Package Management

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: redis,valkey — Out of bound read due to a bug in LUA Related CVEs: CVE-2024-31227 CVE-2024-31228 CVE-2024-31449 CVE-2024-46981 CVE-2024-51741 CVE-2025-21605 CVE-2025-27151 CVE-2025-32023  +5 more Upstream summary: redis reports: An authenticated […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php — multiple vulnerabilities Related CVEs: CVE-2007-0905 CVE-2007-0906 CVE-2007-0907 CVE-2007-0908 CVE-2007-0909 CVE-2007-0910 CVE-2007-0988 CVE-2007-1001 Upstream summary: The PHP development team reports: Security Enhancements and Fixes in PHP 5.2.2 and PHP […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ejabberd — Potential DDoS in XML Parser Related CVEs: CVE-2009-0934 CVE-2010-0305 CVE-2011-1753 Upstream summary: ejabberd team reports: This release adds new options that limit max memory used by XML parser […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: XFCE tumbler — Vulnerability in the GStreamer plugin Upstream summary: The XFCE project reports: Added mime type check to the gst-thumbnailer plugin to fix an undisclosed vulnerability. Table of contents […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: gstreamer1-plugins-vorbis — Stack buffer-overflow in Vorbis decoder Related CVEs: CVE-2024-47538 Upstream summary: The GStreamer Security Center reports: Stack buffer-overflow in Vorbis decoder that can cause crashes for certain input files. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: w3m — format string vulnerability Related CVEs: CVE-2006-6772 Upstream summary: An anonymous person reports: w3m-0.5.1 crashes when using the -dump or -backend options to open a HTTPS URL with a […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: tiff — buffer overflow vulnerability Related CVEs: CVE-2004-0803 CVE-2004-0804 CVE-2004-0886 CVE-2004-1308 CVE-2005-1544 Upstream summary: A Gentoo Linux Security Advisory reports: Tavis Ormandy of the Gentoo Linux Security Audit Team discovered […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Vinyl/Varnish — HTTP/2 parsing deficiency Related CVEs: CVE-2013-4484 CVE-2017-8807 CVE-2022-23959 CVE-2023-43622 CVE-2023-44487 CVE-2025-30346 CVE-2025-8671 Upstream summary: Vinyl Development Team reports: A deficiency in HTTP/2 request parsing can be exploited to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: MySQL — Multiple vulnerabilities Upstream summary: Oracle reports: 36 new security patches for Oracle MySQL. 11 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: habari — Cross-Site Scripting Vulnerability Related CVEs: CVE-2008-4601 Upstream summary: Secunia reports: Input passed via the "habari_username" parameter when logging in is not properly sanitised before being returned to the […]