Package Management

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: shadowsocks-libev — command injection via shell metacharacters Upstream summary: MITRE reports: Improper parsing allows command injection via shell metacharacters in a JSON configuration request received via 127.0.0.1 UDP traffic. Table […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-twisted — cookie and authorization headers are leaked when following cross-origin redirects Related CVEs: CVE-2019-12387 CVE-2019-9512 CVE-2019-9514 CVE-2019-9515 CVE-2020-10108 CVE-2020-10109 Upstream summary: Twisted developers report: Cookie and Authorization headers are […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: puppetdb — Potential SQL injection Related CVEs: CVE-2020-14060 CVE-2020-14061 CVE-2020-14062 CVE-2020-14195 CVE-2020-7943 CVE-2020-9548 CVE-2021-27021 CVE-2022-31197 Upstream summary: Puppet reports: The org.postgresql/postgresql driver has been updated to version 42.4.1 to address […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libgadu — multiple vulnerabilities Related CVEs: CVE-2005-1850 CVE-2005-1851 CVE-2005-1852 CVE-2005-2369 CVE-2005-2370 CVE-2005-2448 Upstream summary: Wojtek Kaniewski reports: Multiple vulnerabilities have been found in libgadu, a library for handling Gadu-Gadu instant […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: oniguruma — multiple vulnerabilities Related CVEs: CVE-2017-9224 CVE-2017-9226 CVE-2017-9227 CVE-2017-9228 Upstream summary: the PHP project reports: A stack out-of-bounds read occurs in match_at() during regular expression searching. A logical error […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-suds — vulnerable to symlink attacks Related CVEs: CVE-2013-2217 Upstream summary: SUSE reports: cache.py in Suds 0.4, when tempdir is set to None, allows local users to redirect SOAP queries […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: hdf5 — multiple vulnerabilities Related CVEs: CVE-2016-4330 CVE-2016-4331 CVE-2016-4332 CVE-2016-4333 Upstream summary: Talos Security reports: CVE-2016-4330 (TALOS-2016-0176) – HDF5 Group libhdf5 H5T_ARRAY Code Execution Vulnerability CVE-2016-4331 (TALOS-2016-0177) – HDF5 Group […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-twisted — multiple vulnerabilities Related CVEs: CVE-2019-12387 CVE-2019-9512 CVE-2019-9514 CVE-2019-9515 CVE-2020-10108 CVE-2020-10109 Upstream summary: Twisted developers reports: All HTTP clients in twisted.web.client now raise a ValueError when called with a […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: p5-UI-Dialog — shell command execution vulnerability Related CVEs: CVE-2008-7315 Upstream summary: Matthijs Kooijman reports: It seems that the whiptail, cdialog and kdialog backends apply some improper escaping in their shell […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: SoftEtherVPN — multiple vulnerabilities Related CVEs: CVE-2023-22325 CVE-2023-27395 CVE-2023-27516 CVE-2023-31192 CVE-2023-32275 CVE-2023-32634 Upstream summary: Daiyuu Nobori reports: The SoftEther VPN project received a high level code review and technical assistance […]