Package Management

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: automake — Insecure 'distcheck' recipe granted world-writable distdir Related CVEs: CVE-2012-3386 Upstream summary: GNU reports: The recipe of the 'distcheck' target granted temporary world-write permissions on the extracted distdir. This […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: pygments — shell injection vulnerability Related CVEs: CVE-2015-8557 Upstream summary: NVD reports: The FontManager._get_nix_font_path function in formatters/img.py in Pygments 1.2.2 through 2.0.2 allows remote attackers to execute arbitrary commands via […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: fcgi — Heap-based buffer overflow via crafted nameLen/valueLen in ReadParams Related CVEs: CVE-2025-23016 Upstream summary: [email protected] reports: FastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (and resultant […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: global — gozilla vulnerability Related CVEs: CVE-2017-17531 Upstream summary: MITRE reports: gozilla.c in GNU GLOBAL 4.8.6 does not validate strings before launching the program specified by the BROWSER environment variable, […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: End of Life Ports Upstream summary: These packages have reached End of Life status and/or have been removed from the Ports Tree. They may contain undocumented security issues. Please take […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mpack — Information disclosure Related CVEs: CVE-2011-4919 Upstream summary: The oss-security list reports: Incorrect permissions on temporary files can lead to information disclosure. Table of contents Symptom & Impact Environment […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: hadoop2 — unauthorized disclosure of data vulnerability Related CVEs: CVE-2014-0230 CVE-2014-7810 CVE-2015-1776 Upstream summary: Arun Suresh reports: RPC traffic from clients, potentially including authentication credentials, may be intercepted by a […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: exim — local privilege escalation Related CVEs: CVE-2004-0400 CVE-2005-0021 CVE-2005-0022 CVE-2011-0017 Upstream summary: exim.org reports: CVE-2011-0017 – check return value of setuid/setgid. This is a privilege escalation vulnerability whereby the […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: xpm — image decoding vulnerabilities Related CVEs: CVE-2004-0687 CVE-2004-0688 Upstream summary: Chris Evans discovered several vulnerabilities in the libXpm image decoder: A stack-based buffer overflow in xpmParseColors An integer overflow […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: evince and atril — command injection vulnerability in CBT handler Related CVEs: CVE-2017-1000083 Upstream summary: GNOME reports: The comic book backend in evince 3.24.0 (and earlier) is vulnerable to a […]