Operations

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: SnappyMail — multiple mXSS in HTML sanitizer Related CVEs: CVE-2024-45800 Upstream summary: Oskar reports: SnappyMail uses the `cleanHtml()` function to cleanup HTML and CSS in emails. Research discovered that the […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: webmin — CGI Command Injection Remote Code Execution Related CVEs: CVE-2004-0559 CVE-2005-3912 CVE-2005-3962 CVE-2007-3156 CVE-2019-15107 CVE-2024-12828 Upstream summary: Webmin reports: A less-privileged Webmin user can execute commands as root via […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Vim/NeoVim — Security vulnerability Related CVEs: CVE-2004-1138 CVE-2005-2368 CVE-2007-2953 CVE-2008-2712 CVE-2008-3076 CVE-2016-1248 Upstream summary: Security releases for Vim/NeoVim: Sandbox escape allows for arbitrary code execution. Table of contents Symptom & […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-tensorflow — denial of service vulnerability Related CVEs: CVE-2022-35935 CVE-2022-35941 CVE-2022-35991 Upstream summary: Kang Hong Jin, Neophytos Christou, 刘力源 and Pattarakrit Rattankul report: Another instance of CVE-2022-35935, where `SobolSample` is […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php — multiple vulnerabilities Upstream summary: The PHP Group reports: Fileinfo: Fixed bug #71527 (Buffer over-write in finfo_open with malformed magic file). mbstring: Fixed bug #71906 (AddressSanitizer: negative-size-param (-1) in […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mod_jk — information disclosure Related CVEs: CVE-2007-0774 CVE-2007-1860 Upstream summary: Kazu Nambo reports: URL decoding the the Apache webserver prior to decoding in the Tomcat server could pypass access control […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: jupyter notebook — open redirect vulnerability Related CVEs: CVE-2019-10255 Upstream summary: Jupyter reports: 6.1.5 is a security release, fixing one vulnerability: Fix open redirect vulnerability GHSA-c7vm-f5p4-8fqh (CVE to be assigned) […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: twiki — remote Perl code execution Related CVEs: CVE-2004-1037 CVE-2006-3336 CVE-2008-3195 CVE-2008-5304 CVE-2008-5305 CVE-2014-7236 Upstream summary: TWiki developers report: The debugenableplugins request parameter allows arbitrary Perl code execution. Using an […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: PyYAML — arbitrary code execution Related CVEs: CVE-2020-14343 CVE-2020-1747 Upstream summary: A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php7 — multiple vulnerabilities Upstream summary: The PHP Group reports: Core: Fixed bug #71637 (Multiple Heap Overflow due to integer overflows in xml/filter_url/addcslashes). SOAP: Fixed bug #71610 (Type Confusion Vulnerability […]