Operations

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libsamplerate — multiple vulnerabilities Related CVEs: CVE-2017-7697 Upstream summary: NVD reports: In libsamplerate before 0.1.9, a buffer over-read occurs in the calc_output_single function in src_sinc.c via a crafted audio file. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: End of Life Ports Upstream summary: These packages have reached End of Life status and/or have been removed from the Ports Tree. They may contain undocumented security issues. Please take […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: graphite2 — out-of-bounds write with malicious font Related CVEs: CVE-2017-5436 Upstream summary: Mozilla Foundation reports: An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: h2o — HTTP/2 Rapid Reset attack vulnerability Related CVEs: CVE-2015-5638 CVE-2016-1133 CVE-2016-4864 CVE-2017-10868 CVE-2017-10869 CVE-2018-0608 CVE-2019-9512 CVE-2019-9514  +3 more Upstream summary: Kazuo Okuhu reports: H2O is vulnerable to the HTTP/2 […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php — multiple vulnerabilities Upstream summary: The PHP Group reports: Fileinfo: Fixed bug #71527 (Buffer over-write in finfo_open with malformed magic file). mbstring: Fixed bug #71906 (AddressSanitizer: negative-size-param (-1) in […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libpng stack-based buffer overflow and other code concerns Related CVEs: CVE-2004-0597 CVE-2004-0598 CVE-2004-0599 Upstream summary: Chris Evans has discovered multiple vulnerabilities in libpng, which can be exploited by malicious people […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: krb5 — Double-free in KDC TGS processing Related CVEs: CVE-2017-11368 CVE-2017-11462 CVE-2022-42898 CVE-2023-39975 Upstream summary: The MIT krb5 Team reports: When issuing a ticket for a TGS renew or validate […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: rainloop — cross-site-scripting (XSS) vulnerability Related CVEs: CVE-2022-29360 Upstream summary: Simon Scannell reports: The code vulnerability can be easily exploited by an attacker by sending a malicious email to a […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: messagelib — HTML email can open browser window automatically Related CVEs: CVE-2018-19516 Upstream summary: Albert Astals Cid reports: messagelib is the library used by KMail to display emails. messagelib by […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: slim — insecure PATH assignment Related CVEs: CVE-2009-1756 CVE-2010-2945 Upstream summary: SLiM assigns logged on users a PATH in which the current working directory ("./") is included. This PATH can […]