Package Management

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libpng stack-based buffer overflow and other code concerns Related CVEs: CVE-2004-0421 CVE-2004-0597 CVE-2004-0598 CVE-2004-0599 Upstream summary: Chris Evans has discovered multiple vulnerabilities in libpng, which can be exploited by malicious […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: firebird — Remote Stack Buffer Overflow Related CVEs: CVE-2013-2492 Upstream summary: Firebird Project reports: The FirebirdSQL server is vulnerable to a stack buffer overflow that can be triggered when an […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: xshisen — local buffer overflows Related CVEs: CVE-2003-1053 CVE-2005-0117 Upstream summary: Steve Kemp has found buffer overflows in the handling of the command line flag -KCONV and the XSHISENLIB environment […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: spamassassin — Malicious rule configuration (.cf) files can be configured to run system commands Related CVEs: CVE-2016-1238 CVE-2017-15705 CVE-2018-11780 CVE-2018-11781 CVE-2018-11805 CVE-2019-12420 CVE-2020-1930 CVE-2020-1931  +1 more Upstream summary: The Apache […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: security/libsodium — crypto_core_ed25519_is_valid_point mishandles checks for whether an elliptic curve point is valid Related CVEs: CVE-2025-69277 Upstream summary: Libsodium maintainer reports: The function crypto_core_ed25519_is_valid_point(), a low-level function used to check […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-djblets — Self-XSS vulnerability Upstream summary: Djblets Release Notes reports: A recently-discovered vulnerability in the datagrid templates allows an attacker to generate a URL to any datagrid page containing malicious […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-dparse — REDoS vulnerability Related CVEs: CVE-2022-39280 Upstream summary: yeisonvargasf reports: dparse is a parser for Python dependency files. dparse in versions before 0.5.2 contain a regular expression that is […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: django — multiple vulnerabilities Related CVEs: CVE-2009-3695 CVE-2010-3082 CVE-2014-0472 CVE-2014-0473 CVE-2014-0474 Upstream summary: The Django project reports: These releases address an unexpected code-execution issue, a caching issue which can expose […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: GNU cpio — multiple vulnerabilities Related CVEs: CVE-2014-9112 CVE-2015-1197 CVE-2016-2037 CVE-2019-14866 Upstream summary: Sergey Poznyakoff reports: This stable release fixes several potential vulnerabilities CVE-2015-1197: cpio, when using the –no-absolute-filenames option, […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: qpress — directory traversal Related CVEs: CVE-2022-45866 Upstream summary: [email protected] reports: qpress before PierreLvx/qpress 20220819 and before version 11.3, as used in Percona XtraBackup and other products, allows directory traversal […]