Common Problems

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: urllib3 — multiple vulnerabilities Related CVEs: CVE-2018-20060 CVE-2019-11236 CVE-2019-11324 Upstream summary: NIST reports: (by search in the range 2018/01/01 – 2019/11/10): urllib3 before version 1.23 does not remove the Authorization […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: p11-kit — Multiple vulnerabilities Related CVEs: CVE-2020-29361 CVE-2020-29362 CVE-2020-29363 Upstream summary: The p11-glue project reports: CVE-2020-29363: Out-of-bounds write in p11_rpc_buffer_get_byte_array_value function A heap-based buffer overflow has been discovered in the […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Okular — Local binary execution via action links Upstream summary: Albert Astals Cid: Okular can be tricked into executing local binaries via specially crafted PDF files. This binary execution can […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ksh93 — certain environment variables interpreted as arithmetic expressions on startup, leading to code injection Upstream summary: Upstream ksh93 maintainer Siteshwar Vashisht reports: A flaw was found in the way […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: lynx — SSL certificate validation error Upstream summary: Axel Beckert reports: […] I was able to capture the password given on the commandline in traffic of an TLS handshake using […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py39-joblib — arbitrary code execution Related CVEs: CVE-2022-21797 Upstream summary: jimlinntu reports: The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the pre_dispatch flag […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py39-Elixir — weak use of cryptography Related CVEs: CVE-2012-2146 Upstream summary: Red Hat Security Response Team reports: Elixir 0.8.0 uses Blowfish in CFB mode without constructing a unique initialization vector […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: rubygem-time — ReDoS vulnerability Related CVEs: CVE-2023-28756 Upstream summary: ooooooo_q reports: The Time parser mishandles invalid strings that have specific characters. It causes an increase in execution time for parsing […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ffmpeg — multiple vulnerabilities Related CVEs: CVE-2022-3109 CVE-2022-3341 CVE-2022-3964 Upstream summary: NVD reports: An issue was discovered in the FFmpeg package, where vp3_decode_frame in libavcodec/vp3.c lacks check of the return […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: node_exporter — bypass security with cache poisoning Related CVEs: CVE-2022-46146 Upstream summary: Prometheus team reports: Prometheus and its exporters can be secured by a web.yml file that specifies usernames and […]