Package Management

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: pngcrush — libpng Uninitialised Pointer Arrays Vulnerability Related CVEs: CVE-2009-0040 Upstream summary: Secunia reports: A vulnerability has been reported in Pngcrush, which can be exploited by malicious people to potentially […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: e2fsprogs — out-of-bounds read/write vulnerability Related CVEs: CVE-2022-1304 Upstream summary: Nils Bars reports: During the processing of [a specially fuzzed disk image], an out-of-bounds write is triggered and causes a […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: squid — Vulnerable to Denial of Service attack Related CVEs: CVE-2016-10002 CVE-2016-10003 CVE-2016-4553 CVE-2016-4554 CVE-2016-4555 CVE-2016-4556 CVE-2018-1000024 CVE-2018-1000027 Upstream summary: Louis Dion-Marcil reports: Due to incorrect pointer handling Squid is […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: vte — Classic terminal title set+query attack Related CVEs: CVE-2010-2713 Upstream summary: Kees Cook reports: Janne Snabb discovered that applications using VTE, such as gnome-terminal, did not correctly filter window […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php — multiple vulnerabilities Related CVEs: CVE-2007-0905 CVE-2007-0906 CVE-2007-0907 CVE-2007-0908 CVE-2007-0909 CVE-2007-0910 CVE-2007-0988 CVE-2007-1001 Upstream summary: The PHP development team reports: Security Enhancements and Fixes in PHP 5.2.2 and PHP […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libwebp heap buffer overflow Related CVEs: CVE-2023-4863 Upstream summary: [email protected] reports: Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ImageMagick and GraphicsMagick — DoS via specially crafted PNG file Related CVEs: CVE-2012-3438 Upstream summary: Kurt Seifried reports: There is an issue in ImageMagick that is also present in GraphicsMagick. […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libgcrypt — ECDSA timing attack Related CVEs: CVE-2013-4242 CVE-2015-7511 CVE-2016-6313 CVE-2017-0379 CVE-2017-7526 CVE-2018-0495 CVE-2019-13627 Upstream summary: GnuPG reports: Mitigate an ECDSA timing attack. Table of contents Symptom & Impact Environment […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-treq — sensitive information leak vulnerability Related CVEs: CVE-2022-23607 Upstream summary: Treq's request methods (`treq.get`, `treq.post`, `HTTPClient.request`, `HTTPClient.get`, etc.) accept cookies as a dictionary. Such cookies are not bound to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: pycrypto — PRNG reseed race condition Related CVEs: CVE-2013-1445 Upstream summary: Dwayne Litzenberger reports: In PyCrypto before v2.6.1, the Crypto.Random pseudo-random number generator (PRNG) exhibits a race condition that may […]