Package Management

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Openfire administration console authentication bypass Related CVEs: CVE-2008-1728 CVE-2008-6508 CVE-2008-6509 CVE-2008-6510 CVE-2008-6511 CVE-2009-0496 CVE-2009-0497 CVE-2009-1595  +2 more Upstream summary: [email protected] reports: Openfire's administrative console, a web-based application, was found to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: evolution-data-server — remote execution of arbitrary code vulnerability Related CVEs: CVE-2007-3257 Upstream summary: Debian project reports: It was discovered that the IMAP code in the Evolution Data Server performs insufficient […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: rar — password prompt buffer overflow vulnerability Related CVEs: CVE-2007-0855 Upstream summary: iDefense reports: Remote exploitation of a stack based buffer overflow vulnerability in RARLabs Unrar may allow an attacker […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: botan2 — Side channel during ECC key generation Related CVEs: CVE-2014-9742 CVE-2015-5726 CVE-2015-5727 CVE-2015-7827 CVE-2016-2194 CVE-2016-2195 CVE-2016-2849 CVE-2018-12435  +1 more Upstream summary: botan2 developers reports: A timing side channel during […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ircII — denial of service Related CVEs: CVE-2021-29376 Upstream summary: Michael Ortmann reports: ircii has a bug in parsing CTCP UTC messages. Its unknown if this could also be used […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: openoffice.org — Multiple vulnerabilities Related CVEs: CVE-2006-4339 CVE-2008-2237 CVE-2008-2238 CVE-2009-0217 CVE-2009-2493 CVE-2009-2949 CVE-2009-2950 CVE-2009-3301  +1 more Upstream summary: OpenOffice.org Security Team reports: Fixed in OpenOffice.org 3.3 CVE-2010-2935 / CVE-2010-2936 : […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libssh2 — multiple issues Related CVEs: CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858 CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862  +1 more Upstream summary: libssh2 developers report: Defend against possible integer overflows in comp_method_zlib_decomp. Defend against […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mdbook — XSS in mdBook's search page Related CVEs: CVE-2020-26297 Upstream summary: Rust Security Response Working Group reports: The search feature of mdBook (introduced in version 0.1.4) was affected by […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: OpenVPN — avoid buffer overread parsing routes or endpoints Related CVEs: CVE-2008-3459 CVE-2020-11810 CVE-2023-46849 CVE-2023-46850 CVE-2025-10680 CVE-2025-12106 CVE-2025-13086 CVE-2025-2704 Upstream summary: Mikhail Khachaiants reports: socket: reject mismatched address family in […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: pango — integer overflow Related CVEs: CVE-2009-1194 Upstream summary: oCERT reports: Pango suffers from a multiplicative integer overflow which may lead to a potentially exploitable, heap overflow depending on the […]