Package Management

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: imlib2 — XPM processing buffer overflow vulnerability Related CVEs: CVE-2008-5187 Upstream summary: Secunia reports: A vulnerability has been discovered in imlib2, which can be exploited by malicious people to potentially […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: tauthon — Regular Expression Denial of Service Related CVEs: CVE-2020-8492 Upstream summary: The :class:`~urllib.request.AbstractBasicAuthHandler` class of the :mod:`urllib.request` module uses an inefficient regular expression which can be exploited by an […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: p5-HTML-Parser — denial of service Related CVEs: CVE-2009-3627 Upstream summary: CVE reports: The decode_entities function in util.c in HTML-Parser before 3.63 allows context-dependent attackers to cause a denial of service […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: fwbuilder — security issue in temporary file handling Related CVEs: CVE-2009-4664 Upstream summary: Firewall Builder release notes reports: Vadim Kurland ([email protected]) reports: Fwbuilder and libfwbuilder 3.0.4 through to 3.0.6 generate […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: chocolate-doom — Arbitrary code execution Related CVEs: CVE-2020-14983 Upstream summary: Michal Dardas from LogicalTrust reports: The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled num_players […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Apache APR — DoS vulnerabilities Related CVEs: CVE-2009-0023 CVE-2009-1955 CVE-2009-1956 CVE-2009-3560 CVE-2009-3720 CVE-2010-1623 CVE-2011-0419 CVE-2011-1928 Upstream summary: The Apache Portable Runtime Project reports: Reimplement apr_fnmatch() from scratch using a non-recursive […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ganglia — buffer overflow vulnerability Related CVEs: CVE-2009-0241 Upstream summary: Secunia reports: Spike Spiegel has discovered a vulnerability in Ganglia which can be exploited by malicious people to compromise a […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: e2fsprogs — out-of-bounds read/write vulnerability Related CVEs: CVE-2022-1304 Upstream summary: Nils Bars reports: During the processing of [a specially fuzzed disk image], an out-of-bounds write is triggered and causes a […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mod_http2 — Multiple vulnerabilities Related CVEs: CVE-2020-11984 CVE-2020-11993 CVE-2020-9490 CVE-2024-24795 CVE-2024-27316 CVE-2024-38709 CVE-2025-49630 CVE-2025-53020 Upstream summary: The mod_http2 project reports: a client can increase memory consumption for a HTTP/2 connection […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: spamass-milter — remote command execution vulnerability Related CVEs: CVE-2010-1132 Upstream summary: The spamassassin milter plugin contains a vulnerability that can allow remote attackers to execute commands on affected systems. The […]