Lucene search
K
FreebsdRecent

6585 matches found

FreeBSD
FreeBSD
•added 2015/08/06 12:0 a.m.•49 views

qemu -- buffer overflow vulnerability in virtio-serial message exchanges

Prasad J Pandit, Red Hat Product Security Team, reports: Qemu emulator built with the virtio-serial vmchannel support is vulnerable to a buffer overflow issue. It could occur while exchanging virtio control messages between guest and the host. A malicious guest could use this flaw to corrupt few...

6.5CVSS7.2AI score0.03012EPSS
Exploits1References3
FreeBSD
FreeBSD
•added 2015/08/06 12:0 a.m.•42 views

php5 -- multiple vulnerabilities

The PHP project reports: Core: Fixed bug 69793 Remotely triggerable stack exhaustion via recursive method calls. Fixed bug 70121 unserialize could lead to unexpected methods execution / NULL pointer deref. OpenSSL: Fixed bug 70014 opensslrandompseudobytes is not cryptographically secure. Phar:...

7.5CVSS8.6AI score0.07057EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2015/08/06 12:0 a.m.•30 views

mozilla -- multiple vulnerabilities

The Mozilla Project reports: MFSA 2015-78 Same origin violation and local file stealing via PDF reader...

8.8CVSS7.2AI score0.70226EPSS
Exploits8References1
FreeBSD
FreeBSD
•added 2015/08/05 12:0 a.m.•32 views

FreeBSD -- shell injection vulnerability in patch(1)

Problem Description: Due to insufficient sanitization of the input patch stream, it is possible for a patch file to cause patch1 to pass certain ed1 scripts to the ed1 editor, which would run commands. Impact: This issue could be exploited to execute arbitrary commands as the user invoking patch1...

9.3CVSS7.9AI score0.03778EPSS
Exploits0
FreeBSD
FreeBSD
•added 2015/08/05 12:0 a.m.•26 views

FreeBSD -- routed(8) remote denial of service vulnerability

Problem Description: The input path in routed8 will accept queries from any source and attempt to answer them. However, the output path assumes that the destination address for the response is on a directly connected network. Impact: Upon receipt of a query from a source which is not on a directl...

6.5CVSS6.4AI score0.02649EPSS
Exploits0
FreeBSD
FreeBSD
•added 2015/08/05 12:0 a.m.•43 views

adminer -- XSS vulnerability

Jakub Vrana reports: Fix XSS in alter table...

1.3AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2015/08/05 12:0 a.m.•14 views

pcre -- heap overflow vulnerability in '(?|' situations

Venustech ADLAB reports: PCRE library is prone to a vulnerability which leads to Heap Overflow. During the compilation of a malformed regular expression, more data is written on the malloced block than the expected size output by compileregex. Exploits with advanced Heap Fengshui techniques may...

0.9AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2015/08/04 12:0 a.m.•29 views

wordpress -- Multiple vulnerability

Gary Pendergast reports: WordPress 4.2.4 fixes three cross-site scripting vulnerabilities and a potential SQL injection that could be used to compromise a site...

7.5CVSS6.8AI score0.10986EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/08/03 12:0 a.m.•36 views

Botan BER Decoder vulnerabilities

The botan developers reports: Excess memory allocation in BER decoder - The BER decoder would allocate a fairly arbitrary amount of memory in a length field, even if there was no chance the read request would succeed. This might cause the process to run out of memory or invoke the OOM killer. Cra...

8.3AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2015/08/03 12:0 a.m.•36 views

qemu, xen-tools -- QEMU leak of uninitialized heap memory in rtl8139 device model

The Xen Project reports: The QEMU model of the RTL8139 network card did not sufficiently validate inputs in the C+ mode offload emulation. This results in uninitialized memory from the QEMU process's heap being leaked to the domain as well as to the network. A guest may be able to read sensitive...

9.3CVSS6.7AI score0.13288EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2015/08/03 12:0 a.m.•26 views

qemu, xen-tools -- use-after-free in QEMU/Xen block unplug protocol

The Xen Project reports: When unplugging an emulated block device the device was not fully unplugged, meaning a second unplug attempt would attempt to unplug the device a second time using a previously freed pointer. An HVM guest which has access to an emulated IDE disk device may be able to...

