Operations

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: p5-Authen-SASL — Insecure source of randomness Related CVEs: CVE-2025-40918 Upstream summary: p5-Authen-SASL project reports: Authen::SASL::Perl::DIGEST_MD5 versions 2.04 through 2.1800 for Perl generates the cnonce insecurely. The cnonce (client nonce) is […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: unreal — denial of service Upstream summary: Unreal reports: Summary: If SASL support is enabled in UnrealIRCd (this is not the default) and is also enabled in your services package […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Spotipy — Spotipy's cache file, containing spotify auth token, is created with overly broad permissions Related CVEs: CVE-2023-23608 CVE-2025-27154 Upstream summary: [email protected] reports: Spotipy is a lightweight Python library for […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: xorg-server — Multiple input validation failures in X server XKB extension Related CVEs: CVE-2017-12176 CVE-2017-12177 CVE-2017-12178 CVE-2017-12179 CVE-2017-12180 CVE-2017-12181 CVE-2017-12182 CVE-2017-12183  +12 more Upstream summary: The X.org project reports: These […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: podman — TLS connection used to pull VM images was not validated Related CVEs: CVE-2025-6032 Upstream summary: RedHat, Inc. reports: A flaw was found in Podman. The podman machine init […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: rubygem-rails — multiple vulnerabilities Related CVEs: CVE-2015-1840 CVE-2015-3224 CVE-2015-3225 CVE-2015-3226 CVE-2015-3227 Upstream summary: Ruby on Rails blog: Rails 3.2.22, 4.1.11 and 4.2.2 have been released, along with web console and […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: p5-Dancer — possible to abuse session cookie values Upstream summary: Russell Jenkins reports: It was possible to abuse session cookie values so that file-based session stores such as Dancer::Session::YAML or […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: p5-PathTools — File::Spec::canonpath loses taint Related CVEs: CVE-2015-8607 Upstream summary: Ricardo Signes reports: Beginning in PathTools 3.47 and/or perl 5.20.0, the File::Spec::canonpath() routine returned untained strings even if passed tainted […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: strongSwan — Heap-based buffer overflow in eap-mschapv2 plugin due to improper handling of failure request packets Related CVEs: CVE-2013-2944 CVE-2013-5018 CVE-2013-6075 CVE-2013-6076 CVE-2014-2338 CVE-2015-3991 CVE-2015-4171 CVE-2015-8023  +12 more Upstream summary: […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php — multiple vulnerabilities Related CVEs: CVE-2011-0708 CVE-2011-4566 CVE-2011-4885 Upstream summary: php development team reports: Security Enhancements and Fixes in PHP 5.3.9: Added max_input_vars directive to prevent attacks based on […]