Fix Prevention

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: spamassassin — Malicious rule configuration (.cf) files can be configured to run system commands Related CVEs: CVE-2016-1238 CVE-2017-15705 CVE-2018-11780 CVE-2018-11781 CVE-2018-11805 CVE-2019-12420 CVE-2020-1930 CVE-2020-1931  +1 more Upstream summary: The Apache […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mksh — TTY attachment privilege escalation Related CVEs: CVE-2008-1845 Upstream summary: Secunia reports: The vulnerability is caused due to an error when attaching to a TTY via the -T command […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: aiohttp — open redirect vulnerability Related CVEs: CVE-2021-21330 Upstream summary: Sviatoslav Sydorenko reports: Open redirect vulnerability — a maliciously crafted link to an aiohttp-based web-server could redirect the browser to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: tor — security regression Related CVEs: CVE-2009-0414 CVE-2009-0936 CVE-2009-0937 CVE-2009-0938 CVE-2010-1676 CVE-2011-0427 CVE-2014-5117 CVE-2017-0377 Upstream summary: The Tor Project reports: Tor 0.3.0.9 fixes a path selection bug that would allow […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: isc-dhcp-client — Stack overflow vulnerability Related CVEs: CVE-2009-0692 Upstream summary: US-CERT reports: The ISC DHCP dhclient application contains a stack buffer overflow, which may allow a remote, unauthenticated attacker to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ipython — Execution with Unnecessary Privileges Related CVEs: CVE-2022-21699 Upstream summary: IPython project reports: IPython 8.0.1, 7.31.1 and 5.11 are security releases that change some default values in order to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mitmproxy — Insufficient Protection against HTTP Request Smuggling Related CVEs: CVE-2022-24766 Upstream summary: Zeyu Zhang reports: In mitmproxy 7.0.4 and below, a malicious client or server is able to perform […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: p5-File-Path — rmtree allows creation of setuid files Related CVEs: CVE-2005-0448 Upstream summary: Jan Lieskovsky reports: perl-File-Path rmtree race condition (CVE-2005-0448 was assigned to address this) This vulnerability was fixed […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: The Update Framwork — path traversal vulnerability Related CVEs: CVE-2021-41131 Upstream summary: NVD reports: python-tuf is a Python reference implementation of The Update Framework (TUF). In both clients (`tuf/client` and […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Qt5 — QProcess unexpected search path Related CVEs: CVE-2022-25255 Upstream summary: The Qt Company reports: Recently, the Qt Project's security team was made aware of an issue regarding QProcess and […]