Operations

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Helm — client unpacking chart that contains malicious content Upstream summary: Helm security notice A specially crafted chart may be able to unpack content into locations on the filesystem outside […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: nomad — multiple vulnerabilities Related CVEs: CVE-2020-27195 Upstream summary: The HashiCorp team reports: artifact: Fixed a bug where interpolation can be used in the artifact destination field to write artifact […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: NPM — Multiple vulnerabilities Related CVEs: CVE-2019-16775 CVE-2019-16776 CVE-2019-16777 Upstream summary: NPM reports: Global node_modules Binary Overwrite Symlink reference outside of node_modules Arbitrary File Write Table of contents Symptom & […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Apache Ant leaks sensitive information via the java.io.tmpdir Related CVEs: CVE-2020-1945 Upstream summary: Apache reports: Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: CCE contains exploitable buffer overflows Upstream summary: The Chinese Console Environment contains exploitable buffer overflows. Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage Step-by-Step […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: TiMidity++ — Multiple vulnerabilities Related CVEs: CVE-2017-11546 CVE-2017-11547 CVE-2017-11549 Upstream summary: qflb.wu of DBAPPSecurity reports: Ihe insert_note_steps function in readmidi.c in TiMidity++ 2.14.0 can cause a denial of service(divide-by-zero error […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Unbound/NSD — Denial of service vulnerability Related CVEs: CVE-2009-1755 CVE-2012-2978 CVE-2012-2979 CVE-2016-6170 CVE-2016-6171 CVE-2016-6172 CVE-2016-6173 CVE-2019-13207  +1 more Upstream summary: NLNetLabs reports: Unbound and NSD when writing the PID file […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php5 — multiple vulnerabilities Related CVEs: CVE-2015-4643 CVE-2015-4644 Upstream summary: The PHP project reports: DOM and GD: Fixed bug #69719 (Incorrect handling of paths with NULs). FTP: Improved fix for […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: SOGo — SAML user authentication impersonation Related CVEs: CVE-2021-33054 Upstream summary: sogo.nu reports: SOGo was not validating the signatures of any SAML assertions it received. This means any actor with […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: lynx — SSL certificate validation error Upstream summary: Axel Beckert reports: […] I was able to capture the password given on the commandline in traffic of an TLS handshake using […]