Package Management

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-flask-security — user redirect to arbitrary URL vulnerability Related CVEs: CVE-2021-23385 Upstream summary: Snyk reports: This affects all versions of package Flask-Security. When using the `get_post_logout_redirect` and `get_post_login_redirect` functions, it […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-graphite-web — Multiple vulnerabilities Related CVEs: CVE-2013-5093 Upstream summary: Graphite developers report: This release contains several security fixes for cross-site scripting (XSS) as well as a fix for a remote-execution […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-django-photologue — XSS vulnerability Related CVEs: CVE-2022-4526 Upstream summary: domiee13 reports: A vulnerability was found in django-photologue up to 3.15.1 and classified as problematic. Affected by this issue is some […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: rubygem-ruby_parser — insecure tmp file usage Related CVEs: CVE-2013-0162 Upstream summary: Michael Scherer reports: This is a relatively minor tmp file usage issue. Table of contents Symptom & Impact Environment […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: qpress — directory traversal Related CVEs: CVE-2022-45866 Upstream summary: [email protected] reports: qpress before PierreLvx/qpress 20220819 and before version 11.3, as used in Percona XtraBackup and other products, allows directory traversal […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ghostscript — exploitable buffer overflow in (T)BCP in PS interpreter Related CVEs: CVE-2023-28879 Upstream summary: [email protected] reports: In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Emacs — Arbitrary code execution vulnerability Related CVEs: CVE-2022-45939 CVE-2022-48337 CVE-2022-48338 CVE-2022-48339 CVE-2024-53920 CVE-2025-1244 Upstream summary: Problem Description A shell injection vulnerability exists in GNU Emacs due to improper handling […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: OpenLDAP — incorrect handling of NULL in certificate Common Name Related CVEs: CVE-2009-3767 Upstream summary: Jan Lieskovsky reports: OpenLDAP does not properly handle a '\0' character in a domain name […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-kerberos — DoS and MitM vulnerabilities Related CVEs: CVE-2015-3206 Upstream summary: macosforgebot reports: The checkPassword function in python-kerberos does not authenticate the KDC it attempts to communicate with, which allows […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Tomcat — Request Smuggling Related CVEs: CVE-2020-11996 CVE-2020-13934 CVE-2020-13935 CVE-2020-9484 CVE-2022-34305 CVE-2022-42252 Upstream summary: Apache Tomcat reports: If Tomcat was configured to ignore invalid HTTP headers via setting rejectIllegalHeader to […]