Operations

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Apache Maven — multiple vulnerabilities Related CVEs: CVE-2020-13956 CVE-2021-26291 Upstream summary: The Apache Maven project reports: We received a report from Jonathan Leitschuh about a vulnerability of custom repositories in […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: open-vm-tools — Multiple vulnerabilities Related CVEs: CVE-2023-34058 CVE-2023-34059 Upstream summary: VMware reports: This update includes 2 security fixes: High CVE-2023-34058: SAML token signature bypass vulnerability High CVE-2023-34059: File descriptor hijack […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: devel/viewvc-devel is vulnerable to cross-site scripting Related CVEs: CVE-2023-22456 CVE-2023-22464 Upstream summary: C. Michael Pilato reports: security fix: escape revision view copy paths (#311) [CVE-2023-22464] security fix: escape revision view […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: sudo — privilege escalation vulnerability through host and chroot options Related CVEs: CVE-2025-32462 CVE-2025-32463 Upstream summary: Todd C. Miller reports, crediting Rich Mirch from Stratascale Cyber Research Unit (CRU): Sudo […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-strawberry-graphql — Multiple vulnerabilities Related CVEs: CVE-2026-35523 CVE-2026-35526 Upstream summary: The Strawberry GraphQL project reports: Strawberry up until version 0.312.3 is vulnerable to an authentication bypass on WebSocket subscription endpoints. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-ormar — vulnerabilities Related CVEs: CVE-2026-26198 CVE-2026-27953 Upstream summary: https://github.com/ormar-orm/ormar/security/advisories reports: SQL Injection in aggregate functions min() and max() Pydantic Validation Bypass via __pk_only__ and __excluded__ Kwargs Injection in Model […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: bro — invalid memory access or heap buffer over-read Related CVEs: CVE-2017-12175 Upstream summary: Jon Siwek of Corelight reports: This is a security patch release to address a potential Denial […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Shibboleth Service Provider — SQL injection vulnerability in ODBC plugin Related CVEs: CVE-2015-2684 Upstream summary: Internet2 reports: The Shibboleth Service Provider includes a storage API usable for a number of […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: TeamSpeak Server 3 — Multiple vulnerabilities including Remote Code Execution Upstream summary: Hanz Jenson audit report: I found 10 vulnerabilities. Some of these are critical and allow remote code execution. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-djblets — Self-XSS vulnerability Upstream summary: Djblets Release Notes reports: A recently-discovered vulnerability in the datagrid templates allows an attacker to generate a URL to any datagrid page containing malicious […]