Operations

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: gnomevfs — unsafe URI handling Related CVEs: CVE-2004-0494 Upstream summary: Alexander Larsson reports that some versions of gnome-vfs and MidnightCommander contain a number of `extfs' scripts that do not properly […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: fbsdmon — information disclosure vulnerability Upstream summary: Alan Somers reports: The web site used by this port, http://fbsdmon.org, has been taken over by cybersquatters. That means that users are sending […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Memory leak bug in Toxcore Upstream summary: The Tox project blog reports: A memory leak bug was discovered in Toxcore that can be triggered remotely to exhaust one’s system memory, […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mini_httpd,thttpd — Buffer overflow in htpasswd Upstream summary: Alessio Santoru reports: Buffer overflow in htpasswd. Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage Step-by-Step […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: www/py-requests — Information disclosure vulnerability Upstream summary: The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: bftpd — Multiple vulnerabilities Upstream summary: Bftpd project reports: Bftpd is vulnerable to out of bounds memory access, file descriptor leak and a potential buffer overflow. Table of contents Symptom […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mosquitto — NULL pointer dereference Upstream summary: Roger Light reports: If an authenticated client connected with MQTT v5 sent a malformed CONNACK message to the broker a NULL pointer dereference […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: webtrees — vulnerability Upstream summary: Webtrees reports: GEDCOM imports containing errors and HTML displayed unescaped. Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage Step-by-Step […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: acme.sh — closes potential remote vuln Upstream summary: Neil Pang reports: HiCA was injecting arbitrary code/commands into the certificate obtaining process and acme.sh is running them on the client machine. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: security/shibboleth-idp — CAS service SSRF Upstream summary: Shibboleth Developers report: The Identity Provider's CAS support relies on a function in the Spring Framework to parse CAS service URLs and append […]