Operations

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: xpm — image decoding vulnerabilities Related CVEs: CVE-2004-0687 CVE-2004-0688 Upstream summary: Chris Evans discovered several vulnerabilities in the libXpm image decoder: A stack-based buffer overflow in xpmParseColors An integer overflow […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: freeciv — Denial of Service Vulnerabilities Related CVEs: CVE-2006-0047 CVE-2006-3913 Upstream summary: Secunia reports: Luigi Auriemma has reported a vulnerability in Freeciv, which can be exploited by malicious people to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Shibboleth Service Provider — SQL injection vulnerability in ODBC plugin Related CVEs: CVE-2015-2684 Upstream summary: Internet2 reports: The Shibboleth Service Provider includes a storage API usable for a number of […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: keycloak — Multiple security fixes Related CVEs: CVE-2021-10039 CVE-2021-10270 CVE-2021-10451 CVE-2021-10492 CVE-2021-44549 CVE-2021-9666 CVE-2022-40151 CVE-2022-41966  +2 more Upstream summary: Keycloak reports: This update includes 2 security fixes: CVE-2024-11734: Unrestricted admin […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: junkbuster — heap corruption vulnerability and configuration modification vulnerability Related CVEs: CVE-2005-1108 CVE-2005-1109 Upstream summary: A Debian advisory reports: James Ranson discovered that an attacker can modify the referrer setting […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-tensorflow — denial of service vulnerability Related CVEs: CVE-2022-35935 CVE-2022-35941 CVE-2022-35991 Upstream summary: Kang Hong Jin, Neophytos Christou, 刘力源 and Pattarakrit Rattankul report: Another instance of CVE-2022-35935, where `SobolSample` is […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php — multiple vulnerabilities Upstream summary: The PHP Group reports: Fileinfo: Fixed bug #71527 (Buffer over-write in finfo_open with malformed magic file). mbstring: Fixed bug #71906 (AddressSanitizer: negative-size-param (-1) in […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-bleach — regular expression denial-of-service Related CVEs: CVE-2020-6817 Upstream summary: Bleach developers reports: bleach.clean behavior parsing style attributes could result in a regular expression denial of service (ReDoS). Calls to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-dparse — REDoS vulnerability Related CVEs: CVE-2022-39280 Upstream summary: yeisonvargasf reports: dparse is a parser for Python dependency files. dparse in versions before 0.5.2 contain a regular expression that is […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-djblets — Self-XSS vulnerability Upstream summary: Djblets Release Notes reports: A recently-discovered vulnerability in the datagrid templates allows an attacker to generate a URL to any datagrid page containing malicious […]