7.2CVSS6.8AI score0.00426EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2015/07/29 12:0 a.m.•27 views

froxlor -- database password information leak

[email protected] reports: An unauthenticated remote attacker is able to get the database password via webaccess due to wrong file permissions of the /logs/ folder in froxlor version 0.9.33.1 and earlier. The plain SQL password and username may be stored in the /logs/sql-error.log file...

9.8CVSS9.3AI score0.03144EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2015/07/29 12:0 a.m.•31 views

go -- multiple vulnerabilities

Jason Buberel, Go Product Manager, reports: CVE-2015-5739 - "Content Length" treated as valid header CVE-2015-5740 - Double content-length headers does not return 400 error CVE-2015-5741 - Additional hardening, not sending Content-Length w/Transfer-Encoding, Closing connections...

9.8CVSS9.2AI score0.09625EPSS
Exploits0References4
FreeBSD
FreeBSD
•added 2015/07/28 12:0 a.m.•18 views

FreeBSD -- Resource exhaustion in TCP reassembly

Problem Description: There is a mistake with the introduction of VNET, which converted the global limit on the number of segments that could belong to reassembly queues into a per-VNET limit. Because mbufs are allocated from a global pool, in the presence of a sufficient number of VNETs, the tota...

7.5CVSS7.3AI score0.03324EPSS
Exploits0
FreeBSD
FreeBSD
•added 2015/07/28 12:0 a.m.•27 views

FreeBSD -- shell injection vulnerability in patch(1)

Problem Description: Due to insufficient sanitization of the input patch stream, it is possible for a patch file to cause patch1 to run commands in addition to the desired SCCS or RCS commands. Impact: This issue could be exploited to execute arbitrary commands as the user invoking patch1 against...

9.3CVSS7.9AI score0.03535EPSS
Exploits0
FreeBSD
FreeBSD
•added 2015/07/27 12:0 a.m.•27 views

qemu, xen-tools -- QEMU heap overflow flaw with certain ATAPI commands

The Xen Project reports: A heap overflow flaw was found in the way QEMU's IDE subsystem handled I/O buffer access while processing certain ATAPI commands. A privileged guest user in a guest with CDROM drive enabled could potentially use this flaw to execute arbitrary code on the host with the...

7.2CVSS7.4AI score0.0063EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2015/07/27 12:0 a.m.•32 views

subversion -- multiple vulnerabilities

Subversion reports: CVE-2015-3184: Subversion's modauthzsvn does not properly restrict anonymous access in some mixed anonymous/authenticated environments when using Apache httpd 2.4. CVE-2015-3187: Subversion servers, both httpd and svnserve, will reveal some paths that should be hidden by...

5CVSS8.2AI score0.10607EPSS
Exploits0References2
FreeBSD
FreeBSD
•added 2015/07/27 12:0 a.m.•23 views

remind -- buffer overflow with malicious reminder file input

Dianne Skoll reports: BUG FIX: Fix a buffer overflow found by Alexander Keller. The bug can be manifested by an extended DUMP command using a system variable that is a special variable whose name begins with '$'...

10CVSS7AI score0.02595EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2015/07/25 12:0 a.m.•10 views

lshell -- Shell autocomplete reveals forbidden directories

lshell reports: The autocomplete feature allows users to list directories, while they do not have access to those paths issue 109...

3.8AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2015/07/23 12:0 a.m.•41 views

qemu -- stack buffer overflow while parsing SCSI commands

Prasad J Pandit, Red Hat Product Security Team, reports: Qemu emulator built with the SCSI device emulation support is vulnerable to a stack buffer overflow issue. It could occur while parsing SCSI command descriptor block with an invalid operation code. A privilegedCAPSYSRAWIO user inside guest...

