Operations

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: sudosh — buffer overflow Upstream summary: ISS reports: sudosh2 and sudosh3 are vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the replay() function. By persuading a […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: chrony <= 3.5.1 data corruption through symlink vulnerability writing the pidfile Related CVEs: CVE-2015-1821 CVE-2015-1822 CVE-2015-1853 CVE-2020-14367 Upstream summary: Miroslav Lichvar reports: chrony-3.5.1 […] fixes a security issue in writing […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: gstreamer1 — multiple vulnerabilities Related CVEs: CVE-2026-1940 CVE-2026-2920 CVE-2026-2921 CVE-2026-2922 CVE-2026-2923 CVE-2026-3081 CVE-2026-3082 CVE-2026-3083  +9 more Upstream summary: The GStreamer project reports multiple security vulnerabilities fixed in the 1.28.3 release: […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: epiphany — untrusted search path vulnerability Related CVEs: CVE-2008-5983 CVE-2008-5985 Upstream summary: CVE Mitre reports: Untrusted search path vulnerability in the Python interface in Epiphany 2.22.3, and possibly other versions, […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: electrum — JSONRPC vulnerability Related CVEs: CVE-2018-6353 Upstream summary: MITRE reports: JSONRPC vulnerability Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage Step-by-Step Diagnosis Solution […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Roundcube — Multiple vulnerabilities Related CVEs: CVE-2008-5619 CVE-2009-0413 CVE-2011-2937 CVE-2012-3508 CVE-2013-1904 CVE-2015-5381 CVE-2015-5383 CVE-2016-5103  +8 more Upstream summary: The Roundcube project reports: Cross-Site-Scripting vulnerability via SVG’s animate tag Information Disclosure […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: tdiary — injection vulnerability Related CVEs: CVE-2006-6174 Upstream summary: An undisclosed eRuby injection vulnerability had been discovered in tDiary. Table of contents Symptom & Impact Environment & Reproduction Root Cause […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: go — invalid headers are normalized, allowing request smuggling Related CVEs: CVE-2019-16276 Upstream summary: The Go project reports: net/http (through net/textproto) used to accept and normalize invalid HTTP/1.1 headers with […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: xinetd — ignores user and group directives for TCPMUX services Related CVEs: CVE-2012-0862 CVE-2013-4342 Upstream summary: xinetd would execute configured TCPMUX services without dropping privilege to match the service configuration […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: KDE Frameworks — malicious .desktop files execute code Related CVEs: CVE-2019-14744 Upstream summary: The KDE Community has released a security announcement: The syntax Key[$e]=$(shell command) in *.desktop files, .directory files, […]