FreeBSD, NetBSD Security Vulnerabilities
NetBSD Kernel stat System Call Uninitialized Memory Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of NetBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the stat...
4.9AI Score
Feature-rich Onion Service manager for UNIX-like operating systems written in POSIX conformant shellscript A collection of Onion Services features implemented for Unix-like systems following the Portable Operating System Interface standard. WARNING: do not trust this repo yet, backup your hs keys.....
-0.2AI Score
In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic...
7.5CVSS
7.5AI Score
0.001EPSS
In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic...
7.5CVSS
0.001EPSS
In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic...
7.5CVSS
7.5AI Score
0.001EPSS
In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic...
7.7AI Score
0.002EPSS
In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic...
7.8AI Score
0.002EPSS
In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation...
7.6AI Score
0.001EPSS
In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic...
7.7AI Score
0.001EPSS
PlayStation: Remote kernel heap overflow
Summary The PlayStation has a kernel PPPoE driver, that originates from NetBSD. This driver has a kernel heap overflow vulnerability, that an attacker can remotely trigger over the LAN, with the ability to control both the contents that are overflown and their sizes. Technical Details PPPoE...
0.3AI Score
EPSS
An issue in the dither.c component of libsixel prior to v1.8.4 allows attackers to cause a denial of service (DOS) via a crafted PNG...
6.5CVSS
6.1AI Score
0.003EPSS
Libsixel prior to v1.8.3 contains a stack buffer overflow in the function gif_process_raster at...
6.5CVSS
6.6AI Score
0.002EPSS
An issue in the dither.c component of libsixel prior to v1.8.4 allows attackers to cause a denial of service (DOS) via a crafted PNG...
6.5CVSS
0.003EPSS
An invalid read in the stb_image.h component of libsixel prior to v1.8.5 allows attackers to cause a denial of service (DOS) via a crafted PSD...
6.5CVSS
6.1AI Score
0.003EPSS
An invalid read in the stb_image.h component of libsixel prior to v1.8.5 allows attackers to cause a denial of service (DOS) via a crafted PSD...
6.5CVSS
0.003EPSS
Libsixel prior to v1.8.3 contains a stack buffer overflow in the function gif_process_raster at...
6.5CVSS
0.002EPSS
Libsixel prior to v1.8.3 contains a stack buffer overflow in the function gif_process_raster at...
6.5CVSS
6.6AI Score
0.002EPSS
An invalid read in the stb_image.h component of libsixel prior to v1.8.5 allows attackers to cause a denial of service (DOS) via a crafted PSD...
6.5CVSS
6.1AI Score
0.003EPSS
An issue in the dither.c component of libsixel prior to v1.8.4 allows attackers to cause a denial of service (DOS) via a crafted PNG...
6.5CVSS
6.1AI Score
0.003EPSS
Libsixel prior to v1.8.3 contains a stack buffer overflow in the function gif_process_raster at...
6.6AI Score
0.002EPSS
An invalid read in the stb_image.h component of libsixel prior to v1.8.5 allows attackers to cause a denial of service (DOS) via a crafted PSD...
6.1AI Score
0.003EPSS
An issue in the dither.c component of libsixel prior to v1.8.4 allows attackers to cause a denial of service (DOS) via a crafted PNG...
6.1AI Score
0.003EPSS
An issue in the dither.c component of libsixel prior to v1.8.4 allows attackers to cause a denial of service (DOS) via a crafted PNG...
6.5CVSS
5.9AI Score
0.003EPSS
Libsixel prior to v1.8.3 contains a stack buffer overflow in the function gif_process_raster at...
6.5CVSS
6.6AI Score
0.002EPSS
An invalid read in the stb_image.h component of libsixel prior to v1.8.5 allows attackers to cause a denial of service (DOS) via a crafted PSD...
6.5CVSS
5.9AI Score
0.003EPSS
Tuxera NTFS-3G out-of-bounds read vulnerability (CNVD-2021-72262)
NTFS-3G is a stable, full-featured, read-write NTFS driver for Linux, Android, Mac OS X, FreeBSD, NetBSD, OpenSolaris, QNX, Haiku, and other operating systems. ntfs_ie_lookup in versions prior to NTFS-3G 2021.8.22 lookup is vulnerable to an out-of-bounds read. An attacker can exploit this...
7.8CVSS
4.5AI Score
0.0004EPSS
Tuxera NTFS-3G out-of-bounds read vulnerability
NTFS-3G is a stable, full-featured, read-write NTFS driver for Linux, Android, Mac OS X, FreeBSD, NetBSD, OpenSolaris, QNX, Haiku, and other operating systems. NTFS-3G versions prior to 2021.8.22 are vulnerable to an out-of-bounds read vulnerability. The vulnerability stems from an invalid...
7.8CVSS
4.7AI Score
0.0004EPSS
Tuxera NTFS-3G integer overflow vulnerability
NTFS-3G is a stable, full-featured, read-write NTFS driver for Linux, Android, Mac OS X, FreeBSD, NetBSD, OpenSolaris, QNX, Haiku, and other operating systems. memmove in versions prior to NTFS-3G 2021.8.22 is vulnerable to integer overflow vulnerability. An attacker can exploit this vulnerability....
