FreeBSD

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ganglia-webfrontend — auth bypass Related CVEs: CVE-2015-6816 Upstream summary: Ivan Novikov reports: It's easy to bypass auth by using boolean serialization… Table of contents Symptom & Impact Environment & Reproduction […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: graphite2 — out-of-bounds write with malicious font Related CVEs: CVE-2016-1521 CVE-2016-1522 CVE-2016-1523 CVE-2016-1526 CVE-2016-1969 CVE-2016-1977 CVE-2016-2790 CVE-2016-2791  +12 more Upstream summary: Mozilla Foundation reports: An out-of-bounds write in the Graphite […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: doas — Prevent passing of environment variables Upstream summary: Jesse Smith (upstream author of the doas program) reported: Previous versions of "doas" transferred most environment variables, such as USER, HOME, […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Vim/NeoVim — Security vulnerability Related CVEs: CVE-2016-1248 Upstream summary: Security releases for Vim/NeoVim: Sandbox escape allows for arbitrary code execution. Table of contents Symptom & Impact Environment & Reproduction Root […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mod_fcgid — possible heap buffer overwrite Related CVEs: CVE-2013-4365 Upstream summary: Apache Project reports: Fix possible heap buffer overwrite. Table of contents Symptom & Impact Environment & Reproduction Root Cause […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ffmpeg — multiple vulnerabilities Related CVEs: CVE-2015-6761 CVE-2015-6818 CVE-2015-6819 CVE-2015-6820 CVE-2015-6821 CVE-2015-6822 CVE-2015-6823 CVE-2015-6824  +11 more Upstream summary: NVD reports: The ff_dwt_decode function in libavcodec/jpeg2000dwt.c in FFmpeg before 2.8.4 does […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: sysutils/openzfs-kmod — critical permissions issues Upstream summary: Andrew Walker reports: Issue 1: Users are always granted permissions to cd into a directory. The check for whether execute is present on […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: lynx — SSL certificate validation error Upstream summary: Axel Beckert reports: […] I was able to capture the password given on the commandline in traffic of an TLS handshake using […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libXfont — permission bypass when opening files through symlinks Related CVEs: CVE-2007-5760 CVE-2007-5958 CVE-2007-6427 CVE-2007-6428 CVE-2007-6429 CVE-2008-0006 CVE-2011-2895 CVE-2013-6462  +9 more Upstream summary: the freedesktop.org project reports: A non-privileged X […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-twisted — cookie and authorization headers are leaked when following cross-origin redirects Upstream summary: Twisted developers report: Cookie and Authorization headers are leaked when following cross-origin redirects in twited.web.client.RedirectAgent and […]