Operations

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: apache — Prevent chunk-size integer overflow on platforms where sizeof(int) < sizeof(long) Related CVEs: CVE-2005-2088 CVE-2005-3352 CVE-2006-3747 Upstream summary: Apache ChangeLog reports: Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: PostgreSQL — PL/Perl environment variable changes execute arbitrary code Related CVEs: CVE-2024-10979 Upstream summary: PostgreSQL project reports: Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: quake2 — multiple critical vulnerabilities Upstream summary: An advisory published by Richard Stanway describes numerous critical vulnerabilities in the Quake II engine: Due to unchecked input at various stages in […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: dovecot-pigeonhole — Sieve excessive resource usage Related CVEs: CVE-2019-11500 CVE-2020-28200 Upstream summary: Dovecot team reports reports: Sieve interpreter is not protected against abusive scripts that claim excessive resource usage. Fixed […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: bogofilter — heap corruption by invalid base64 input Related CVEs: CVE-2004-1007 CVE-2005-4591 CVE-2005-4592 CVE-2010-2494 CVE-2012-5468 Upstream summary: David Relson reports: Fix a heap corruption in base64 decoder on invalid input. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libqb — Buffer overflow Related CVEs: CVE-2023-39976 Upstream summary: [email protected] reports: log_blackbox.c in libqb before 2.0.8 allows a buffer overflow via long log messages because the header size is not […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: element-web — several vulnerabilities Related CVEs: CVE-2021-40823 CVE-2021-40824 CVE-2022-36059 CVE-2022-36060 CVE-2022-39236 CVE-2022-39249 CVE-2022-39250 CVE-2022-39251  +8 more Upstream summary: Element team reports: Versions of Element Web and Desktop earlier than 1.11.85 […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-yaml — FullLoader (still) exploitable for arbitrary command execution Related CVEs: CVE-2017-18342 CVE-2020-1747 Upstream summary: Riccardo Schirone (https://github.com/ret2libc) reports: In FullLoader python/object/new constructor, implemented by construct_python_object_apply, has support for setting […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: tiff — buffer overflow vulnerability Related CVEs: CVE-2004-0803 CVE-2004-0804 CVE-2004-0886 CVE-2004-1308 CVE-2005-1544 Upstream summary: A Gentoo Linux Security Advisory reports: Tavis Ormandy of the Gentoo Linux Security Audit Team discovered […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libzip — integer overflow Related CVEs: CVE-2015-2331 Upstream summary: libzip developers report: Avoid integer overflow. Fixed similarly to patch used in PHP copy of libzip. Table of contents Symptom & […]