Package Management

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ipython — Execution with Unnecessary Privileges Related CVEs: CVE-2022-21699 Upstream summary: IPython project reports: IPython 8.0.1, 7.31.1 and 5.11 are security releases that change some default values in order to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: gnupg — attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output Related CVEs: CVE-2016-6313 Upstream summary: Werner Koch reports: There was a […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ipsec-tools — remotely exploitable computational-complexity attack Related CVEs: CVE-2008-3651 CVE-2008-3652 CVE-2016-10396 Upstream summary: Robert Foggia via NetBSD GNATS reports: The ipsec-tools racoon daemon contains a remotely exploitable computational complexity attack […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: horde-imp — XSS vulnerability Upstream summary: The Horde team reports: Thanks to Naumann IT Security Consulting for reporting the XSS vulnerability. The major changes compared to IMP version H3 (4.3.7) […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: trafficserver — resource consumption Related CVEs: CVE-2012-0256 CVE-2014-3525 CVE-2020-9494 Upstream summary: Bryan Call reports: ATS is vulnerable to certain types of HTTP/2 HEADERS frames that can cause the server to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mitmproxy — Insufficient Protection against HTTP Request Smuggling Related CVEs: CVE-2022-24766 Upstream summary: Zeyu Zhang reports: In mitmproxy 7.0.4 and below, a malicious client or server is able to perform […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: spotipy — CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Related CVEs: CVE-2025-66040 Upstream summary: https://github.com/spotipy-dev/spotipy/security/advisories/GHSA-r77h-rpp9-w2xm reports: Spotipy is a Python library for the Spotify Web API. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: xterm — DECRQSS remote command execution vulnerability Related CVEs: CVE-2008-2383 Upstream summary: SecurityFocus reports: The xterm program is prone to a remote command-execution vulnerability because it fails to sufficiently validate […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: minio — Privilege Escalation via Session Policy Bypass in Service Accounts and STS Related CVEs: CVE-2021-41137 CVE-2021-43858 CVE-2022-24842 CVE-2024-24747 CVE-2024-36107 CVE-2025-62506 Upstream summary: mino reports: A privilege escalation vulnerability allows […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: activemq — Unsafe deserialization Related CVEs: CVE-2015-5254 CVE-2016-0734 CVE-2016-0782 Upstream summary: Alvaro Muatoz, Matthias Kaiser and Christian Schneider reports: JMS Object messages depends on Java Serialization for marshaling/unmashaling of the […]