Operations

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: devel/viewvc-devel is vulnerable to cross-site scripting Related CVEs: CVE-2023-22456 CVE-2023-22464 Upstream summary: C. Michael Pilato reports: security fix: escape revision view copy paths (#311) [CVE-2023-22464] security fix: escape revision view […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Arti — Security issues related to circuit construction Related CVEs: CVE-2024-35312 CVE-2024-35313 Upstream summary: Tor Project reports: When building anonymizing circuits to or from an onion service with 'lite' vanguards […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: curl — SOCKS5 heap buffer overflow Related CVEs: CVE-2023-38545 Upstream summary: The curl team reports: This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: yamt — buffer overflow and directory traversal issues Related CVEs: CVE-2004-1302 CVE-2005-1846 CVE-2005-1847 Upstream summary: Stanislav Brabec discovered errors in yamt's path name handling that lead to buffer overflows and […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: liboqs — Secret-dependent branching in HQC Related CVEs: CVE-2024-54137 CVE-2025-52473 Upstream summary: The OpenQuantumSafe project reports: Secret-dependent branching in HQC reference implementation when compiled with Clang 17-20 for optimizations above […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: logstash-forwarder and logstash — susceptibility to POODLE vulnerability Upstream summary: Elastic reports: The combination of Logstash Forwarder and Lumberjack input (and output) was vulnerable to the POODLE attack in SSLv3 […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-strawberry-graphql — Multiple vulnerabilities Related CVEs: CVE-2026-35523 CVE-2026-35526 Upstream summary: The Strawberry GraphQL project reports: Strawberry up until version 0.312.3 is vulnerable to an authentication bypass on WebSocket subscription endpoints. […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: FreeBSD — Predictable query ids in named(8) Related CVEs: CVE-2007-0493 CVE-2007-0494 CVE-2007-2926 Upstream summary: Problem Description: When named(8) is operating as a recursive DNS server or sending NOTIFY requests to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: pam_ldap — authentication bypass vulnerability Related CVEs: CVE-2005-2641 Upstream summary: Luke Howard reports: If a pam_ldap client authenticates against an LDAP server that returns a passwordPolicyResponse control, but omits the […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: tt-rss — multiple vulnerabilities Related CVEs: CVE-2016-10033 CVE-2016-10045 CVE-2016-6175 CVE-2017-5223 CVE-2020-25787 CVE-2020-25788 CVE-2020-25789 Upstream summary: tt-rss project reports: The cached_url feature mishandles JavaScript inside an SVG document. imgproxy in plugins/af_proxy_http/init.php […]