7.8CVSS
5.9AI Score
0.001EPSS
Tuxera NTFS-3G null pointer dereference vulnerability
NTFS-3G is a stable, full-featured, read/write NTFS driver for Linux, Android, Mac OS X, FreeBSD, NetBSD, OpenSolaris, QNX, Haiku, and other operating systems. ntfs_ extent_inode_open is vulnerable to a null pointer dereference. An attacker could exploit the vulnerability to cause null pointer...
7.8CVSS
2.8AI Score
0.0004EPSS
Tuxera NTFS-3G out-of-bounds read vulnerability (CNVD-2021-72263)
NTFS-3G is a stable, full-featured, read/write NTFS driver for Linux, Android, Mac OS X, FreeBSD, NetBSD, OpenSolaris, QNX, Haiku, and other operating systems. ntfs_runlists_merge_i in versions prior to NTFS-3G 2021.8.22 is vulnerable to an out-of-bounds read. runlists_merge_i is vulnerable to...
7.8CVSS
4.7AI Score
0.0004EPSS
15 Must-Have Tools for Penetration Testing in 2021⚙️
Do you require the best web entrance testing apparatuses? In this piece, we’ll be investigating data about entrance and the absolute best infiltration testing devices that you can approach. What is Penetration Testing? Penetration, Security, Infiltration or Entrance testing is a type of safety...
-0.3AI Score
The-Bastion - Authentication, Authorization, Traceability And Auditability For SSH Accesses
Bastions are a cluster of machines used as the unique entry point by operational teams (such as sysadmins, developers, database admins, ...) to securely connect to devices (servers, virtual machines, cloud instances, network equipment, ...), usually using ssh. Bastions provides mechanisms for...
7.9AI Score
Internet Bug Bounty: Fragmentation and Aggregation Flaws in Wi-Fi
I discovered three design flaws in the Wi-Fi standard and widespread related implementation flaws (see GitHub overview and test tool). Here I'll specifically cover open source software. These findings have not received bug bounties from other sources. Implementation flaws allowing trivial packet...
6.5CVSS
7.6AI Score
0.002EPSS
FragAttack: New Wi-Fi vulnerabilities that affect… basically everything
A new set of vulnerabilities with an aggressive name and their own website almost always bodes ill. The name FragAttack is a contraction of fragmentation and aggregation attacks, which immediately indicates the main area where the vulnerabilities were found. The vulnerabilities are mostly in how...
7.5CVSS
-0.1AI Score
0.002EPSS
An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients...
5.3CVSS
0.002EPSS
An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients...
5.3CVSS
6.6AI Score
0.002EPSS
An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients...
5.3CVSS
6.5AI Score
0.002EPSS
An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients...
5.3CVSS
6.1AI Score
0.002EPSS
An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients...
6.8AI Score
0.002EPSS
An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients...
5.3CVSS
6.6AI Score
0.002EPSS
UAC - Unix-like Artifacts Collector
UAC is a Live Response collection tool for Incident Response that makes use of built-in tools to automate the collection of Unix-like systems artifacts. It respects the order of volatility and artifacts that are changed during the execution. It was created to facilitate and speed up data...
7.2AI Score
[SECURITY] [DLA 2592-1] golang-1.8 security update
Debian LTS Advisory DLA-2592-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler March 13, 2021 https://wiki.debian.org/LTS Package : golang-1.8 Version : 1.8.1-1+deb9u3 CVE ID ...
9.8CVSS
9.3AI Score
0.331EPSS
[SECURITY] [DLA 2591-1] golang-1.7 security update
Debian LTS Advisory DLA-2591-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler March 13, 2021 https://wiki.debian.org/LTS Package : golang-1.7 Version : 1.7.4-2+deb9u3 CVE ID ...
9.8CVSS
9.3AI Score
0.331EPSS
EulerOS 2.0 SP9 : kernel (EulerOS-SA-2021-1246)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can...
8.8CVSS
8.4AI Score
0.004EPSS
Sudo set_cmd() is vulnerable to heap-based buffer overflow
Overview A heap-based overflow has been discovered in the set_cmd() function in sudo, which may allow a local attacker to execute commands with elevated administrator privileges. Description From the Sudo Main Page: Sudo (su "do") allows a system administrator to delegate authority to give...
7.8CVSS
8.4AI Score
0.97EPSS
Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2021-9023)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9023 advisory. An issue was discovered in Xen through 4.14.x. Some OSes (such as Linux, FreeBSD, and NetBSD) are processing watch events using a single thread....
8.8CVSS
8.1AI Score
0.004EPSS
FreeBSD -- Xen guests can triger backend Out Of Memory
Problem Description: Some OSes (including Linux, FreeBSD, and NetBSD) are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbound, a guest may be able to trigger a OOM in the...
6.5CVSS
0.8AI Score
0.0004EPSS
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-21:02.xenoom Security Advisory The FreeBSD Project Topic: Xen guests can triger backend Out Of Memory Category: contrib Module: Xen Announced: 2021-01-29...
6.5CVSS
AI Score
0.0004EPSS
Issue Overview: In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. This is related to mutex_can_spin_on_owner in kernel/locking/mutex.c,...
8.8CVSS
7.4AI Score
0.001EPSS
Amazon Linux AMI : kernel (ALAS-2021-1477)
The version of kernel installed on the remote host is prior to 4.14.214-118.339. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1477 advisory. In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then...
8.8CVSS
7.7AI Score
0.001EPSS