Systemd Services

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ejabberd — Potential DDoS in XML Parser Related CVEs: CVE-2009-0934 CVE-2010-0305 CVE-2011-1753 Upstream summary: ejabberd team reports: This release adds new options that limit max memory used by XML parser […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Slixmpp — Lack of SSL Certificate hostname validation in XMLStream Related CVEs: CVE-2022-45197 Upstream summary: NIST reports: Slixmpp before 1.8.3 lacks SSL Certificate hostname validation in XMLStream, allowing an attacker […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: fd_set — bitmap index overflow in multiple applications Upstream summary: 3APA3A reports: If programmer fails to check socket number before using select() or fd_set macros, it's possible to overwrite memory […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-matrix-synapse — federation denial of service via malformed events Related CVEs: CVE-2022-31052 CVE-2024-31208 CVE-2024-37302 CVE-2024-37303 CVE-2024-52805 CVE-2024-52815 CVE-2024-53863 CVE-2024-53867  +1 more Upstream summary: element-hq/synapse developers report: A malicious server can […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: fail2ban — possible RCE vulnerability in mailing action using mailutils Related CVEs: CVE-2021-32749 Upstream summary: Jakub Żoczek reports: Command mail from mailutils package used in mail actions like mail-whois can […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: apache — Prevent chunk-size integer overflow on platforms where sizeof(int) < sizeof(long) Related CVEs: CVE-2005-2088 CVE-2005-3352 CVE-2006-3747 Upstream summary: Apache ChangeLog reports: Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: caldera — Remote Code Execution Related CVEs: CVE-2025-27364 Upstream summary: MITRE Caldera contributor report: In MITRE Caldera through 4.2.0 and 5.0.0 before 35bc06e, a Remote Code Execution (RCE) vulnerability was […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ha — Directory traversals Related CVEs: CVE-2015-1198 Upstream summary: Alexander Cherepanov reports: Version 0.999b and older of ha archiver is susceptible to directory traversal vulnerabilities via absolute and relative paths. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Plex Media Server — security vulnerability Related CVEs: CVE-2018-13415 CVE-2021-42835 Upstream summary: Plex Security Team reports: We have recently been made aware of a security vulnerability in Plex Media Server […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: asterisk — remote heap overwrite vulnerability Upstream summary: Adam Boileau of Security-Assessment.com reports: The Asterisk Skinny channel driver for Cisco SCCP phones (chan_skinny.so) incorrectly validates a length value in the […]