FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
6f15730d-94ea-11e9-a83e-641c67a117d8znc -- privilege escalation

Mitre reports:

Modules.cpp in ZNC before 1.7.4-rc1 allows remote authenticated non-admin users to escalate privileges and execute arbitrary code by loading a module with a crafted name.


Discovery 2019-06-13
Entry 2019-06-22
znc
< 1.7.4

CVE-2019-12816
https://wiki.znc.in/ChangeLog/1.7.4
c6d1a8a6-8a91-11e8-be4d-005056925db4znc -- multiple vulnerabilities

Mitre reports:

ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming from the network, allowing a non-admin user to escalate his privilege and inject rogue values into znc.conf.

ZNC before 1.7.1-rc1 is prone to a path traversal flaw via ../ in a web skin name to access files outside of the intended skins directories.


Discovery 2018-07-14
Entry 2018-07-18
znc
< 1.7.1

CVE-2018-14055
CVE-2018-14056
https://wiki.znc.in/ChangeLog/1.7.1
19751e06-c798-11e2-a373-000c29833058znc -- null pointer dereference in webadmin module

No advisory has been released yet.

Fix NULL pointer dereference in webadmin.


Discovery 2013-05-27
Entry 2013-05-28
znc
< 1.0_1

https://github.com/znc/znc/commit/2bd410ee5570cea127233f1133ea22f25174eb28
b22d6d4c-53b9-11e9-9310-28d244aee256znc -- Denial of Service

Mitre reports:

ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial of Service (crash) via invalid encoding.


Discovery 2019-03-21
Entry 2019-03-31
znc
< 1.7.3

CVE-2019-9917
https://wiki.znc.in/ChangeLog/1.7.3