Package Management

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libgcrypt — ECDSA timing attack Related CVEs: CVE-2013-4242 CVE-2015-7511 CVE-2016-6313 CVE-2017-0379 CVE-2017-7526 CVE-2018-0495 CVE-2019-13627 Upstream summary: GnuPG reports: Mitigate an ECDSA timing attack. Table of contents Symptom & Impact Environment […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: readstat — Heap buffer overflow in readstat_convert Upstream summary: Google reports: A heap buffer overflow exists in readstat_convert. Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: nghttp2 — CWE-617: Reachable Assertion Related CVEs: CVE-2015-8659 CVE-2016-1544 CVE-2018-1000168 CVE-2019-9511 CVE-2019-9513 CVE-2020-11080 CVE-2026-27135 Upstream summary: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6 reports: nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Vieb — Remote Code Execution via Visiting Untrusted URLs Upstream summary: Zhengyu Liu, Jianjia Yu, Jelmer van Arnhem report: We discovered a remote code execution (RCE) vulnerability in the latest […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: IRC Services– Denial of Service Vulnerability Related CVEs: CVE-2007-6122 Upstream summary: Secunia reports: A vulnerability has been reported in IRC Services, which can be exploited by malicious people to cause […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Configobj — Regular Expression Denial of Service attack Related CVEs: CVE-2023-26112 Upstream summary: [email protected] reports: All versions of the package configobj are vulnerable to Regular Expression Denial of Service (ReDoS) […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: xmltooling — remote resource access Related CVEs: CVE-2015-2684 CVE-2018-0486 CVE-2018-0489 Upstream summary: Shibboleth consortium reports: An updated version of the XMLTooling library that is part of the OpenSAML and Shibboleth […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: PyYAML — arbitrary code execution Related CVEs: CVE-2020-14343 Upstream summary: A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: tt-rss — multiple vulnerabilities Related CVEs: CVE-2016-10033 CVE-2016-10045 CVE-2016-6175 CVE-2017-5223 CVE-2020-25787 CVE-2020-25788 CVE-2020-25789 Upstream summary: tt-rss project reports: The cached_url feature mishandles JavaScript inside an SVG document. imgproxy in plugins/af_proxy_http/init.php […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: oauth2-proxy — multiple vulnerabilities Related CVEs: CVE-2024-24784 CVE-2024-24786 CVE-2024-24790 CVE-2024-24791 CVE-2024-28180 CVE-2024-45288 CVE-2024-45338 CVE-2025-47914  +4 more Upstream summary: During session resumption in crypto/tls, if the underlying Config has its ClientCAs […]