Common Problems

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: kanboard — Password Reset Poisoning via Host Header Injection Related CVEs: CVE-2017-12850 CVE-2017-12851 CVE-2024-36399 CVE-2024-55603 CVE-2025-52560 Upstream summary: GitHub Security Advisories reports: Kanboard allows password reset emails to be sent […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: dino — Insufficient message sender validation in Dino Related CVEs: CVE-2021-33896 CVE-2023-28686 Upstream summary: Dino team reports: Dino before 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2 allows attackers to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: pivot-weblog — file deletion vulnerability Upstream summary: Secunia reports: A vulnerability has been discovered in Pivot, which can be exploited by malicious people to delete certain files. Input passed to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ffmpeg — multiple vulnerabilities Related CVEs: CVE-2015-3395 CVE-2015-3417 CVE-2015-6761 CVE-2015-6818 CVE-2015-6819 CVE-2015-6820 CVE-2015-6821 CVE-2015-6822  +12 more Upstream summary: NVD reports: An issue was discovered in the FFmpeg package, where vp3_decode_frame […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-wagtail — stored XSS vulnerability Related CVEs: CVE-2023-28836 CVE-2023-28837 Upstream summary: A stored cross-site scripting (XSS) vulnerability exists on ModelAdmin views within the Wagtail admin interface. A user with a […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: monotone — remote denial of service in default setup Upstream summary: The monotone developers report: Running "mtn ''" or "mtn ls ''" doesn't cause an internal error anymore. In monotone […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: PostgreSQL — Multiple vulnerabilities Related CVEs: CVE-2024-10976 CVE-2024-10978 CVE-2024-7348 CVE-2025-4207 CVE-2025-8713 CVE-2025-8714 CVE-2025-8715 CVE-2026-2003  +12 more Upstream summary: The PostgreSQL project reports: Missing authorization in PostgreSQL CREATE TYPE allows an […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: devel/ipython — multiple vulnerabilities Related CVEs: CVE-2015-4706 CVE-2015-4707 CVE-2015-5607 CVE-2015-6938 CVE-2015-7337 Upstream summary: Matthias Bussonnier reports: Summary: Local folder name was used in HTML templates without escaping, allowing XSS in […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: pysaml2 — multiple vulnerabilities Related CVEs: CVE-2021-21238 CVE-2021-21239 Upstream summary: pysaml2 Releases: Fix processing of invalid SAML XML documents – CVE-2021-21238 Fix unspecified xmlsec1 key-type preference – CVE-2021-21239 Table of […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-cryptography — includes a vulnerable copy of OpenSSL Related CVEs: CVE-2018-10903 CVE-2023-0286 CVE-2023-23931 Upstream summary: pyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in […]