Package Management

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: LZO — potential buffer overrun when processing malicious input data Related CVEs: CVE-2014-4608 Upstream summary: Markus Franz Xaver Johannes Oberhumer reports, in the package's NEWS file: Fixed a potential integer […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-kerberos — DoS and MitM vulnerabilities Related CVEs: CVE-2015-3206 Upstream summary: macosforgebot reports: The checkPassword function in python-kerberos does not authenticate the KDC it attempts to communicate with, which allows […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: bzip2 — multiple issues Related CVEs: CVE-2005-0953 CVE-2005-1260 CVE-2008-1372 CVE-2010-0405 CVE-2016-3189 CVE-2019-12900 Upstream summary: bzip2 developers reports: CVE-2016-3189 – Fix use-after-free in bzip2recover (Jakub Martisko) CVE-2019-12900 – Detect out-of-range nSelectors […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: icecast — Cross-Site Scripting Vulnerability Related CVEs: CVE-2001-0784 CVE-2001-1083 CVE-2001-1229 CVE-2001-1230 CVE-2002-0177 CVE-2004-0781 Upstream summary: Caused by improper filtering of HTML code in the status display, it is possible for […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-suds — vulnerable to symlink attacks Related CVEs: CVE-2013-2217 Upstream summary: SUSE reports: cache.py in Suds 0.4, when tempdir is set to None, allows local users to redirect SOAP queries […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libXfont — BDF parsing issues Related CVEs: CVE-2014-0209 CVE-2014-0210 CVE-2014-0211 CVE-2015-1802 CVE-2015-1803 CVE-2015-1804 Upstream summary: Alan Coopersmith reports: Ilja van Sprundel, a security researcher with IOActive, has discovered an issue […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py39-pycares — domain hijacking vulnerability Related CVEs: CVE-2021-3672 Upstream summary: Philipp Jeitner and Haya Shulman report: A flaw was found in c-ares library, where a missing input validation check of […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py39-Elixir — weak use of cryptography Related CVEs: CVE-2012-2146 Upstream summary: Red Hat Security Response Team reports: Elixir 0.8.0 uses Blowfish in CFB mode without constructing a unique initialization vector […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mysql — SSL Downgrade Related CVEs: CVE-2015-3152 Upstream summary: Duo Security reports: Researchers have identified a serious vulnerability in some versions of Oracle’s MySQL database product that allows an attacker […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mysql — SSL Downgrade Related CVEs: CVE-2015-3152 Upstream summary: Duo Security reports: Researchers have identified a serious vulnerability in some versions of Oracle’s MySQL database product that allows an attacker […]