Package Management

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ecartis — unauthorised access to admin interface Related CVEs: CVE-2003-0781 CVE-2003-0782 CVE-2004-0913 Upstream summary: A Debian security advisory reports: A problem has been discovered in ecartis, a mailing-list manager, which […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: WeeChat — Multiple vulnerabilities Related CVEs: CVE-2012-5854 CVE-2017-14727 CVE-2017-8073 CVE-2020-8955 Upstream summary: The Weechat project reports: Multiple integer and buffer overflows in WeeChat core. Table of contents Symptom & Impact […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: logstash-forwarder and logstash — susceptibility to POODLE vulnerability Upstream summary: Elastic reports: The combination of Logstash Forwarder and Lumberjack input (and output) was vulnerable to the POODLE attack in SSLv3 […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Jinja2 — Sandbox breakout through attr filter selecting format method Related CVEs: CVE-2024-34064 CVE-2025-27516 Upstream summary: [email protected] reports: Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: rubygem-redcarpet — XSS vulnerability Upstream summary: Daniel LeCheminant reports: When markdown is being presented as HTML, there seems to be a strange interaction between _ and @ that lets an […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: exim — local privilege escalation Related CVEs: CVE-2005-0021 CVE-2005-0022 CVE-2011-0017 Upstream summary: exim.org reports: CVE-2011-0017 – check return value of setuid/setgid. This is a privilege escalation vulnerability whereby the Exim […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libproxy — stack-based buffer overflow Related CVEs: CVE-2012-4504 Upstream summary: Tomas Hoger reports: A buffer overflow flaw was discovered in the libproxy's url::get_pac() used to download proxy.pac proxy auto-configuration file. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: bacula — Console ACL Bypass Related CVEs: CVE-2012-4430 Upstream summary: A security issue has been reported in Bacula, which can be exploited by malicious users to bypass certain security restrictions. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: sudo-rs — Authenticating user not recorded properly in timestamp Related CVEs: CVE-2025-64170 CVE-2025-64517 Upstream summary: Trifecta Tech Foundation reports: With Defaults targetpw (or Defaults rootpw) enabled, the password of the […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: End of Life Ports Upstream summary: These packages have reached End of Life status and/or have been removed from the Ports Tree. They may contain undocumented security issues. Please take […]