Lucene search
K
FreebsdRecent

6585 matches found

FreeBSD
FreeBSD
•added 2015/11/30 12:0 a.m.•43 views

libraw -- memory objects not properly initialized

ChenQin reports: The LibRaw raw image decoder has multiple vulnerabilities that can cause memory errors which may lead to code execution or other problems. In CVE-2015-8367, LibRaw's phaseonecorrect function does not handle memory initialization correctly, which may cause other problems...

9.8CVSS9.7AI score0.05454EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2015/11/30 12:0 a.m.•35 views

qemu and xen-tools -- denial of service vulnerabilities in AMD PC-Net II NIC support

Prasad J Pandit, Red Hat Product Security Team, reports: Qemu emulator built with the AMD PC-Net II Ethernet Controller support is vulnerable to a heap buffer overflow flaw. While receiving packets in the loopback mode, it appends CRC code to the receive buffer. If the data size given is same as...

8AI score
Exploits0References7
FreeBSD
FreeBSD
•added 2015/11/30 12:0 a.m.•41 views

libraw -- index overflow in smal_decode_segment

ChenQin reports: The LibRaw raw image decoder has multiple vulnerabilities that can cause memory errors which may lead to code execution or other problems. In CVE-2015-8366, LibRaw's smaldecodesegment function does not handle indexes carefully, which can cause an index overflow...

9.8CVSS9.7AI score0.04939EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2015/11/27 12:0 a.m.•39 views

ffmpeg -- multiple vulnerabilities

NVD reports: The updatedimensions function in libavcodec/vp8.c in FFmpeg through 2.8.1, as used in Google Chrome before 46.0.2490.71 and other products, relies on a coefficient-partition count during multi-threaded operation, which allows remote attackers to cause a denial of service race conditi...

7.5CVSS9.5AI score0.02412EPSS
Exploits0References9
FreeBSD
FreeBSD
•added 2015/11/26 12:0 a.m.•23 views

dpkg -- stack-based buffer overflow

Salvatore Bonaccorso reports: Hanno Boeck discovered a stack-based buffer overflow in the dpkg-deb component of dpkg, the Debian package management system. This flaw could potentially lead to arbitrary code execution if a user or an automated system were tricked into processing a specially crafte...

7.5CVSS7.5AI score0.05035EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2015/11/25 12:0 a.m.•24 views

Salt -- information disclosure

Salt release notes report: CVE-2015-8034: Saving state.sls cache data to disk with insecure permissions This affects users of the state.sls function. The state run cache on the minion was being created with incorrect permissions. This file could potentially contain sensitive data that was inserte...

3.3CVSS4.7AI score0.00407EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/11/24 12:0 a.m.•25 views

django -- information leak vulnerability

Tim Graham reports: If an application allows users to specify an unvalidated format for dates and passes this format to the date filter, e.g. lastupdated|date:userdateformat , then a malicious user could obtain any secret in the application's settings by specifying a settings key instead of a dat...

5CVSS6.3AI score0.04284EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/11/24 12:0 a.m.•30 views

bind -- multiple vulnerabilities

ISC reports: Named is potentially vulnerable to the OpenSSL vulnerability described in CVE-2015-3193. Incorrect reference counting could result in an INSIST failure if a socket error occurred while performing a lookup. This flaw is disclosed in CVE-2015-8461. RT40945 Insufficient testing when...

7.5CVSS7.1AI score0.5469EPSS
Exploits1References3
FreeBSD
FreeBSD
•added 2015/11/22 12:0 a.m.•29 views

quassel -- remote denial of service

Pierre Schweitzer reports: Any client sending the command "/op " in a query will cause the Quassel core to crash...

7.5CVSS7.4AI score0.02825EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/11/20 12:0 a.m.•39 views

libxml2 -- multiple vulnerabilities

reports: CVE-2015-5312 Another entity expansion issue David Drysdale. CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey David Drysdale. CVE-2015-7498 Avoid processing entities after encoding conversion failures Daniel Veillard. CVE-2015-7499 1 Add xmlHaltParser to stop the...

7.1CVSS8.4AI score0.0721EPSS
Exploits2References2
FreeBSD
FreeBSD
•added 2015/11/19 12:0 a.m.•45 views

qemu -- denial of service vulnerability in Q35 chipset emulation

Prasad J Pandit, Red Hat Product Security Team, reports: Qemu emulator built with the Q35 chipset based pc system emulator is vulnerable to a heap based buffer overflow. It occurs during VM guest migration, as more16 bytes data is moved into allocated 8 bytes memory area. A privileged guest user...

