Systemd Services

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: xv — exploitable buffer overflows Upstream summary: In a Bugtraq posting, infamous41md(at)hotpop.com reported: there are at least 5 exploitable buffer and heap overflows in the image handling code. this allows […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: doas — Prevent passing of environment variables Upstream summary: Jesse Smith (upstream author of the doas program) reported: Previous versions of "doas" transferred most environment variables, such as USER, HOME, […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: fidogate — write files as `news' user Upstream summary: Neils Heinen reports that the setuid `news' binaries installed as part of fidogate may be used to create files or append […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: openafs — multiple vulnerabilities Related CVEs: CVE-2013-1794 CVE-2013-4134 CVE-2014-0159 CVE-2015-7762 CVE-2015-7763 CVE-2015-8312 CVE-2016-2860 CVE-2016-4536 Upstream summary: The OpenAFS development team reports: Foreign users can bypass access controls to create groups […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-gunicorn — CWE-113 vulnerability Related CVEs: CVE-2018-1000164 Upstream summary: Everardo reports: gunicorn version 19.4.5 contains a CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers vulnerability in process_headers function in […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: isc-dhcpd — Denial of Service Related CVEs: CVE-2011-2748 CVE-2011-2749 CVE-2011-4539 CVE-2011-4868 CVE-2012-3570 CVE-2012-3571 CVE-2012-3954 CVE-2015-8605 Upstream summary: ISC reports: A badly formed packet with an invalid IPv4 UDP length field […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: msmtp — certificate-verification issue Related CVEs: CVE-2019-8337 Upstream summary: msmtp developers report: In msmtp 1.8.2, when tls_trust_file has its default configuration, certificate-verification results are not properly checked. Table of contents […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: hsftp format string vulnerabilities Upstream summary: Ulf Härnhammar discovered a format string bug in hsftp's file listing code may allow a malicious server to cause arbitrary code execution by the […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: SquirrelMail — post-authentication access privileges Related CVEs: CVE-2004-1036 CVE-2005-0075 CVE-2005-0103 CVE-2005-0104 CVE-2005-1769 CVE-2005-2095 CVE-2006-0188 CVE-2006-0195  +6 more Upstream summary: Florian Grunow reports: An attacker able to exploit this vulnerability can […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: OpenVPN — out-of-bounds write in legacy key-method 1 Related CVEs: CVE-2017-12166 CVE-2017-7478 CVE-2017-7479 CVE-2017-7508 CVE-2017-7512 CVE-2017-7520 CVE-2017-7521 CVE-2017-7522 Upstream summary: Steffan Karger reports: The bounds check in read_key() was performed […]