FreeBSD Local Security Checks Family for Nessus

IDNameSeverity
242080FreeBSD : GnuTLS -- multiple vulnerabilities (c3e1df74-5e73-11f0-95e5-74563cf9e4e9)
medium
242079FreeBSD : liboqs -- Secret-dependent branching in HQC (aeac223e-60e1-11f0-8baa-8447094a420f)
medium
242030FreeBSD : libxml2 -- multiple vulnerabilities (abbc8912-5efa-11f0-ae84-99047d0a6bcc)
low
242029FreeBSD : libxslt -- unmaintained, with multiple unfixed vulnerabilities (b0a3466f-5efc-11f0-ae84-99047d0a6bcc)
high
242028FreeBSD : Apache httpd -- Multiple vulnerabilities (342f2a0a-5e9b-11f0-8baa-8447094a420f)
high
242027FreeBSD : mod_http2 -- Multiple vulnerabilities (61d74f80-5e9e-11f0-8baa-8447094a420f)
high
242005FreeBSD : Apache Tomcat -- Multiple Vulnerabilities (ef87346f-5dd0-11f0-beb2-ac5afc632ba3)
high
241713FreeBSD : Gitlab -- vulnerabilities (20823cc0-5d45-11f0-966e-2cf05da270f3)
high
241648FreeBSD : ModSecurity -- empty XML tag causes segmentation fault (c0f3f54c-5bc4-11f0-834f-b42e991fc52e)
medium
241647FreeBSD : MongoDB -- may be susceptible to privilege escalation due to $mergeCursors stage (77dc1fc4-5bc5-11f0-834f-b42e991fc52e)
high
241646FreeBSD : MongoDB -- Incomplete Redaction of Sensitive Information in MongoDB Server Logs (72ddee1f-5bc5-11f0-834f-b42e991fc52e)
medium
241645FreeBSD : MongoDB -- Incorrect Handling of incomplete data may prevent mongoS from Accepting New Connections (79251dc8-5bc5-11f0-834f-b42e991fc52e)
high
241644FreeBSD : git -- multiple vulnerabilities (2a4472ed-5c0d-11f0-b991-291fce777db8)
high
241643FreeBSD : MongoDB -- may be susceptible to DoS due to Accumulated Memory Allocation (764204eb-5bc5-11f0-834f-b42e991fc52e)
medium
241491FreeBSD : FreeBSD -- Use-after-free in multi-threaded xz decoder (7642ba72-5abf-11f0-87ba-002590c1f29c)
high
241490FreeBSD : redis,valkey -- {redis,valkey}-check-aof may lead to stack overflow and potential RCE (4ea9cbc3-5b28-11f0-b507-000c295725e4)
medium
241489FreeBSD : redis,valkey -- DoS Vulnerability due to bad connection error handling (7b3e7f71-5b30-11f0-b507-000c295725e4)
high
241488FreeBSD : redis,valkey -- Out of bounds write in hyperloglog commands leads to RCE (f11d0a69-5b2d-11f0-b507-000c295725e4)
high
241425FreeBSD : firefox -- multiple vulnerabilities (a55d2120-58cf-11f0-b4ad-b42e991fc52e)
critical
241424FreeBSD : Mozilla -- persistent UUID that identifies browser (9320590b-58cf-11f0-b4ad-b42e991fc52e)
medium
241423FreeBSD : firefox -- multiple vulnerabilities (9bad6f79-58cf-11f0-b4ad-b42e991fc52e)
medium
241387FreeBSD : gstreamer1-plugins-bad -- stack buffer overflow in H.266 video parser (69bfe2a4-5a39-11f0-8792-4ccc6adda413)
critical
241331FreeBSD : Mozilla -- exploitable crash (bab7386a-582f-11f0-97d0-b42e991fc52e)
critical
241330FreeBSD : php -- Multiple vulnerabilities (d607b12c-5821-11f0-ab92-f02f7497ecda)
high
241209FreeBSD : chromium -- multiple security fixes (9c91e1f8-f255-4b57-babe-2e385558f1dc)
