Package Management

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: jetty — multiple vulnerability Related CVEs: CVE-2007-5613 CVE-2007-5614 CVE-2007-5615 CVE-2007-6672 Upstream summary: Greg Wilkins reports: jetty allows remote attackers to bypass protection mechanisms and read the source of files via […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: virtualenv — CWE-59: Improper Link Resolution Before File Access ('Link Following') Related CVEs: CVE-2026-22702 Upstream summary: https://github.com/pypa/virtualenv/security/advisories/GHSA-597g-3phw-6986 reports: virtualenv is a tool for creating isolated virtual python environments. Prior to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: id Tech 3 — remote code execution vulnerability Related CVEs: CVE-2017-6903 Upstream summary: The content auto-download of id Tech 3 can be used to deliver maliciously crafted content, that triggers […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: quagga — BGP OPEN denial of service vulnerability Related CVEs: CVE-2012-0249 CVE-2012-0250 CVE-2012-0255 CVE-2012-1820 Upstream summary: CERT reports: If a pre-configured BGP peer sends a specially-crafted OPEN message with a […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: wordpress — multiple issues Upstream summary: wordpress developers reports: This security and maintenance release features 1 bug fix in addition to 3 security fixes. Because this is a security release, […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Ruby Activemodel Gem — Circumvention of attr_protected Related CVEs: CVE-2013-0276 Upstream summary: Aaron Patterson reports: The attr_protected method allows developers to specify a blacklist of model attributes which users should […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libpng stack-based buffer overflow and other code concerns Related CVEs: CVE-2004-0597 CVE-2004-0598 CVE-2004-0599 Upstream summary: Chris Evans has discovered multiple vulnerabilities in libpng, which can be exploited by malicious people […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Vaultwarden — Multiple vulnerabilities Related CVEs: CVE-2024-39924 CVE-2024-39925 CVE-2024-39926 CVE-2025-24364 CVE-2025-24365 Upstream summary: The Vaultwarden project reports: GHSA-937x-3j8m-7w7p Unconfirmed Owner Can Purge Entire Organization Vault. GHSA-569v-845w-g82p Cross-Org Group Binding Enables […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: curl — password overflow vulnerability Related CVEs: CVE-2017-8816 CVE-2017-8817 CVE-2017-8818 CVE-2018-14618 Upstream summary: curl security problems: CVE-2018-14618: NTLM password overflow via integer overflow The internal function Curl_ntlm_core_mk_nt_hash multiplies the length […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: scponly — local privilege escalation exploits Upstream summary: Max Vozeler reports: If ALL the following conditions are true, administrators using scponly-4.1 or older may be at risk of a local […]