Operations

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php-imap — imap_open allows to run arbitrary shell commands via mailbox parameter Upstream summary: The PHP team reports: imap_open allows to run arbitrary shell commands via mailbox parameter. Table of […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: e2fsprogs — potential buffer overrun bugs in the blkid library and in the fsck program Upstream summary: Theodore Y. Ts'o reports: Fixed some potential buffer overrun bugs in the blkid […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: doas — Prevent passing of environment variables Upstream summary: Jesse Smith (upstream author of the doas program) reported: Previous versions of "doas" transferred most environment variables, such as USER, HOME, […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: tmux — stack overflow in CSI parsing Upstream summary: Nicholas Marriott reports: tmux has a stack overflow in CSI parsing. Table of contents Symptom & Impact Environment & Reproduction Root […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ksh93 — certain environment variables interpreted as arithmetic expressions on startup, leading to code injection Upstream summary: Upstream ksh93 maintainer Siteshwar Vashisht reports: A flaw was found in the way […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: CairoSVG — Regular Expression Denial of Service vulnerability Upstream summary: CairoSVG security advisories: When processing SVG files, the python package CairoSVG uses two regular expressions which are vulnerable to Regular […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: eb — Potential buffer overrun vulnerability Upstream summary: Kazuhiro Ito reports: Potential buffer overrun vulnerability is found in eb/multiplex.c. Table of contents Symptom & Impact Environment & Reproduction Root Cause […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: wordpress — XSS Upstream summary: The WordPress team reports: A cross-site scripting (XSS) vulnerability affecting the Avatar block type Table of contents Symptom & Impact Environment & Reproduction Root Cause […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Vieb — Remote Code Execution via Visiting Untrusted URLs Upstream summary: Zhengyu Liu, Jianjia Yu, Jelmer van Arnhem report: We discovered a remote code execution (RCE) vulnerability in the latest […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: apache — heap overflow in mod_proxy Related CVEs: CVE-2004-0492 Upstream summary: A buffer overflow exists in mod_proxy which may allow an attacker to launch local DoS attacks and possibly execute […]