Package Management

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-numpy — Missing return-value validation of the function PyArray_DescrNew Related CVEs: CVE-2021-41495 Upstream summary: Numpy reports: At most call-sites for PyArray_DescrNew, there are no validations of its return, but an […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: openvswitch — MPLS buffer overflow Related CVEs: CVE-2016-2074 Upstream summary: Open vSwitch reports: Multiple versions of Open vSwitch are vulnerable to remote buffer overflow attacks, in which crafted MPLS packets […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-markdown2 — regular expression denial of service vulnerability Related CVEs: CVE-2020-11888 CVE-2021-26813 Upstream summary: Ben Caller reports: markdown2 >=1.0.1.18, fixed in 2.4.0, is affected by a regular expression denial of […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-pdfminer.six — Arbitrary Code Execution in pdfminer.six via Crafted PDF Input Related CVEs: CVE-2025-64512 Upstream summary: Pieter Marsman reports: pdfminer.six will execute arbitrary code from a malicious pickle file if […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: tnef — An attacker may be able to write to the victim's .ssh/authorized_keys file via an e-mail message Related CVEs: CVE-2017-6307 CVE-2017-6308 CVE-2017-6309 CVE-2017-6310 CVE-2019-18849 Upstream summary: [email protected] reports: In […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: cyrus-sasl — Escape password for SQL insert/update commands Related CVEs: CVE-2022-24407 Upstream summary: Cyrus SASL 2.1.x Release Notes New in 2.1.28 reports: Escape password for SQL insert/update commands. Table of […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php — multiple vulnerabilities Related CVEs: CVE-2016-3074 Upstream summary: The PHP Group reports: BCMath: Fixed bug #72093 (bcpowmod accepts negative scale and corrupts _one_ definition). Exif: Fixed bug #72094 (Out […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Wagtail — XSS vulnerability Related CVEs: CVE-2020-11001 CVE-2020-11037 CVE-2020-15118 Upstream summary: GitHub Advisory Database: When a form page type is made available to Wagtail editors through the wagtail.contrib.forms app, and […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: znc — remote code execution vulnerability Related CVEs: CVE-2018-14055 CVE-2018-14056 CVE-2019-12816 CVE-2019-9917 CVE-2020-13775 CVE-2024-39844 Upstream summary: Mitre reports: In ZNC before 1.9.1, remote code execution can occur in modtcl via […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: lxr — multiple XSS vulnerabilities Related CVEs: CVE-2009-4497 Upstream summary: Dan Rosenberg reports: There are several cross-site scripting vulnerabilities in LXR. These vulnerabilities could allow an attacker to execute scripts […]