Systemd Services

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-treq — sensitive information leak vulnerability Related CVEs: CVE-2022-23607 Upstream summary: Treq's request methods (`treq.get`, `treq.post`, `HTTPClient.request`, `HTTPClient.get`, etc.) accept cookies as a dictionary. Such cookies are not bound to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Openfire administration console authentication bypass Related CVEs: CVE-2008-1728 CVE-2008-6508 CVE-2008-6509 CVE-2008-6510 CVE-2008-6511 CVE-2009-0496 CVE-2009-0497 CVE-2009-1595  +2 more Upstream summary: [email protected] reports: Openfire's administrative console, a web-based application, was found to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: exim — local privilege escalation Related CVEs: CVE-2004-0400 CVE-2005-0021 CVE-2005-0022 CVE-2011-0017 Upstream summary: exim.org reports: CVE-2011-0017 – check return value of setuid/setgid. This is a privilege escalation vulnerability whereby the […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: pycrypto — PRNG reseed race condition Related CVEs: CVE-2013-1445 Upstream summary: Dwayne Litzenberger reports: In PyCrypto before v2.6.1, the Crypto.Random pseudo-random number generator (PRNG) exhibits a race condition that may […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: rubygem-geminabox — XSS vulnerabilities Related CVEs: CVE-2017-14506 CVE-2017-14683 CVE-2017-16792 Upstream summary: NVD reports: Stored cross-site scripting (XSS) vulnerability in "geminabox" (Gem in a Box) before 0.13.10 allows attackers to inject […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-flask-security — user redirect to arbitrary URL vulnerability Related CVEs: CVE-2021-23385 Upstream summary: Snyk reports: This affects all versions of package Flask-Security. When using the `get_post_logout_redirect` and `get_post_login_redirect` functions, it […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ruby — UTF-7 encoding XSS vulnerability in WEBrick Related CVEs: CVE-2006-5467 CVE-2006-6303 CVE-2008-1447 CVE-2008-2726 CVE-2008-3655 CVE-2008-3656 CVE-2008-3905 CVE-2009-1904  +1 more Upstream summary: The official ruby site reports: WEBrick have had […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: End of Life Ports Upstream summary: These packages have reached End of Life status and/or have been removed from the Ports Tree. They may contain undocumented security issues. Please take […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: BIND,Knot,NSD,PowerDNS — denial over service via oversized zone transfers Related CVEs: CVE-2016-6170 CVE-2016-6171 CVE-2016-6172 CVE-2016-6173 Upstream summary: ISC reports: DNS protocols were designed with the assumption that a certain amount […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: End of Life Ports Upstream summary: These packages have reached End of Life status and/or have been removed from the Ports Tree. They may contain undocumented security issues. Please take […]