Detections
Analytics

FreeBSD Local Security Checks Family for Nessus

IDNameSeverity
134843FreeBSD : puppetserver and puppetdb -- Puppet Server and PuppetDB may leak sensitive information via metrics API (36def7ba-6d2b-11ea-b115-643150d3111d)
high
134723FreeBSD : FreeBSD -- Insufficient ixl(4) ioctl(2) privilege checking (b2b83761-6a09-11ea-92ab-00163e433440)
medium
134722FreeBSD : FreeBSD -- Kernel memory disclosure with nested jails (6b90acba-6a0a-11ea-92ab-00163e433440)
medium
134721FreeBSD : FreeBSD -- Insufficient oce(4) ioctl(2) privilege checking (3c10ccdf-6a09-11ea-92ab-00163e433440)
medium
134720FreeBSD : FreeBSD -- TCP IPv6 SYN cache kernel information disclosure (0e06013e-6a06-11ea-92ab-00163e433440)
medium
134719FreeBSD : FreeBSD -- Incorrect user-controlled pointer use in epair (0cc7e547-6a0a-11ea-92ab-00163e433440)
critical
134686FreeBSD : www/py-bleach -- multiple vulnerabilities (3d19c776-68e7-11ea-91db-0050562a4d7b)
high
134585FreeBSD : zeek -- potential denial of service issues (4ae135f7-85cd-4c32-ad94-358271b31f7f)
high
134467FreeBSD : Okular -- Local binary execution via action links (c3600a64-64ea-11ea-bdff-e0d55e2a8bf9)
high
134466FreeBSD : Gitlab -- Vulnerability (9a09eaa2-6448-11ea-abb7-001b217b3468)
high
134438FreeBSD : py-matrix-synapse -- users of single-sign-on are vulnerable to phishing (1afe9552-5ee3-11ea-9b6d-901b0e934d69)
high
134437FreeBSD : Django -- potential SQL injection vulnerability (1685144e-63ff-11ea-a93a-080027846a02)
high
134356FreeBSD : Node.js -- multiple vulnerabilities (0032400f-624f-11ea-b495-000d3ab229d6)
critical
134337FreeBSD : gitea -- multiple vulnerabilities (be088777-6085-11ea-8609-08002731610e)
high
134336FreeBSD : salt -- salt-api vulnerability (8c98e643-6008-11ea-af63-38d547003487)
critical
134335FreeBSD : Gitlab -- Multiple Vulnerabilities (62f2182c-5f7a-11ea-abb7-001b217b3468)
critical
134258FreeBSD : TiMidity++ -- Multiple vulnerabilities (d37407bd-5c5f-11ea-bb2a-8c164582fbac)
medium
134257FreeBSD : librsvg2 -- multiple vulnabilities (b66583ae-5aee-4cd5-bb31-b2d397f8b6b3)
medium
134256FreeBSD : ntp -- Multiple vulnerabilities (591a706b-5cdc-11ea-9a0a-206a8a720317)
high
134190FreeBSD : Solr -- multiple vulnerabilities (e59cb761-5ad8-11ea-abb7-001b217b3468)
high
133973FreeBSD : OpenSMTPd -- LPE and RCE in OpenSMTPD's default install (f0683976-5779-11ea-8a77-1c872ccb1e42)
critical
133972FreeBSD : Mbed TLS -- Side channel attack on ECDSA (b70b880f-5727-11ea-a2f3-001cc0382b2f)
medium
133971FreeBSD : OpenSMTPd -- Local information disclosure (76f1ce19-5749-11ea-bff8-c85b76ce9b5a)
medium
133970FreeBSD : OpenSMTPd -- LPE and RCE in OpenSMTPD's default install (40c75597-574a-11ea-bff8-c85b76ce9b5a)
critical
133969FreeBSD : Mbed TLS -- Cache attack against RSA key import in SGX (056ea107-5729-11ea-a2f3-001cc0382b2f)
high
133894FreeBSD : WeeChat -- Multiple vulnerabilities (8e3f1812-54d9-11ea-8d49-d4c9ef517024)
critical
133822FreeBSD : webkit-gtk3 -- Multiple vulnerabilities (1cb0af4e-d641-4f99-9432-297a89447a97)
high
133710FreeBSD : FreeBSD -- kernel stack data disclosure (6025d173-4279-11ea-b184-f8b156ac3ff9)
low
133709FreeBSD : FreeBSD -- Missing IPsec anti-replay window check (5797c807-4279-11ea-b184-f8b156ac3ff9)
critical
133708FreeBSD : FreeBSD -- libfetch buffer overflow (22b41bc5-4279-11ea-b184-f8b156ac3ff9)
critical
133707FreeBSD : Gitlab -- Vulnerability (1ece5591-4ea9-11ea-86f0-001b217b3468)
high
133662FreeBSD : grub2-bhyve -- multiple privilege escalations (9d6a48a7-4dad-11ea-8a1d-7085c25400ea)
high
133661FreeBSD : dovecot -- multiple vulnerabilities (74db0d02-b140-4c32-aac6-1f1e81e1ad30)
medium
133630FreeBSD : Flash Player -- arbitrary code execution (d460b640-4cdf-11ea-a59e-6451062f0f7a)
high
133629FreeBSD : libexif -- privilege escalation (00f30cba-4d23-11ea-86ba-641c67a117d8)
high
133589FreeBSD : NGINX -- HTTP request smuggling (c1202de8-4b29-11ea-9673-4c72b94353b5)
medium
133588FreeBSD : ksh93 -- certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (8b20d716-49df-11ea-9f7b-206a8a720317)
high
133537FreeBSD : clamav -- Denial-of-Service (DoS) vulnerability (e7bc2b99-485a-11ea-bff9-9c5c8e75236a)
high
133476FreeBSD : Django -- potential SQL injection vulnerability (5a45649a-4777-11ea-bdec-08002728f74c)
critical
133436FreeBSD : MariaDB -- Vulnerability in C API (cb0183bb-45f6-11ea-a1c7-b499baebfeaf)
medium
133435FreeBSD : spamassassin -- Nefarious rule configuration files can run system commands (c86bfee3-4441-11ea-8be3-54e1ad3d6335)
high
133434FreeBSD : Gitlab -- Multiple Vulnerabilities (c5bd9068-440f-11ea-9cdb-001b217b3468)
critical
133433FreeBSD : sudo -- Potential bypass of Runas user restrictions (b4e5f782-442d-11ea-9ba9-206a8a720317)
high
133432FreeBSD : libssh -- Unsanitized location in scp could lead to unwanted command execution (1e7fa41b-f6ca-4fe8-bd46-0e176b42b14f)
high
133380FreeBSD : spamassassin -- Apache SpamAssassin Nefarious rule configuration (.cf) files can be configured to run system commands with warnings (e3404a6e-4364-11ea-b643-206a8a720317)
high
133329FreeBSD : jenkins -- multiple vulnerabilities (a250539d-d1d4-4591-afd3-c8bdfac335d8)
high
133328FreeBSD : pkg -- vulnerability in libfetch (2af10639-4299-11ea-aab1-98fa9bfec35a)
critical
133327FreeBSD : OpenSMTPd -- critical LPE / RCE vulnerability (08f5c27d-4326-11ea-af8b-00155d0a0200)
critical
133245FreeBSD : webkit-gtk3 -- Multiple vulnerabilities (dc8cff4c-4063-11ea-8a94-3497f6939fdd)
high
133244FreeBSD : samba -- multiple vulnerabilities (5f0dd349-40a2-11ea-8d8c-005056a311d1)
medium