Package Management

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: YUI JavaScript library — JavaScript injection exploits in Flash components Related CVEs: CVE-2010-4207 CVE-2010-4208 CVE-2010-4209 CVE-2012-5881 CVE-2012-5882 Upstream summary: The YUI team reports: Vulnerability in YUI 2.4.0 through YUI 2.9.0 […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: www/varnish-libvmod-digest — base64 decoding vulnerability Related CVEs: CVE-2023-41104 Upstream summary: varnish developers report: Common usage of vmod-digest is for basic HTTP authentication, in which case it may be possible for […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-pygments — multiple DoS vulnerabilities Related CVEs: CVE-2021-20270 CVE-2021-27291 Upstream summary: Red Hat reports: An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mod_pubcookie — Empty Authentication Security Advisory Upstream summary: Nathan Dors, Pubcookie Project reports: An Abuse of Functionality vulnerability in the Pubcookie authentication process was found. This vulnerability allows an attacker […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Rails — multiple vulnerabilities Related CVEs: CVE-2020-8162 CVE-2020-8164 CVE-2020-8165 CVE-2020-8166 CVE-2020-8167 Upstream summary: Ruby on Rails blog: Hi everyone! Rails 5.2.4.3 and 6.0.3.1 have been released! These releases contain important […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libraw — multiple DoS vulnerabilities Related CVEs: CVE-2015-3885 CVE-2015-8366 CVE-2015-8367 CVE-2017-14265 CVE-2017-14348 CVE-2017-14608 CVE-2017-16909 CVE-2017-16910  +3 more Upstream summary: Secunia Research reports: CVE-2018-5800: An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php — multiple vulnerabilities Related CVEs: CVE-2016-3074 Upstream summary: The PHP Group reports: BCMath: Fixed bug #72093 (bcpowmod accepts negative scale and corrupts _one_ definition). Exif: Fixed bug #72094 (Out […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-cryptography — includes a vulnerable copy of OpenSSL Related CVEs: CVE-2023-0286 CVE-2023-23931 Upstream summary: pyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in cryptography […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Matrix clients — mxc uri validation in js sdk Related CVEs: CVE-2021-40823 CVE-2021-40824 CVE-2022-36059 CVE-2022-36060 CVE-2022-39236 CVE-2022-39249 CVE-2022-39250 CVE-2022-39251  +3 more Upstream summary: matrix-js-sdk upstream reports: matrix-js-sdk before 34.11.0 is […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: vim6 — heap-based overflow while parsing shell metacharacters Related CVEs: CVE-2008-3432 Upstream summary: Description for CVE-2008-3432 says: Heap-based buffer overflow in the mch_expand_wildcards function in os_unix.c in Vim 6.2 and […]