BSD

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ModSecurity — empty XML tag causes segmentation fault Related CVEs: CVE-2025-47947 CVE-2025-48866 CVE-2025-52891 Upstream summary: [email protected] reports: ModSecurity is an open source, cross platform web application firewall (WAF) engine for […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: raptor2 — malformed input file can lead to a segfault Related CVEs: CVE-2012-0037 CVE-2017-18926 Upstream summary: Redland Issue Tracker reports: due to an out of bounds array access in raptor_xml_writer_start_element_common. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: security/shibboleth-idp — CAS service SSRF Upstream summary: Shibboleth Developers report: The Identity Provider's CAS support relies on a function in the Spring Framework to parse CAS service URLs and append […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: lrzsz — Integer overflow in zmodem, crash and information leak Related CVEs: CVE-2018-10195 Upstream summary: [email protected] reports: Lrzsz has an integer overflow vulernability in the src/zm.c:zsdata() function. An attacker could […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: pglogical — shell command injection in pglogical.create_subscription() Related CVEs: CVE-2021-3515 Upstream summary: 2ndQuadrant reports: Fix pg_dump/pg_restore execution (CVE-2021-3515) Correctly escape the connection string for both pg_dump and pg_restore so that […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: aiohttp — open redirect vulnerability Related CVEs: CVE-2021-21330 Upstream summary: Sviatoslav Sydorenko reports: Open redirect vulnerability — a maliciously crafted link to an aiohttp-based web-server could redirect the browser to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: aiohttp — open redirect vulnerability Related CVEs: CVE-2021-21330 Upstream summary: Sviatoslav Sydorenko reports: Open redirect vulnerability — a maliciously crafted link to an aiohttp-based web-server could redirect the browser to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mod_gnutls — Infinite Loop on request read timeout Related CVEs: CVE-2023-25824 Upstream summary: The mod_gnutls project reports: Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. Versions from […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: smart_proxy_dynflow — authentication bypass vulnerability Related CVEs: CVE-2018-14643 Upstream summary: MITRE reports: An authentication bypass flaw was found in the smart_proxy_dynflow component used by Foreman. A malicious attacker can use […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: tomcat — XSS vulnerability in sample applications Related CVEs: CVE-2005-2090 CVE-2007-0450 CVE-2007-1355 CVE-2007-1358 Upstream summary: The Apache Project reports: The JSP and Servlet included in the sample application within the […]