Common Problems

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: yamt — buffer overflow and directory traversal issues Related CVEs: CVE-2004-1302 CVE-2005-1846 CVE-2005-1847 Upstream summary: Stanislav Brabec discovered errors in yamt's path name handling that lead to buffer overflows and […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: helvis — arbitrary file deletion problem Related CVEs: CVE-2005-0118 CVE-2005-0119 CVE-2005-0120 Upstream summary: The setuid root elvprsv utility, used to preserve recovery helvis files, can be abused by local users […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: exim — local privilege escalation Related CVEs: CVE-2005-0021 CVE-2005-0022 CVE-2011-0017 Upstream summary: exim.org reports: CVE-2011-0017 – check return value of setuid/setgid. This is a privilege escalation vulnerability whereby the Exim […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: amaya — multiple buffer overflow vulnerabilities Related CVEs: CVE-2006-1900 CVE-2008-5282 CVE-2009-0323 Upstream summary: Secunia reports: A boundary error when processing "div" HTML tags can be exploited to cause a stack-based […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: vlc — arbitrary code execution in the RealMedia processor Related CVEs: CVE-2008-5032 CVE-2008-5036 CVE-2008-5276 Upstream summary: Tobias Klein from TrapKit reports: The VLC media player contains an integer overflow vulnerability […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: dnsdist — Denial of service via crafted DoH exchange Related CVEs: CVE-2024-1622 CVE-2025-30194 Upstream summary: [email protected] reports: When DNSdist is configured to provide DoH via the nghttp2provider, an attacker can […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php — multiple vulnerabilities Related CVEs: CVE-2011-0708 CVE-2011-4566 CVE-2011-4885 Upstream summary: php development team reports: Security Enhancements and Fixes in PHP 5.3.9: Added max_input_vars directive to prevent attacks based on […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mod_pagespeed — critical cross-site scripting (XSS) vulnerability Related CVEs: CVE-2012-4001 CVE-2012-4360 CVE-2013-6111 Upstream summary: mod_pagespeed developers report: Various versions of mod_pagespeed are subject to critical cross-site scripting (XSS) vulnerability, CVE-2013-6111. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: sqlite — integer overflow Related CVEs: CVE-2025-3277 CVE-2025-6965 Upstream summary: [email protected] reports: An integer overflow can be triggered in SQLites `concat_ws()` function. The resulting, truncated integer is then used to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-httpx — input validation vulnerability Related CVEs: CVE-2021-41945 Upstream summary: lebr0nli reports: Encode OSS httpx <=1.0.0.beta0 is affected by improper input validation in `httpx.URL`, `httpx.Client` and some functions using `httpx.URL.copy_with`. […]