Package Management

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Libgit2 — multiple vulnerabilities Related CVEs: CVE-2024-24577 Upstream summary: Git community reports: A bug in git_revparse_single is fixed that could have caused the function to enter an infinite loop given […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: TinyMCE — mXSS in multiple plugins Related CVEs: CVE-2023-48219 Upstream summary: TinyMCE reports: Special characters in unescaped text nodes can trigger mXSS when using TinyMCE undo/redo, getContentAPI, resetContentAPI, and Autosave […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: fluidsynth — Use after free when using DLS files Related CVEs: CVE-2025-68617 Upstream summary: The fluidsynth authors report: A race condition during unloading of a DLS file can trigger a […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: www/varnish-libvmod-digest — base64 decoding vulnerability Related CVEs: CVE-2023-41104 Upstream summary: varnish developers report: Common usage of vmod-digest is for basic HTTP authentication, in which case it may be possible for […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: spotipy — CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Related CVEs: CVE-2025-66040 Upstream summary: https://github.com/spotipy-dev/spotipy/security/advisories/GHSA-r77h-rpp9-w2xm reports: Spotipy is a Python library for the Spotify Web API. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: xterm — DECRQSS remote command execution vulnerability Related CVEs: CVE-2008-2383 Upstream summary: SecurityFocus reports: The xterm program is prone to a remote command-execution vulnerability because it fails to sufficiently validate […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: vim — multiple vulnerabilities in the netrw module Related CVEs: CVE-2008-3076 Upstream summary: Jan Minar reports: Applying the “D'' to a file with a crafted file name, or inside a […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php-zip — multiple Denial of Service vulnerabilities Related CVEs: CVE-2010-3709 Upstream summary: The following DoS conditions in Zip extension were fixed in PHP 5.3.4 and PHP 5.2.15: Fixed crash in […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: openoffice — DOC document heap overflow vulnerability Related CVEs: CVE-2004-0752 CVE-2005-0941 Upstream summary: AD-LAB reports that a heap-based buffer overflow vulnerability exists in OpenOffice's handling of DOC documents. When reading […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: pecl-phar — format string vulnerability Related CVEs: CVE-2010-2094 Upstream summary: Entry for CVE-2010-2094 says: Multiple format string vulnerabilities in the phar extension in PHP 5.3 before 5.3.2 allow context-dependent attackers […]