5.5CVSS6.5AI score0.00434EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2015/07/23 12:0 a.m.•44 views

wordpress -- XSS vulnerability

Gary Pendergast reports: WordPress versions 4.2.2 and earlier are affected by a cross-site scripting vulnerability, which could allow users with the Contributor or Author role to compromise a site. This was reported by Jon Cave and fixed by Robert Chapin, both of the WordPress security team...

5.9AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2015/07/22 12:0 a.m.•26 views

logstash -- SSL/TLS vulnerability with Lumberjack input

Elastic reports: Vulnerability Summary: All Logstash versions prior to 1.5.2 that use Lumberjack input in combination with Logstash Forwarder agent are vulnerable to a SSL/TLS security issue called the FREAK attack. This allows an attacker to intercept communication and access secure data. Users...

7.5CVSS7.4AI score0.02462EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/07/22 12:0 a.m.•16 views

sox -- memory corruption vulnerabilities

Michele Spagnuolo, Google Security Team, reports: The write heap buffer overflows are related to ADPCM handling in WAV files, while the read heap buffer overflow is while opening a .VOC...

1.6AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2015/07/21 12:0 a.m.•47 views

FreeBSD -- Resource exhaustion due to sessions stuck in LAST_ACK state

Problem Description: TCP connections transitioning to the LASTACK state can become permanently stuck due to mishandling of protocol state in certain situations, which in turn can lead to accumulated consumption and eventual exhaustion of system resources, such as mbufs and sockets. Impact: An...

7.1CVSS5.8AI score0.02624EPSS
Exploits0
FreeBSD
FreeBSD
•added 2015/07/21 12:0 a.m.•37 views

shibboleth-sp -- DoS vulnerability

Shibboleth consortium reports: Shibboleth SP software crashes on well-formed but invalid XML. The Service Provider software contains a code path with an uncaught exception that can be triggered by an unauthenticated attacker by supplying well-formed but schema-invalid XML in the form of SAML...

4CVSS6.6AI score0.0195EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/07/21 12:0 a.m.•131 views

OpenSSH -- MaxAuthTries limit bypass via duplicates in KbdInteractiveDevices

It was discovered that the OpenSSH sshd daemon did not check the list of keyboard-interactive authentication methods for duplicates. A remote attacker could use this flaw to bypass the MaxAuthTries limit, making it easier to perform password guessing attacks...

8.5CVSS6.6AI score0.09302EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2015/07/21 12:0 a.m.•49 views

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 43 security fixes in this release, including: 446032 High CVE-2015-1271: Heap-buffer-overflow in pdfium. Credit to cloudfuzzer. 459215 High CVE-2015-1273: Heap-buffer-overflow in pdfium. Credit to makosoft. 461858 High CVE-2015-1274: Settings allowed executable fil...

9.8CVSS8.5AI score0.19069EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2015/07/21 12:0 a.m.•32 views

bind -- denial of service vulnerability

ISC reports: An error in the handling of TKEY queries can be exploited by an attacker for use as a denial-of-service vector, as a constructed packet can use the defect to trigger a REQUIRE assertion failure, causing BIND to exit...

7.8CVSS7.7AI score0.91284EPSS
Exploits12References1
FreeBSD
FreeBSD
•added 2015/07/20 12:0 a.m.•20 views

gnutls -- double free in certificate DN decoding

gnutls.org reports: Kurt Roeckx reported that decoding a specific certificate with very long DistinguishedName DN entries leads to double free, which may result to a denial of service. Since the DN decoding occurs in almost all applications using certificates it is recommended to upgrade the late...

5CVSS7.3AI score0.1903EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2015/07/16 12:0 a.m.•40 views

elasticsearch -- directory traversal attack via snapshot API

Elastic reports: Vulnerability Summary: Elasticsearch versions from 1.0.0 to 1.6.0 are vulnerable to a directory traversal attack. Remediation Summary: Users should upgrade to 1.6.1 or later, or constrain access to the snapshot API to trusted sources...

