Package Management

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Pillow — Multiple vulnerabilities Related CVEs: CVE-2019-16865 CVE-2019-19911 CVE-2020-5310 CVE-2020-5311 CVE-2020-5312 CVE-2020-5313 Upstream summary: Pillow developers report: This release addresses several security problems, as well as addressing CVE-2019-19911. CVE-2019-19911 is […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php-gd and gd — Buffer over-read into uninitialized memory Related CVEs: CVE-2017-7890 Upstream summary: PHP developers report: The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in the GD Graphics Library (aka […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: postorius — XSS Related CVEs: CVE-2026-44742 Upstream summary: NIST reports: Postorius through 1.3.13 does not escape HTML in the message subject when rendering it in the Held messages pop-up, as […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: evince and atril — command injection vulnerability in CBT handler Related CVEs: CVE-2017-1000083 Upstream summary: GNOME reports: The comic book backend in evince 3.24.0 (and earlier) is vulnerable to a […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: glibc — getaddrinfo stack-based buffer overflow Related CVEs: CVE-2014-6271 CVE-2014-7169 CVE-2015-0235 CVE-2015-7547 Upstream summary: Fabio Olive Leite reports: A stack-based buffer overflow was found in libresolv when invoked from nss_dns, […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-Flask-Cors — directory traversal vulnerability Related CVEs: CVE-2020-25032 Upstream summary: praetorian-colby-morgan reports: An issue was discovered in Flask-CORS (aka CORS Middleware for Flask) before 3.0.9. It allows ../ directory traversal […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: End of Life Ports Upstream summary: These packages have reached End of Life status and/or have been removed from the Ports Tree. They may contain undocumented security issues. Please take […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: dhcpcd — remote code execution/denial of service Related CVEs: CVE-2014-7912 CVE-2014-7913 CVE-2016-1503 CVE-2016-1504 Upstream summary: MITRE reports: The get_option function in dhcp.c in dhcpcd before 6.2.0, as used in dhcpcd […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: GnuPG and Libgcrypt — side-channel attack vulnerability Related CVEs: CVE-2013-4242 Upstream summary: Werner Koch of the GNU project reports: Noteworthy changes in version 1.5.3: Mitigate the Yarom/Falkner flush+reload side-channel attack […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: gld — format string and buffer overflow vulnerabilities Related CVEs: CVE-2005-1099 CVE-2005-1100 Upstream summary: Gld has been found vulnerable to multiple buffer overflows as well as multiple format string vulnerabilities. […]