7.9CVSS7.1AI score0.00434EPSS
Exploits1References3
FreeBSD
FreeBSD
•added 2015/11/17 12:0 a.m.•21 views

kibana4 -- CSRF vulnerability

Elastic reports: Vulnerability Summary: Kibana versions prior to 4.1.3 and 4.2.1 are vulnerable to a CSRF attack. Remediation Summary: Users should upgrade to 4.1.3 or 4.2.1...

6.8CVSS6.5AI score0.0088EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/11/17 12:0 a.m.•94 views

sudo -- potential privilege escalation via symlink misconfiguration

MITRE reports: sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by "/home///file.txt."...

7.2CVSS7.3AI score0.01458EPSS
Exploits5References3
FreeBSD
FreeBSD
•added 2015/11/17 12:0 a.m.•30 views

piwik -- multiple vulnerabilities

Piwik changelog reports: This release is rated critical. We are grateful for Security researchers who disclosed security issues privately to the Piwik Security Response team: Elamaran Venkatraman, Egidio Romano and Dmitriy Shcherbatov. The following vulnerabilities were fixed: XSS, CSRF, possible...

7.5CVSS7.1AI score0.03931EPSS
Exploits6References1
FreeBSD
FreeBSD
•added 2015/11/16 12:0 a.m.•21 views

a2ps -- format string vulnerability

Jong-Gwon Kim reports: When user runs a2ps with malicious crafted proa2ps prologue file, an attacker can execute arbitrary code...

7.8CVSS7.9AI score0.0286EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/11/16 12:0 a.m.•26 views

strongswan -- authentication bypass vulnerability in the eap-mschapv2 plugin

Strongswan Release Notes reports: Fixed an authentication bypass vulnerability in the eap-mschapv2 plugin that was caused by insufficient verification of the internal state when handling MSCHAPv2 Success messages received by the client. This vulnerability has been registered as CVE-2015-8023...

5CVSS7.7AI score0.02582EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/11/15 12:0 a.m.•32 views

libpng buffer overflow in png_set_PLTE

libpng reports: CVE for a vulnerability in libpng, all versions, in the pngsetPLTE/pnggetPLTE functions. These functions failed to check for an out-of-range palette when reading or writing PNG files with a bitdepth less than 8. Some applications might read the bit depth from the IHDR chunk and...

7.5CVSS7.8AI score0.10339EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2015/11/14 12:0 a.m.•26 views

subversion -- multiple vulnerabilities

Subversion Project reports: Remotely triggerable heap overflow and out-of-bounds read caused by integer overflow in the svn:// protocol parser. Remotely triggerable heap overflow and out-of-bounds read in moddavsvn caused by integer overflow when parsing skel-encoded request bodies...

9CVSS8AI score0.57037EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2015/11/14 12:0 a.m.•24 views

redmine -- multiple vulnerabilities

Redmine reports: Potential changeset message disclosure in issues API. Data disclosure on the time logging form...

5.3CVSS5.6AI score0.01931EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2015/11/12 12:0 a.m.•35 views

gdm -- lock screen bypass when holding escape key

Ray Strode reports: CVE-2015-7496 - lock screen bypass when holding escape key...

7.2CVSS6.6AI score0.00406EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2015/11/10 12:0 a.m.•60 views

xen-kernel -- CPU lockup during exception delivery

The Xen Project reports: A malicious HVM guest administrator can cause a denial of service. Specifically, prevent use of a physical CPU for a significant, perhaps indefinite period. If a host watchdog Xen or dom0 is in use, this can lead to a watchdog timeout and consequently a reboot of the host...

6.3AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2015/11/10 12:0 a.m.•52 views

MySQL - Multiple vulnerabilities

Oracle reports: Critical Patch Update: MySQL Server, versions 5.5.45 and prior, 5.6.26 and prior...

4CVSS7AI score0.30146EPSS
Exploits6References5
FreeBSD
FreeBSD
•added 2015/11/10 12:0 a.m.•34 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 520422 High CVE-2015-1302: Information leak in PDF viewer. Credit to Rob Wu...

7.5CVSS9AI score0.01864EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/11/10 12:0 a.m.•44 views

flash -- multiple vulnerabilities

Adobe reports: These updates resolve a type confusion vulnerability that could lead to code execution CVE-2015-7659. These updates resolve a security bypass vulnerability that could be exploited to write arbitrary data to the file system under user permissions CVE-2015-7662. These updates resolve...

10CVSS7.4AI score0.40682EPSS
Exploits4References1
FreeBSD
FreeBSD
•added 2015/11/10 12:0 a.m.•36 views

hostapd and wpa_supplicant -- multiple vulnerabilities

Jouni Malinen reports: wpasupplicant unauthorized WNM Sleep Mode GTK control. 2015-6 - CVE-2015-5310 EAP-pwd missing last fragment length validation. 2015-7 - CVE-2015-5315 EAP-pwd peer error path failure on unexpected Confirm message. 2015-8 - CVE-2015-5316...

