Package Management

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: dcraw — integer overflow condition Related CVEs: CVE-2015-3885 Upstream summary: ocert reports: The dcraw tool, as well as several other projects re-using its code, suffers from an integer overflow condition […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: tiff — buffer overflow vulnerability Related CVEs: CVE-2004-0803 CVE-2004-0804 CVE-2004-0886 CVE-2004-1308 CVE-2005-1544 Upstream summary: A Gentoo Linux Security Advisory reports: Tavis Ormandy of the Gentoo Linux Security Audit Team discovered […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: WebCalendar — Persistent XSS Related CVEs: CAN-2005-2320 CVE-2005-2717 CVE-2006-2762 CVE-2007-1343 CVE-2012-0846 Upstream summary: tom reports, There is no sanitation on the input of the location variable allowing for persistent XSS. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Apache httpd — denial of service in HTTP/2 Related CVEs: CVE-2016-8740 Upstream summary: mod_http2 reports: The Apache HTTPD web server (from 2.4.17-2.4.23) did not apply limitations on request headers correctly […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: TinyMCE — mXSS in multiple plugins Related CVEs: CVE-2023-48219 Upstream summary: TinyMCE reports: Special characters in unescaped text nodes can trigger mXSS when using TinyMCE undo/redo, getContentAPI, resetContentAPI, and Autosave […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Python — The webbrowser.open() API allows leading dashes Related CVEs: CVE-2025-15366 CVE-2025-15367 CVE-2026-0865 CVE-2026-1299 CVE-2026-4519 Upstream summary: https://github.com/python/cpython/pull/143931 reports: The webbrowser.open() API would accept leading dashes in the URL which […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: devel/ipython — multiple vulnerabilities Related CVEs: CVE-2015-4706 CVE-2015-4707 CVE-2015-5607 CVE-2015-6938 CVE-2015-7337 Upstream summary: Matthias Bussonnier reports: Summary: Local folder name was used in HTML templates without escaping, allowing XSS in […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: enscript — arbitrary code execution vulnerability Related CVEs: CVE-2004-1184 CVE-2004-1185 CVE-2004-1186 CVE-2008-3863 CVE-2008-4306 Upstream summary: Ulf Harnhammar of Secunia Research reports: Stack-based buffer overflow in the read_special_escape function in src/psgen.c […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: bsh — remote code execution vulnerability Related CVEs: CVE-2016-2510 Upstream summary: Stian Soiland-Reyes reports: This release fixes a remote code execution vulnerability that was identified in BeanShell by Alvaro Muñoz […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: goldendict — dangerous method exposed Related CVEs: CVE-2025-53964 Upstream summary: [email protected] reports: GoldenDict 1.5.0 and 1.5.1 has an exposed dangerous method that allows reading and modifying files when a user […]