Common Problems

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: tnftpd — Remote root Exploit Related CVEs: CVE-2004-0794 CVE-2006-6652 Upstream summary: The tnftpd port suffer from a remote stack overrun, which can lead to a root compromise. Table of contents […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ffmpeg — multiple vulnerabilities Related CVEs: CVE-2015-3395 CVE-2015-3417 CVE-2015-6818 CVE-2015-6819 CVE-2015-6820 CVE-2015-6821 CVE-2015-6822 CVE-2015-6823  +3 more Upstream summary: NVD reports: The decode_ihdr_chunk function in libavcodec/pngdec.c in FFmpeg before 2.7.2 does […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: postgresql — encoding based SQL injection Related CVEs: CVE-2005-0227 CVE-2005-0244 CVE-2005-0245 CVE-2005-0246 CVE-2005-0247 CVE-2006-2313 CVE-2006-2314 Upstream summary: The PostgreSQL development team reports: An attacker able to submit crafted strings to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: neon date parsing vulnerability Related CVEs: CVE-2004-0179 CVE-2004-0398 Upstream summary: Stefan Esser reports: A vulnerability within a libneon date parsing function could cause a heap overflow which could lead to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: End of Life Ports Upstream summary: These packages have reached End of Life status and/or have been removed from the Ports Tree. They may contain undocumented security issues. Please take […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-strawberry-graphql — Multiple vulnerabilities Related CVEs: CVE-2026-35523 CVE-2026-35526 Upstream summary: The Strawberry GraphQL project reports: Strawberry up until version 0.312.3 is vulnerable to an authentication bypass on WebSocket subscription endpoints. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: isc-dhcpd — format string vulnerabilities Related CVEs: CVE-2004-1006 Upstream summary: The ISC DHCP programs are vulnerable to several format string vulnerabilities which may allow a remote attacker to execute arbitrary […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-treq — sensitive information leak vulnerability Related CVEs: CVE-2022-23607 Upstream summary: Treq's request methods (`treq.get`, `treq.post`, `HTTPClient.request`, `HTTPClient.get`, etc.) accept cookies as a dictionary. Such cookies are not bound to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-httpx — input validation vulnerability Related CVEs: CVE-2021-41945 Upstream summary: lebr0nli reports: Encode OSS httpx <=1.0.0.beta0 is affected by improper input validation in `httpx.URL`, `httpx.Client` and some functions using `httpx.URL.copy_with`. […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: rails-html-sanitizer — possible XSS vulnerability Related CVEs: CVE-2015-7576 CVE-2015-7577 CVE-2015-7581 CVE-2016-0751 CVE-2016-0752 CVE-2016-0753 CVE-2018-3741 Upstream summary: OSS-Security list: There is a possible XSS vulnerability in rails-html-sanitizer. The gem allows non-whitelisted […]