5.9CVSS5.9AI score0.03249EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2015/11/09 12:0 a.m.•22 views

moodle -- multiple vulnerabilities

Moodle Release Notes report: MSA-15-0037 Possible to send a message to a user who blocked messages from non contacts MSA-15-0038 DDoS possibility in Atto MSA-15-0039 CSRF in site registration form MSA-15-0040 Student XSS in survey MSA-15-0041 XSS in flash video player MSA-15-0042 CSRF in lesson...

0.9AI score
Exploits0References3
FreeBSD
FreeBSD
•added 2015/11/08 12:0 a.m.•11 views

adminer -- XSS vulnerability

Jakub Vrana reports: Fix XSS in indexes non-MySQL only...

1.6AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2015/11/06 12:0 a.m.•18 views

jenkins -- remote code execution via unsafe deserialization

Jenkins Developers report: Unsafe deserialization allows unauthenticated remote attackers to run arbitrary code on the Jenkins master...

7.9AI score
Exploits0References3
FreeBSD
FreeBSD
•added 2015/11/06 12:0 a.m.•21 views

PuTTY -- memory corruption in terminal emulator's erase character handling

Ben Harris reports: Versions of PuTTY and pterm between 0.54 and 0.65 inclusive have a potentially memory-corrupting integer overflow in the handling of the ECH erase characters control sequence in the terminal emulator. To exploit a vulnerability in the terminal emulator, an attacker must be abl...

4.3CVSS9.2AI score0.03467EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/11/05 12:0 a.m.•13 views

PHPmailer -- SMTP injection vulnerability

PHPMailer changelog reports: Fix vulnerability that allowed email addresses with line breaks valid in RFC5322 to pass to SMTP, permitting message injection at the SMTP level. Mitigated in both the address validator and in the lower-level SMTP class. Thanks to Takeshi Terada...

1.6AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2015/11/04 12:0 a.m.•25 views

OpenOffice 4.1.1 -- multiple vulnerabilities

The Apache OpenOffice Project reports: A vulnerability in OpenOffice settings of OpenDocument Format files and templates allows silent access to files that are readable from an user account, over-riding the user's default configuration settings. Once these files are imported into a...

6.8CVSS7.8AI score0.13826EPSS
Exploits0References4
FreeBSD
FreeBSD
•added 2015/11/04 12:0 a.m.•36 views

claws-mail -- no bounds checking on the output buffer in conv_jistoeuc, conv_euctojis, conv_sjistoeuc

DrWhax reports: So in codeconv.c there is a function for Japanese character set conversion called convjistoeuc. There is no bounds checking on the output buffer, which is created on the stack with alloca Bug can be triggered by sending an email to [email protected] or whatever. Since my C is...

7.5CVSS7AI score0.02554EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/11/04 12:0 a.m.•122 views

cyrus-imapd -- integer overflow in the start_octet addition

Cyrus IMAP 2.5.7 Release Note states: CVE-2015-8077, CVE-2015-8078: protect against integer overflow in urlfetch range checks...

7.5CVSS5.1AI score0.03261EPSS
Exploits0References6
FreeBSD
FreeBSD
•added 2015/11/03 12:0 a.m.•23 views

powerdns -- Denial of Service

PowerDNS reports: A bug was found using afl-fuzz in our packet parsing code. This bug, when exploited, causes an assertion error and consequent termination of the the pdnsserver process, causing a Denial of Service...

5CVSS6.4AI score0.67456EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/11/03 12:0 a.m.•45 views

mozilla -- multiple vulnerabilities

The Mozilla Project reports: MFSA 2015-133 NSS and NSPR memory corruption issues MFSA 2015-132 Mixed content WebSocket policy bypass through workers MFSA 2015-131 Vulnerabilities found through code inspection MFSA 2015-130 JavaScript garbage collection crash with Java applet MFSA 2015-129 Certain...

9.8CVSS9.4AI score0.10238EPSS
Exploits0References18
FreeBSD
FreeBSD
•added 2015/11/02 12:0 a.m.•27 views

libsrtp -- DoS via crafted RTP header vulnerability

libsrtp reports: Prevent potential DoS attack due to lack of bounds checking on RTP header CSRC count and extension header length. Credit goes to Randell Jesup and the Firefox team for reporting this issue...

7.8CVSS7.5AI score0.08277EPSS
Exploits0References5
FreeBSD
FreeBSD
•added 2015/10/31 12:0 a.m.•21 views

codeigniter -- multiple vulnerabilities

The CodeIgniter changelog reports: Fixed an XSS attack vector in Security Library method xssclean. Changed Config Library method baseurl to fallback to $SERVER'SERVERADDR' in order to avoid Host header injections. Changed CAPTCHA Helper to try to use the operating system's PRNG first...

3AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2015/10/30 12:0 a.m.•34 views

cups-filters -- code execution

Salvatore Bonaccorso reports: Cups Filters/Foomatic Filters does not consider backtick as an illegal escape character...

7.5CVSS7.5AI score0.10171EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/10/30 12:0 a.m.•43 views

libvirt -- ACL bypass using ../ to access beyond storage pool

Libvit development team reports: Various virStorageVol API operate on user-supplied volume names by concatenating the volume name to the pool location. Note that the virStoragePoolListVolumes API, when used on a storage pool backed by a directory in a file system, will only list volumes immediate...

2.5CVSS5.4AI score0.00451EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/10/29 12:0 a.m.•41 views

libxslt -- DoS vulnerability due to type confusing error

libxslt maintainer reports: CVE-2015-7995: http://www.openwall.com/lists/oss-security/2015/10/27/10 We need to check that the parent node is an element before dereferencing its namespace...

5CVSS8AI score0.04156EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2015/10/29 12:0 a.m.•30 views

xen-tools -- populate-on-demand balloon size inaccuracy can crash guests

The Xen Project reports: Guests configured with PoD might be unstable, especially under load. In an affected guest, an unprivileged guest user might be able to cause a guest crash, perhaps simply by applying load so as to cause heavy memory pressure within the guest...

2.1CVSS7.4AI score0.00426EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/10/29 12:0 a.m.•36 views

xen-kernel -- Long latency populate-on-demand operation is not preemptible

The Xen Project reports: When running an HVM domain in Populate-on-Demand mode, Xen would sometimes search the domain for memory to reclaim, in response to demands for population of other pages in the same domain. This search runs without preemption. The guest can, by suitable arrangement of its...

4.9CVSS7.3AI score0.00436EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/10/29 12:0 a.m.•30 views

xen-kernel -- leak of per-domain profiling-related vcpu pointer array

The Xen Project reports: A domain's xenoprofile state contains an array of per-vcpu information... This array is leaked on domain teardown. This memory leak could -- over time -- exhaust the host's memory. The following parties can mount a denial of service attack affecting the whole system: A...

4.9CVSS7.5AI score0.00436EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/10/29 12:0 a.m.•39 views

xen-kernel -- Uncontrolled creation of large page mappings by PV guests

The Xen Project reports: The code to validate level 2 page table entries is bypassed when certain conditions are satisfied. This means that a PV guest can create writable mappings using super page mappings. Such writable mappings can violate Xen intended invariants for pages which Xen is supposed...

7.2CVSS7.9AI score0.00427EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/10/29 12:0 a.m.•31 views

xen-kernel -- leak of main per-domain vcpu pointer array

The Xen Project reports: A domain's primary array of vcpu pointers can be allocated by a toolstack exactly once in the lifetime of a domain via the XENDOMCTLmaxvcpus hypercall. This array is leaked on domain teardown. This memory leak could -- over time -- exhaust the host's memory. A domain give...

4.9CVSS7.3AI score0.00436EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/10/29 12:0 a.m.•38 views

xen-kernel -- some pmu and profiling hypercalls log without rate limiting

The Xen Project reports: HYPERCALLxenoprofop and HYPERVISORxenpmuop log some errors and attempts at invalid operations. These log messages are not rate-limited, even though they can be triggered by guests. A malicious guest could cause repeated logging to the hypervisor console, leading to a Deni...

2.1CVSS7.4AI score0.00426EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/10/28 12:0 a.m.•30 views

openafs -- information disclosure

The OpenAFS development team reports: When constructing an Rx acknowledgment ACK packet, Andrew-derived Rx implementations do not initialize three octets of data that are padding in the C language structure and were inadvertently included in the wire protocol CVE-2015-7762. Additionally, OpenAFS ...

5CVSS6.4AI score0.02133EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/10/24 12:0 a.m.•23 views

xscreensaver - lock bypass

RedHat bugzilla reports: In dual screen configurations, unplugging one screen will cause xscreensaver to crash, leaving the screen unlocked...

2.1CVSS6.5AI score0.00508EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2015/10/23 12:0 a.m.•39 views

phpMyAdmin -- Content spoofing vulnerability

The phpMyAdmin development team reports: This vulnerability allows an attacker to perform a content spoofing attack using the phpMyAdmin's redirection mechanism to external sites. We consider this vulnerability to be non critical since the spoofed content is escaped and no HTML injection is...

5CVSS6.7AI score0.02624EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/10/22 12:0 a.m.•23 views

Joomla! -- Core - ACL Violation vulnerabilities

The JSST and the Joomla! Security Center report: 20151003 - Core - ACL Violations Inadequate ACL checks in comcontent provide potential read access to data which should be access restricted...

5CVSS6.4AI score0.01955EPSS
Exploits0References2
Total number of security vulnerabilities6585