Operations

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mat2 — directory traversal/arbitrary file read during ZIP file processing Related CVEs: CVE-2022-35410 Upstream summary: mat2 (aka metadata anonymisation toolkit) before 0.13.0 allows ../ directory traversal during the ZIP archive […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: XFCE — Allows executing malicious .desktop files pointing to remote code Related CVEs: CVE-2022-32278 Upstream summary: XFCE Project reports: Prevent executing possibly malicious .desktop files from online sources (ftp://, http:// […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-numpy — Missing return-value validation of the function PyArray_DescrNew Related CVEs: CVE-2021-41495 Upstream summary: Numpy reports: At most call-sites for PyArray_DescrNew, there are no validations of its return, but an […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: activemq — Unsafe deserialization Related CVEs: CVE-2015-5254 CVE-2016-0734 CVE-2016-0782 Upstream summary: Alvaro Muatoz, Matthias Kaiser and Christian Schneider reports: JMS Object messages depends on Java Serialization for marshaling/unmashaling of the […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: hiredis — integer/buffer overflow Related CVEs: CVE-2021-32765 Upstream summary: hiredis maintainers report: Hiredis is vulnurable to integer overflow if provided maliciously crafted or corrupted RESP mult-bulk protocol data. When parsing […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: bchunk — access violation near NULL on destination operand and crash Related CVEs: CVE-2017-15953 CVE-2017-15954 CVE-2017-15955 Upstream summary: Mitre reports: bchunk 1.2.0 and 1.2.1 is vulnerable to an "Access violation […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: PyYAML — arbitrary code execution Related CVEs: CVE-2017-18342 CVE-2020-14343 CVE-2020-1747 Upstream summary: A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: OpenSearch — Log4Shell Related CVEs: CVE-2021-44228 CVE-2021-45046 CVE-2021-45105 Upstream summary: OpenSearch reports: CVE-2021-45105 for Log4j was issued after the release of OpenSearch 1.2.2. This CVE advises upgrading to Log4j 2.17.0. […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php — multiple vulnerabilities Related CVEs: CVE-2007-0905 CVE-2007-0906 CVE-2007-0907 CVE-2007-0908 CVE-2007-0909 CVE-2007-0910 CVE-2007-0988 CVE-2007-1001 Upstream summary: The PHP development team reports: Security Enhancements and Fixes in PHP 5.2.2 and PHP […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php — multiple vulnerabilities Related CVEs: CVE-2007-0905 CVE-2007-0906 CVE-2007-0907 CVE-2007-0908 CVE-2007-0909 CVE-2007-0910 CVE-2007-0988 CVE-2007-1001 Upstream summary: The PHP development team reports: Security Enhancements and Fixes in PHP 5.2.2 and PHP […]