Common Problems

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: pear-XML_RPC — remote PHP code injection vulnerability Related CVEs: CVE-2005-2498 Upstream summary: A Hardened-PHP Project Security Advisory reports: When the library parses XMLRPC requests/responses, it constructs a string of PHP […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: wu-ftpd — remote globbing DoS vulnerability Related CVEs: CVE-2004-0148 CVE-2005-0256 Upstream summary: An iDEFENSE Security Advisory reports: Remote exploitation of an input validation vulnerability in version 2.6.2 of WU-FPTD could […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-treq — sensitive information leak vulnerability Related CVEs: CVE-2022-23607 Upstream summary: Treq's request methods (`treq.get`, `treq.post`, `HTTPClient.request`, `HTTPClient.get`, etc.) accept cookies as a dictionary. Such cookies are not bound to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: sqlite — integer overflow Related CVEs: CVE-2025-3277 CVE-2025-6965 Upstream summary: [email protected] reports: An integer overflow can be triggered in SQLites `concat_ws()` function. The resulting, truncated integer is then used to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: wget — multiple vulnerabilities Related CVEs: CVE-2004-1487 CVE-2004-1488 Upstream summary: Jan Minar reports that there exists multiple vulnerabilities in wget: Wget erroneously thinks that the current directory is a fair […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: xtrlock — xtrlock does not block multitouch events Related CVEs: CVE-2005-0079 CVE-2016-10894 Upstream summary: Debian reports: xtrlock did not block multitouch events so an attacker could still input and thus […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-flask-security — user redirect to arbitrary URL vulnerability Related CVEs: CVE-2021-23385 Upstream summary: Snyk reports: This affects all versions of package Flask-Security. When using the `get_post_logout_redirect` and `get_post_login_redirect` functions, it […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: rsnapshot — local privilege escalation Related CVEs: CVE-2005-1064 Upstream summary: An rsnapshot Advisory reports: The copy_symlink() subroutine in rsnapshot incorrectly changes file ownership on the files pointed to by symlinks, […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: xpm — image decoding vulnerabilities Related CVEs: CVE-2004-0687 CVE-2004-0688 Upstream summary: Chris Evans discovered several vulnerabilities in the libXpm image decoder: A stack-based buffer overflow in xpmParseColors An integer overflow […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Sane — Multiple Vulnerabilities Related CVEs: CVE-2020-12861 CVE-2020-12862 CVE-2020-12863 CVE-2020-12864 CVE-2020-12865 CVE-2020-12866 CVE-2020-12867 Upstream summary: The Sane Project reports: epson2: fixes CVE-2020-12867 (GHSL-2020-075) and several memory management issues found while […]