Package Management

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: pyrad — multiple vulnerabilities Related CVEs: CVE-2013-0294 CVE-2013-0342 Upstream summary: Nathaniel McCallum reports: packet.py in pyrad before 2.1 uses weak random numbers to generate RADIUS authenticators and hash passwords, which […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Python — The webbrowser.open() API allows leading dashes Related CVEs: CVE-2025-15366 CVE-2025-15367 CVE-2026-0865 CVE-2026-1299 CVE-2026-4519 Upstream summary: https://github.com/python/cpython/pull/143931 reports: The webbrowser.open() API would accept leading dashes in the URL which […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: unarj — long filename buffer overflow Related CVEs: CVE-2004-0947 CVE-2004-1027 Upstream summary: Ludwig Nussel has discovered a buffer overflow vulnerability in unarj's handling of long filenames which could potentially lead […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libtorrent-rasterbar — denial of service Related CVEs: CVE-2016-5301 Upstream summary: Brandon Perry reports: The parse_chunk_header function in libtorrent before 1.1.1 allows remote attackers to cause a denial of service (crash) […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: corkscrew — buffer overflow vulnerability Upstream summary: The affected corkscrew versions use sscanf calls without proper bounds checking. In the authentication file parsing routine this can cause an exploitable buffer […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: MariaDB — Vulnerability in C API Related CVEs: CVE-2015-3152 CVE-2015-4792 CVE-2015-4802 CVE-2015-4807 CVE-2015-4815 CVE-2015-4826 CVE-2015-4830 CVE-2015-4836  +12 more Upstream summary: MariaDB reports: Difficult to exploit vulnerability allows unauthenticated attacker with […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: quiche — Infinite loop triggered by connection ID retirement Related CVEs: CVE-2024-1410 CVE-2024-1765 CVE-2025-4820 CVE-2025-4821 CVE-2025-7054 Upstream summary: Quiche Releases reports: This update includes 1 security fix: High CVE-2025-7054: Infinite […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: openoffice — DOC document heap overflow vulnerability Related CVEs: CVE-2004-0752 CVE-2005-0941 Upstream summary: AD-LAB reports that a heap-based buffer overflow vulnerability exists in OpenOffice's handling of DOC documents. When reading […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: PyYAML — arbitrary code execution Related CVEs: CVE-2017-18342 CVE-2020-14343 CVE-2020-1747 Upstream summary: A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-cryptography — includes a vulnerable copy of OpenSSL Related CVEs: CVE-2023-0286 CVE-2023-23931 Upstream summary: pyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in cryptography […]