Common Problems

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: lasso — signature checking failure Related CVEs: CVE-2021-28091 Upstream summary: entrouvert reports: When AuthnResponse messages are not signed (which is permitted by the specifiation), all assertion's signatures should be checked, […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: poppler — multiple denial of service issues Related CVEs: CVE-2007-3387 CVE-2007-4352 CVE-2007-5392 CVE-2007-5393 CVE-2008-2950 CVE-2017-9775 CVE-2017-9865 Upstream summary: Poppler developers report: Poppler is prone to a stack-based buffer-overflow vulnerability. Successful […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: p5-HTML-Parser — denial of service Related CVEs: CVE-2009-3627 Upstream summary: CVE reports: The decode_entities function in util.c in HTML-Parser before 3.63 allows context-dependent attackers to cause a denial of service […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: PyYAML — arbitrary code execution Related CVEs: CVE-2020-14343 CVE-2020-1747 Upstream summary: A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: FreeBSD — Multiple vulnerabilities in OpenSSH Related CVEs: CVE-2021-28041 CVE-2021-41617 CVE-2023-38408 CVE-2025-26465 CVE-2025-26466 Upstream summary: Problem Description: OpenSSH client host verification error (CVE-2025-26465) ssh(1) contains a logic error that allows […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libutp — remote denial of service or arbitrary code execution Related CVEs: CVE-2012-6129 Upstream summary: NVD reports: Stack-based buffer overflow in utp.cpp in libutp, as used in Transmission before 2.74 […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: xapian-omega — cross-site scripting vulnerability Related CVEs: CVE-2009-2947 Upstream summary: Olly Betts reports: There's a cross-site scripting issue in Omega – exception messages don't currently get HTML entities escaped, but […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: QtNetworkAuth — predictable seeding of PRNG in QAbstractOAuth Related CVEs: CVE-2024-36048 Upstream summary: Andy Shaw reports: The OAuth1 implementation in QtNetworkAuth created nonces using a PRNG that was seeded with […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: xloadimage — buffer overflows in NIFF image title handling Related CVEs: CVE-2001-0775 CVE-2005-0638 CVE-2005-3178 Upstream summary: Ariel Berkman reports: Unlike most of the supported image formats in xloadimage, the NIFF […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php — multiple vulnerabilities Related CVEs: CVE-2015-8879 CVE-2016-5385 CVE-2016-5399 CVE-2016-6288 CVE-2016-6289 CVE-2016-6290 CVE-2016-6291 CVE-2016-6292  +4 more Upstream summary: PHP reports: Fixed bug #69975 (PHP segfaults when accessing nvarchar(max) defined columns) […]