Troubleshooting

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: doas — Prevent passing of environment variables Upstream summary: Jesse Smith (upstream author of the doas program) reported: Previous versions of "doas" transferred most environment variables, such as USER, HOME, […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: urllib3 — multiple vulnerabilities Related CVEs: CVE-2018-20060 CVE-2019-11236 CVE-2019-11324 Upstream summary: NIST reports: (by search in the range 2018/01/01 – 2019/11/10): urllib3 before version 1.23 does not remove the Authorization […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: msmtp — certificate-verification issue Related CVEs: CVE-2019-8337 Upstream summary: msmtp developers report: In msmtp 1.8.2, when tls_trust_file has its default configuration, certificate-verification results are not properly checked. Table of contents […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: uudeview buffer overflows Upstream summary: The authors of UUDeview report repairing two buffer overflows in their software. Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: security/trousers — several vulnerabilities Related CVEs: CVE-2020-24330 CVE-2020-24331 CVE-2020-24332 Upstream summary: the TrouSerS project reports reports: If the tcsd daemon is started with root privileges, it fails to drop the […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: pkg — vulnerability in libfetch Related CVEs: CVE-2013-6393 CVE-2020-7450 Upstream summary: A programming error allows an attacker who can specify a URL with a username and/or password components to overflow […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mailman < 2.1.38 — CSRF vulnerability of list mod or member against list admin page Related CVEs: CVE-2006-1712 CVE-2006-2191 CVE-2006-2941 CVE-2006-3636 CVE-2006-4624 CVE-2008-0564 CVE-2015-2775 CVE-2018-0618  +7 more Upstream summary: Mark […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: git — integer overflow Related CVEs: CVE-2015-7545 CVE-2016-2324 Upstream summary: Debian reports: integer overflow due to a loop which adds more to "len". Table of contents Symptom & Impact Environment […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: coturn — information leakage Related CVEs: CVE-2020-4067 Upstream summary: Felix Dörre reports: The issue is that STUN/TURN response buffer is not initialized properly. (CWE 665) This is a leak of […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libsndfile — out-of-bounds reads Related CVEs: CVE-2017-12562 CVE-2017-14245 CVE-2017-14246 CVE-2017-14634 CVE-2017-17456 CVE-2017-17457 CVE-2017-6892 CVE-2017-7585  +7 more Upstream summary: Xin-Jiang on Github reports: CVE-2017-14245 (Medium): An out of bounds read in […]