Operations

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libmysoft — Heap-based buffer overflow vulnerability Related CVEs: CVE-2021-3756 Upstream summary: Zhengjie Du reports: There are some heap-buffer-overflows in mysofa2json of libmysofa. They are in function loudness, mysofa_check and readOHDRHeaderMessageDataLayout. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: caml-light — insecure use of temporary files Related CVEs: CVE-2011-4119 Upstream summary: caml-light uses mktemp() insecurely, and also does unsafe things in /tmp during make install. Table of contents Symptom […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: tiff — multiple vulnerabilities Related CVEs: CVE-2015-8870 CVE-2016-5652 CVE-2016-9533 CVE-2016-9534 CVE-2016-9535 CVE-2016-9536 CVE-2016-9537 CVE-2016-9540 Upstream summary: libtiff project reports: Multiple flaws have been discovered in libtiff library and utilities. Table […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-WsgiDAV — XSS vulnerability Related CVEs: CVE-2022-41905 Upstream summary: Implementations using this library with directory browsing enabled may be susceptible to Cross Site Scripting (XSS) attacks. Table of contents Symptom […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: foswiki — Script Insertion Vulnerability via unchecked user registration fields Related CVEs: CVE-2012-1004 Upstream summary: Foswiki team reports: When a new user registers, the new user can add arbitrary HTML […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: poppler — multiple denial of service issues Related CVEs: CVE-2007-3387 CVE-2007-4352 CVE-2007-5392 CVE-2007-5393 CVE-2008-2950 CVE-2017-9775 CVE-2017-9865 Upstream summary: Poppler developers report: Poppler is prone to a stack-based buffer-overflow vulnerability. Successful […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-flask-security — user redirect to arbitrary URL vulnerability Related CVEs: CVE-2021-23385 Upstream summary: Snyk reports: This affects all versions of package Flask-Security. When using the `get_post_logout_redirect` and `get_post_login_redirect` functions, it […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-graphite-web — Multiple vulnerabilities Related CVEs: CVE-2013-5093 Upstream summary: Graphite developers report: This release contains several security fixes for cross-site scripting (XSS) as well as a fix for a remote-execution […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: win32-codecs — multiple vulnerabilities Related CVEs: CVE-2006-4381 CVE-2006-4382 CVE-2006-4384 CVE-2006-4385 CVE-2006-4386 CVE-2006-4388 CVE-2006-4389 Upstream summary: The Apple Security Team reports that there are multiple vulnerabilities within QuickTime (one of the […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: rubygem-dragonfly — arbitrary code execution Related CVEs: CVE-2013-1756 Upstream summary: Mark Evans reports: Unfortnately there is a security vulnerability in Dragonfly when used with Rails which would potentially allow an […]