Package Management

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: rubygem-rails — multiple vulnerabilities Related CVEs: CVE-2015-1840 CVE-2015-3224 CVE-2015-3225 CVE-2015-3226 CVE-2015-3227 Upstream summary: Ruby on Rails blog: Rails 3.2.22, 4.1.11 and 4.2.2 have been released, along with web console and […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-rsa — Bleichenbacher'06 signature forgery vulnerability Related CVEs: CVE-2016-1494 Upstream summary: Filippo Valsorda reports: python-rsa is vulnerable to a straightforward variant of the Bleichenbacher'06 attack against RSA signature verification with […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: 7-Zip — Multi-byte write heap buffer overflow in NCompress::NRar5::CDecoder Related CVEs: CVE-2025-53816 Upstream summary: [email protected] reports: 7-Zip is a file archiver with a high compression ratio. Zeroes written outside heap […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: PostgreSQL JDBC library — Improper Authentication Related CVEs: CVE-2025-49146 Upstream summary: PostgreSQL JDBC Driver project reports: Client Allows Fallback to Insecure Authentication Despite channelBinding=require configuration. Fix channel binding required handling […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: pygments — shell injection vulnerability Related CVEs: CVE-2015-8557 Upstream summary: NVD reports: The FontManager._get_nix_font_path function in formatters/img.py in Pygments 1.2.2 through 2.0.2 allows remote attackers to execute arbitrary commands via […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: postorius — XSS Related CVEs: CVE-2026-44742 Upstream summary: NIST reports: Postorius through 1.3.13 does not escape HTML in the message subject when rendering it in the Held messages pop-up, as […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php-gd and gd — Buffer over-read into uninitialized memory Related CVEs: CVE-2017-7890 Upstream summary: PHP developers report: The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in the GD Graphics Library (aka […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: wheel — CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Related CVEs: CVE-2026-24049 Upstream summary: https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx reports: wheel is a command line tool for manipulating Python […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Perl — heap buffer overflow when transliterating non-ASCII bytes Related CVEs: CVE-2015-8607 CVE-2016-1238 CVE-2016-6185 CVE-2024-56406 Upstream summary: 9b29abf9-4ab0-4765-b253-1875cd9b441e reports: A heap buffer overflow vulnerability was discovered in Perl. When there […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: tomcat — XSS vulnerability in sample applications Related CVEs: CVE-2005-2090 CVE-2007-0450 CVE-2007-1355 CVE-2007-1358 Upstream summary: The Apache Project reports: The JSP and Servlet included in the sample application within the […]