FreeBSD

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: www/py-requests — Information disclosure vulnerability Upstream summary: The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ffmpeg — multiple vulnerabilities Related CVEs: CVE-2015-6761 CVE-2015-6818 CVE-2015-6819 CVE-2015-6820 CVE-2015-6821 CVE-2015-6822 CVE-2015-6823 CVE-2015-6824  +11 more Upstream summary: NVD reports: The ff_dwt_decode function in libavcodec/jpeg2000dwt.c in FFmpeg before 2.8.4 does […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: rubygem-dragonfly — arbitrary code execution Related CVEs: CVE-2013-1756 Upstream summary: Mark Evans reports: Unfortnately there is a security vulnerability in Dragonfly when used with Rails which would potentially allow an […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mosquitto — NULL pointer dereference Upstream summary: Roger Light reports: If an authenticated client connected with MQTT v5 sent a malformed CONNACK message to the broker a NULL pointer dereference […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Slixmpp — Lack of SSL Certificate hostname validation in XMLStream Related CVEs: CVE-2022-45197 Upstream summary: NIST reports: Slixmpp before 1.8.3 lacks SSL Certificate hostname validation in XMLStream, allowing an attacker […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: MySQL — Multiple vulnerabilities Related CVEs: CVE-2016-3492 CVE-2016-5616 CVE-2016-5617 CVE-2016-5624 CVE-2016-5625 CVE-2016-5626 CVE-2016-5629 CVE-2016-6662  +9 more Upstream summary: Oracle reports: This Critical Patch Update contains 34 new security patches for […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: webtrees — vulnerability Upstream summary: Webtrees reports: GEDCOM imports containing errors and HTML displayed unescaped. Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage Step-by-Step […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: wordpress — XSS Upstream summary: The WordPress team reports: A cross-site scripting (XSS) vulnerability affecting the Avatar block type Table of contents Symptom & Impact Environment & Reproduction Root Cause […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Pavuk HTTP Location header overflow Related CVEs: CVE-2004-0456 Upstream summary: When pavuk sends a request to a web server and the server sends back the HTTP status code 305 (Use […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: openssl — potential SSL 2.0 rollback Related CVEs: CVE-2005-2969 Upstream summary: Vulnerability: Such applications are affected if they use the option SSL_OP_MSIE_SSLV2_RSA_PADDING. This option is implied by use of SSL_OP_ALL, […]