Operations

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: serendipity — XSS Related CVEs: CVE-2008-1385 CVE-2008-1386 CVE-2019-11870 Upstream summary: MITRE: Serendipity before 2.1.5 has XSS via EXIF data that is mishandled in the templates/2k11/admin/media_choose.tpl Editor Preview feature or the […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: PostgreSQL vulnerabilities Related CVEs: CVE-2016-5423 CVE-2016-5424 Upstream summary: The PostgreSQL project reports: Security Fixes nested CASE expressions + database and role names with embedded special characters CVE-2017-7484: selectivity estimators bypass […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mod_pubcookie — cross site scripting vulnerability Upstream summary: Nathan Dors of the Pubcookie Project reports: Non-persistent XSS vulnerabilities were found in the Pubcookie Apache module (mod_pubcookie) and ISAPI filter. These […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ez-ipupdate — format string vulnerability Related CVEs: CVE-2004-0980 Upstream summary: Data supplied by a remote server is used as the format string instead of as parameters in a syslog() call. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libotr — integer overflow Related CVEs: CVE-2012-3461 CVE-2016-2851 Upstream summary: X41 D-Sec reports: A remote attacker may crash or execute arbitrary code in libotr by sending large OTR messages. Table […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: oniguruma — multiple vulnerabilities Related CVEs: CVE-2015-8874 CVE-2016-5766 CVE-2016-5767 CVE-2016-5768 CVE-2016-5769 CVE-2016-5770 CVE-2016-5771 CVE-2016-5772  +5 more Upstream summary: the PHP project reports: A stack out-of-bounds read occurs in match_at() during […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: rubygems — deserialization vulnerability Related CVEs: CVE-2015-3900 CVE-2017-0903 Upstream summary: oss-security mailing list: There is a possible unsafe object desrialization vulnerability in RubyGems. It is possible for YAML deserialization of […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: lynx — SSL certificate validation error Related CVEs: CVE-2005-3120 CVE-2014-3566 CVE-2016-9179 Upstream summary: Axel Beckert reports: […] I was able to capture the password given on the commandline in traffic […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: fuser — missing user's privileges check Upstream summary: Denis Barov reports: sysutils/fuser allows user to send any signal to any process when installed with suid bit. Table of contents Symptom […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Ansible — Ansible user credentials disclosure in ansible-connection module Related CVEs: CVE-2021-3583 CVE-2021-3620 Upstream summary: Red Hat reports: A flaw was found in Ansible Engine's ansible-connection module, where sensitive information […]