Systemd Services

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: go — invalid headers are normalized, allowing request smuggling Related CVEs: CVE-2019-16276 Upstream summary: The Go project reports: net/http (through net/textproto) used to accept and normalize invalid HTTP/1.1 headers with […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php — multiple vulnerabilities Related CVEs: CVE-2011-1148 CVE-2011-1938 CVE-2011-2202 CVE-2011-2483 Upstream summary: PHP development team reports: Security Enhancements and Fixes in PHP 5.3.7: Updated crypt_blowfish to 1.2. (CVE-2011-2483) Fixed crash […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-pymatgen — regular expression denial of service Related CVEs: CVE-2022-42964 Upstream summary: An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the pymatgen PyPI package, when an […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: xv — exploitable buffer overflows Upstream summary: In a Bugtraq posting, infamous41md(at)hotpop.com reported: there are at least 5 exploitable buffer and heap overflows in the image handling code. this allows […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: doas — Prevent passing of environment variables Upstream summary: Jesse Smith (upstream author of the doas program) reported: Previous versions of "doas" transferred most environment variables, such as USER, HOME, […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: fidogate — write files as `news' user Upstream summary: Neils Heinen reports that the setuid `news' binaries installed as part of fidogate may be used to create files or append […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: openafs — multiple vulnerabilities Related CVEs: CVE-2013-1794 CVE-2013-4134 CVE-2014-0159 CVE-2015-7762 CVE-2015-7763 CVE-2015-8312 CVE-2016-2860 CVE-2016-4536 Upstream summary: The OpenAFS development team reports: Foreign users can bypass access controls to create groups […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-gunicorn — CWE-113 vulnerability Related CVEs: CVE-2018-1000164 Upstream summary: Everardo reports: gunicorn version 19.4.5 contains a CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers vulnerability in process_headers function in […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: isc-dhcpd — Denial of Service Related CVEs: CVE-2011-2748 CVE-2011-2749 CVE-2011-4539 CVE-2011-4868 CVE-2012-3570 CVE-2012-3571 CVE-2012-3954 CVE-2015-8605 Upstream summary: ISC reports: A badly formed packet with an invalid IPv4 UDP length field […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: msmtp — certificate-verification issue Related CVEs: CVE-2019-8337 Upstream summary: msmtp developers report: In msmtp 1.8.2, when tls_trust_file has its default configuration, certificate-verification results are not properly checked. Table of contents […]