Package Management

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Payara — path trasversal flaw via either loc/con parameters in Eclipse Mojarra Related CVEs: CVE-2016-1000031 CVE-2016-5528 CVE-2017-12615 CVE-2017-3239 CVE-2017-3247 CVE-2017-3249 CVE-2017-3250 CVE-2018-14371  +7 more Upstream summary: Payara Releases reports: The […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: prometheus2 — basic authentication bypass Related CVEs: CVE-2021-29622 CVE-2022-46146 Upstream summary: Prometheus team reports: Prometheus and its exporters can be secured by a web.yml file that specifies usernames and hashed […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: step-certificates — Authorization Bypass in ACME and SCEP Provisioners Related CVEs: CVE-2025-44005 Upstream summary: smallstep reports: An attacker can bypass authorization checks and force a Step CA ACME or SCEP […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: pyrad — multiple vulnerabilities Related CVEs: CVE-2013-0294 CVE-2013-0342 Upstream summary: Nathaniel McCallum reports: packet.py in pyrad before 2.1 uses weak random numbers to generate RADIUS authenticators and hash passwords, which […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: konversation — crash in IRC message parsing Related CVEs: CVE-2005-0129 CVE-2005-0130 CVE-2005-0131 CVE-2014-8483 CVE-2017-15923 Upstream summary: KDE reports: Konversation has support for colors in IRC messages. Any malicious user connected […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: jdk — jar directory traversal vulnerability Related CVEs: CVE-2004-1029 CVE-2005-1080 Upstream summary: Pluf has discovered a vulnerability in Sun Java JDK/SDK, which potentially can be exploited by malicious people to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-pygments — multiple DoS vulnerabilities Related CVEs: CVE-2021-20270 CVE-2021-27291 Upstream summary: Red Hat reports: An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: isolate — local root exploit Upstream summary: Isolate currently suffers from some bad security bugs! These are local root privilege escalation bugs. Thanks to the helpful person who reported them […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-markdown2 — regular expression denial of service vulnerability Related CVEs: CVE-2020-11888 CVE-2021-26813 Upstream summary: Ben Caller reports: markdown2 >=1.0.1.18, fixed in 2.4.0, is affected by a regular expression denial of […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php — multiple vulnerabilities Related CVEs: CVE-2016-3074 Upstream summary: The PHP Group reports: BCMath: Fixed bug #72093 (bcpowmod accepts negative scale and corrupts _one_ definition). Exif: Fixed bug #72094 (Out […]