have just released Shotwell 0.24.5 and 0.25.4 which turn on HTTPS encryption all over the publishing plugins. Users using Tumblr and Yandex.Fotki publishing are strongly advised to change their passwords and reauthenticate Shotwell to those services after upgrade. Users of...

1.1AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2017/01/29 12:0 a.m.•31 views

PuTTY -- integer overflow permits memory overwrite by forwarded ssh-agent connections

Simon G. Tatham reports: Many versions of PuTTY prior to 0.68 have a heap-corrupting integer overflow bug in the sshagentchanneldata function which processes messages sent by remote SSH clients to a forwarded agent connection. ... This bug is only exploitable at all if you have enabled SSH agent...

9.8CVSS9.1AI score0.21816EPSS
Exploits4References1
FreeBSD
FreeBSD
•added 2017/01/27 12:0 a.m.•43 views

mysql -- denial of service vulnerability

Openwall reports: C client library for MySQL libmysqlclient.so has use-after-free defect which can cause crash of applications using that MySQL client...

7.5CVSS7.8AI score0.04905EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2017/01/26 12:0 a.m.•72 views

OpenSSL -- multiple vulnerabilities

The OpenSSL project reports: Truncated packet could crash via OOB read CVE-2017-3731 Bad ECDHE parameters cause a client crash CVE-2017-3730 BNmodexp may produce incorrect results on x8664 CVE-2017-3732 Montgomery multiplication may produce incorrect results CVE-2016-7055...

7.5CVSS7.3AI score0.57595EPSS
Exploits6References1
Total number of security vulnerabilities6585