5CVSS9.1AI score0.9175EPSS
Exploits7References1
FreeBSD
FreeBSD
•added 2015/07/16 12:0 a.m.•59 views

elasticsearch -- remote code execution via transport protocol

Elastic reports: Vulnerability Summary: Elasticsearch versions prior to 1.6.1 are vulnerable to an attack that can result in remote code execution. Remediation Summary: Users should upgrade to 1.6.1 or 1.7.0. Alternately, ensure that only trusted applications have access to the transport protocol...

9.8CVSS9.4AI score0.14863EPSS
Exploits2References1
FreeBSD
FreeBSD
•added 2015/07/15 12:0 a.m.•9 views

codeigniter -- mysql database driver vulnerability

The CodeIgniter changelog reports: Security: Removed a fallback to mysqlescapestring in the mysql database driver escapestr method when there's no active database connection...

1.4AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2015/07/12 12:0 a.m.•35 views

gdk-pixbuf2 -- heap overflow and DoS

Gustavo Grieco reports: We found a heap overflow and a DoS in the gdk-pixbuf implementation triggered by the scaling of a malformed bmp...

6.8CVSS7.8AI score0.084EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/07/12 12:0 a.m.•42 views

cacti -- Multiple XSS and SQL injection vulnerabilities

The Cacti Group, Inc. reports: Important Security Fixes Multiple XSS and SQL injection vulnerabilities CVE-2015-4634 - SQL injection in graphs.php Changelog bug: Fixed various SQL Injection vectors bug0002574: SQL Injection Vulnerabilities in graph items and graph template items bug0002577:...

7.5CVSS9.4AI score0.02178EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2015/07/12 12:0 a.m.•29 views

devel/ipython -- CSRF possible remote execution vulnerability

Kyle Kelley reports: Summary: POST requests exposed via the IPython REST API are vulnerable to cross-site request forgery CSRF. Web pages on different domains can make non-AJAX POST requests to known IPython URLs, and IPython will honor them. The user's browser will automatically send IPython...

8.8CVSS7.3AI score0.01201EPSS
Exploits1References2
FreeBSD
FreeBSD
•added 2015/07/12 12:0 a.m.•19 views

gdk-pixbuf2 -- heap overflow and DoS affecting Firefox and other programs

[email protected] reports: We found a heap overflow and a DoS in the gdk-pixbuf implementation triggered by the scaling of a malformed bmp...

1.2AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2015/07/10 12:0 a.m.•36 views

Adobe Flash Player -- critical vulnerabilities

Adobe reports: Critical vulnerabilities CVE-2015-5122, CVE-2015-5123 have been identified. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system. Adobe is aware of reports that exploits targeting these vulnerabilities have been...

10CVSS6.7AI score0.93688EPSS
Exploits5References1
FreeBSD
FreeBSD
•added 2015/07/09 12:0 a.m.•38 views

groovy -- remote execution of untrusted code

Cédric Champeau reports: Description When an application has Groovy on the classpath and that it uses standard Java serialization mechanism to communicate between servers, or to store local data, it is possible for an attacker to bake a special serialized object that will execute code directly wh...

9.8CVSS9.2AI score0.42983EPSS
Exploits4References3
FreeBSD
FreeBSD
•added 2015/07/09 12:0 a.m.•36 views

openssl -- alternate chains certificate forgery vulnerability

OpenSSL reports: During certificate verification, OpenSSL starting from version 1.0.1n and 1.0.2b will attempt to find an alternative certificate chain if the first attempt to build such a chain fails. An error in the implementation of this logic can mean that an attacker could cause certain chec...

6.5CVSS6.8AI score0.61798EPSS
Exploits6References1
FreeBSD
FreeBSD
•added 2015/07/08 12:0 a.m.•21 views

KeePassX -- information disclosure

Yves-Alexis Perez reports: Starting an export using File / Export to / KeepassX XML file and cancelling it leads to KeepassX saving a cleartext XML file in /.xml without any warning...

7.5CVSS7.4AI score0.0119EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/07/08 12:0 a.m.•35 views

wpa_supplicant -- WPS_NFC option payload length validation vulnerability

Jouni Malinen reports: Incomplete WPS and P2P NFC NDEF record payload length validation. 2015-5...