medium
241208FreeBSD : chromium -- multiple security fixes (5c777f88-40ff-4e1e-884b-ad63dfb9bb15)
high
241127FreeBSD : xorg server -- Multiple vulnerabilities (8df49466-5664-11f0-943a-18c04d5ea3dc)
high
241126FreeBSD : xorg server -- Multiple vulnerabilities (b14cabf7-5663-11f0-943a-18c04d5ea3dc)
medium
241125FreeBSD : sudo -- privilege escalation vulnerability through host and chroot options (24f4b495-56a1-11f0-9621-93abbef07693)
critical
240957FreeBSD : podman -- TLS connection used to pull VM images was not validated (6b1b8989-55b0-11f0-ac64-589cfc10a551)
high
240653FreeBSD : MongoDB -- Pre-Authentication Denial of Service Vulnerability in MongoDB Server's OIDC Authentication (5b87eef6-52aa-11f0-b522-b42e991fc52e)
high
240652FreeBSD : Gitlab -- Vulnerabilities (d45dabd9-5232-11f0-9ca4-2cf05da270f3)
medium
240651FreeBSD : MongoDB -- Pre-authentication Denial of Service Stack Overflow Vulnerability in JSON Parsing via Excessive Recursion in MongoDB (59ed4b19-52aa-11f0-b522-b42e991fc52e)
high
240650FreeBSD : MongoDB -- Race condition in privilege cache invalidation cycle (5cd2bd2b-52aa-11f0-b522-b42e991fc52e)
medium
240649FreeBSD : MongoDB -- Running certain aggregation operations with the SBE engine may lead to unexpected behavior (5e64770c-52aa-11f0-b522-b42e991fc52e)
medium
240648FreeBSD : kanboard -- Password Reset Poisoning via Host Header Injection (e26608ff-5266-11f0-b522-b42e991fc52e)
high
240277FreeBSD : cisco -- OpenH264 Decoding Functions Heap Overflow Vulnerability (03ba1cdd-4faf-11f0-af06-00a098b42aeb)
high
240230FreeBSD : clamav -- ClamAV PDF Scanning Buffer Overflow Vulnerability (3dcc0812-4da5-11f0-afcc-f02f7432cf97)
critical
240229FreeBSD : clamav -- ClamAV UDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability (6c6c1507-4da5-11f0-afcc-f02f7432cf97)
medium
240209FreeBSD : Yelp -- arbitrary file read (0e200a73-289a-489e-b405-40b997911036)
high
240208FreeBSD : Yelp -- arbitrary file read (9449f018-84a3-490d-959f-38c05fbc77a7)
high
240188FreeBSD : Navidrome -- SQL Injection via role parameter (fc2d2fb8-4c83-11f0-8deb-f8f21e52f724)
critical
240187FreeBSD : Grafana -- DingDing contact points exposed in Grafana Alerting (6548cb01-4c33-11f0-8a97-6c3be5272acd)
high
240186FreeBSD : chromium -- multiple security fixes (333b4663-4cde-11f0-8cb5-a8a1599412c6)
high
240167FreeBSD : Firefox -- Multiple vulnerabilities (b704d4b8-4b87-11f0-9605-b42e991fc52e)
critical
240123FreeBSD : chromium -- multiple security fixes (e3d6d485-c93c-4ada-90b3-09f1c454fb8a)
high
240122FreeBSD : chromium -- multiple security fixes (4323e86c-2422-4fd7-8c8f-ec71c81ea7dd)
high
240057FreeBSD : Mozilla -- control access bypass (201cccc1-4a01-11f0-b0f8-b42e991fc52e)
high
238476FreeBSD : webmin -- CGI Command Injection Remote Code Execution (805ad2e0-49da-11f0-87e8-bcaec55be5e5)
critical
238441FreeBSD : Gitlab -- Vulnerabilities (ae028662-475e-11f0-9ca4-2cf05da270f3)
high