Systemd Services

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-yaml — FullLoader (still) exploitable for arbitrary command execution Related CVEs: CVE-2017-18342 CVE-2020-1747 Upstream summary: Riccardo Schirone (https://github.com/ret2libc) reports: In FullLoader python/object/new constructor, implemented by construct_python_object_apply, has support for setting […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mambo — multiple SQL injection vulnerabilities Related CVEs: CVE-2005-2002 CVE-2006-0871 CVE-2006-1794 CVE-2006-3262 CVE-2006-3263 Upstream summary: James Bercegay reports: Mambo is vulnerable to an Authentication Bypass issue that is due to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: PostgreSQL — Multiple vulnerabilities Related CVEs: CVE-2025-12817 CVE-2025-12818 CVE-2026-6472 CVE-2026-6473 CVE-2026-6474 CVE-2026-6475 CVE-2026-6476 CVE-2026-6477  +5 more Upstream summary: The PostgreSQL project reports: Missing authorization in PostgreSQL CREATE TYPE allows an […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libzip — integer overflow Related CVEs: CVE-2015-2331 Upstream summary: libzip developers report: Avoid integer overflow. Fixed similarly to patch used in PHP copy of libzip. Table of contents Symptom & […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Wagtail — potential timing attack vulnerability Related CVEs: CVE-2020-11001 CVE-2020-11037 Upstream summary: Wagtail release notes: CVE-2020-11037: Potential timing attack on password-protected private pages This release addresses a potential timing attack […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Enhanced cTorrent — stack-based overflow Related CVEs: CVE-2009-1759 Upstream summary: Securityfocus reports: cTorrent and dTorrent are prone to a remote buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: soft-serve — Remote code execution vulnerability Related CVEs: CVE-2024-41956 Upstream summary: soft-serve team reports: Arbitrary code execution by crafting git ssh requests It is possible for a user who can […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: screen — multiple vulnerabilities Related CVEs: CVE-2006-4573 CVE-2015-6806 CVE-2025-23395 CVE-2025-46802 CVE-2025-46803 CVE-2025-46804 CVE-2025-46805 Upstream summary: The screen project reports: Multiple security issues in screen. Table of contents Symptom & Impact […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: QtNetworkAuth — predictable seeding of PRNG in QAbstractOAuth Related CVEs: CVE-2024-36048 Upstream summary: Andy Shaw reports: The OAuth1 implementation in QtNetworkAuth created nonces using a PRNG that was seeded with […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: lynx — SSL certificate validation error Related CVEs: CVE-2005-3120 CVE-2014-3566 CVE-2016-9179 Upstream summary: Axel Beckert reports: […] I was able to capture the password given on the commandline in traffic […]