5CVSS7.1AI score0.03409EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/07/07 12:0 a.m.•34 views

bind -- denial of service vulnerability

ISC reports: A very uncommon combination of zone data has been found that triggers a bug in BIND, with the result that named will exit with a "REQUIRE" failure in name.c when validating the data returned in answer to a recursive query. A recursive resolver that is performing DNSSEC validation can...

7.8CVSS8.3AI score0.37872EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/07/07 12:0 a.m.•40 views

Adobe Flash Player -- critical vulnerabilities

Adobe reports: Adobe has released security updates for Adobe Flash Player. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system. Adobe is aware of a report that an exploit targeting CVE-2015-5119 has been publicly published...

10CVSS6.6AI score0.99344EPSS
Exploits6References1
FreeBSD
FreeBSD
•added 2015/07/07 12:0 a.m.•27 views

xen-tools -- xl command line config handling stack overflow

The Xen Project reports: The xl command line utility mishandles long configuration values when passed as command line arguments, with a buffer overrun. A semi-trusted guest administrator or controller, who is intended to be able to partially control the configuration settings for a domain, can...

6.8CVSS7.9AI score0.00394EPSS
Exploits0References1
FreeBSD
FreeBSD
•added 2015/07/06 12:0 a.m.•35 views

moodle -- multiple vulnerabilities

Marina Glancy reports: MSA-15-0026: Possible phishing when redirecting to external site using referer header. CVE-2015-3272 MSA-15-0027: Capability 'mod/forum:canposttomygroups' is not respected when using 'Post a copy to all groups' in forum CVE-2015-3273 MSA-15-0028: Possible XSS through custom...

7.4CVSS5.9AI score0.01849EPSS
Exploits0References4
FreeBSD
FreeBSD
•added 2015/07/06 12:0 a.m.•22 views

freexl -- integer overflow

Stefan Cornelius reports: There's an integer overflow in the allocatecells function when trying to allocate the memory for worksheet with specially crafted row/column dimensions. This can be exploited to cause a heap memory corruption. The most likely outcome of this is a crash when trying to...

2.2AI score
Exploits0References1
FreeBSD
FreeBSD
•added 2015/07/06 12:0 a.m.•24 views

squid -- Improper Protection of Alternate Path with CONNECT requests

Squid security advisory 2015:2 reports: Squid configured with cachepeer and operating on explicit proxy traffic does not correctly handle CONNECT method peer responses. The bug is important because it allows remote clients to bypass security in an explicit gateway proxy. However, the bug is...

6.8CVSS8.5AI score0.16525EPSS
Exploits1References1
FreeBSD
FreeBSD
•added 2015/07/03 12:0 a.m.•30 views

node, iojs, and v8 -- denial of service

node reports: This release of Node.js fixes a bug that triggers an out-of-band write in V8's utf-8 decoder. This bug impacts all Buffer to String conversions. This is an important security update as this bug can be used to cause a denial of service attack...

7.5CVSS6.2AI score0.02995EPSS
Exploits0References4
FreeBSD
FreeBSD
•added 2015/07/03 12:0 a.m.•38 views

cups-filters -- texttopdf integer overflow

Stefan Cornelius from Red Hat reports: An integer overflow flaw leading to a heap-based buffer overflow was discovered in the way the texttopdf utility of cups-filter processed print jobs with a specially crafted line size. An attacker being able to submit print jobs could exploit this flaw to...

7.5CVSS8.5AI score0.08295EPSS
Exploits0References3
FreeBSD
FreeBSD
•added 2015/07/02 12:0 a.m.•36 views

mozilla -- multiple vulnerabilities

The Mozilla Project reports: MFSA 2015-59 Miscellaneous memory safety hazards rv:39.0 / rv:31.8 / rv:38.1 MFSA 2015-60 Local files or privileged URLs in pages can be opened into new tabs MFSA 2015-61 Type confusion in Indexed Database Manager MFSA 2015-62 Out-of-bound read while computing an...

10CVSS6.5AI score0.9986EPSS
Exploits2References13
Total number of security vulnerabilities6585