FreeBSD Security Advisory - FreeBSD-SA-26:31.arm64

FreeBSD Security Advisory - Some Arm CPUs have errata where the ordering of stores and the TLBI+DSB sequence may be incorrect. If one CPU stores to a virtual address while another CPU invalidates the translation for that address, the second CPU's TLBI+DSB may complete before the first CPU's store...

FreeBSD-SA-26:29.ip6_multicast

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:29.ip6multicast Security Advisory The FreeBSD Project Topic: Use-after-free bug in the IPV6MSFILTER socket option handler Category: core Module: ip6multicast...

CVE-2026-4748

creationtimestamp| type| source ---|---|--- 2026-03-27 13:50:17+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/freebsd-security-advisory-av26-291 2026-04-01 08:40:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3migc73qfpe2i 2026-04-01 16:30:00+00:00| seen|...

FreeBSD Security Advisory - FreeBSD-SA-26:07.nvmf

FreeBSD Security Advisory - On a system exposing an NVMe/TCP target, a remote client can trigger a kernel panic by sending a CONNECT command for an I/O queue with a bogus or stale CNTLID...

CVE-2025-15576

creationtimestamp| type| source ---|---|--- 2026-02-27 16:51:02+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/freebsd-security-advisory-av26-179 2026-02-28 16:20:03+00:00| seen| https://bsky.app/profile/thedailytechfeed.com/post/3mfwmwwxhm22q...

FreeBSD : mail/mailpit -- Cross-Site WebSocket Hijacking (d822839e-ee4f-11f0-b53e-0897988a1c07)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the d822839e-ee4f-11f0-b53e-0897988a1c07 advisory. Mailpit author reports: The Mailpit WebSocket server is configured to accept connections from any origi...

FreeBSD : Forgejo -- Symbolic Link (Symlink) Following (963f4e9d-e4d5-11f0-984f-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 963f4e9d-e4d5-11f0-984f-b42e991fc52e advisory. https://codeberg.org/forgejo/forgejo/src/branch/forgejo/release-notes-published/13.0.2.md reports:...

FreeBSD-SA-25:12.rtsold

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-25:12.rtsold Security Advisory The FreeBSD Project Topic: Remote code execution via ND6 Router Advertisements Category: core Module: rtsold Announced: 2025-12-1...

FreeBSD Security Advisory - FreeBSD-SA-25:12.rtsold

FreeBSD Security Advisory - The rtsol8 and rtsold8 programs do not validate the domain search list options provided in router advertisement messages; the option body is passed to resolvconf8 unmodified. resolvconf8 is a shell script which does not validate its input. A lack of quoting meant that...

FreeBSD Security Advisory - FreeBSD-SA-25:10.unbound

FreeBSD Security Advisory - Promiscuous NS RRSets that complement DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone. Usually these RRSets are used to update the resolver's knowledge of the zone's name servers. If a malicious...

FreeBSD : unbound -- Possible domain hijacking via promiscuous records in the authority section (ea1c485f-b025-11f0-bce7-bc2411002f50)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ea1c485f-b025-11f0-bce7-bc2411002f50 advisory. [email protected] reports: NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possib...

EUVD-2016-7480

Malware in sbrugna...

FreeBSD : dnsdist -- Denial of service via crafted DoH exchange (c2253bff-9952-11f0-b6e2-6805ca2fa271)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c2253bff-9952-11f0-b6e2-6805ca2fa271 advisory. [email protected] reports: In some circumstances, when DNSdist is configured to use the nghttp2...

FreeBSD : Mozilla -- memory safety bugs (07335fb9-7eb1-11f0-ba14-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 07335fb9-7eb1-11f0-ba14-b42e991fc52e advisory. [email protected] reports: Memory safety bugs present in Firefox 141 and Thunderbird 141. Some of...

FreeBSD : p5-Authen-SASL -- Insecure source of randomness (defe9a20-781e-11f0-97c4-40b034429ecf)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the defe9a20-781e-11f0-97c4-40b034429ecf advisory. p5-Authen-SASL project reports: Authen::SASL::Perl::DIGESTMD5 versions 2.04 through 2.1800 for Perl...

PlayStation: Use-after-free in setsockopt IPV6_2292PKTOPTIONS (CVE-2020-7457)

The PS5 is vulnerable to https://hackerone.com/reports/826026 which easily grants kernel access to an attacker. This vulnerability had been reported by me for the PS4 2 years ago when the PS5 did not yet exist, thus this should be considered as a new report and not a duplicate. I was able to use...

Slackware: Security Advisory (SSA:2006-257-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD Ports: ImageMagick, ImageMagick-nox11

The remote host is missing an update to the system as announced in the referenced advisory. VID b6cad7f3-fb59-11d8-9837-000c41e2cdad OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

[Full-Disclosure] Advisory: Heimdal kadmind version4 remote heap overflow

Name: Heimdal kadmind version4 remote heap overflow Date: 6 May 2004 CVE candidate: CAN-2004-0434 Author: Evgeny Demidov Description: There exists a remote preauth heap overflow vulnerability in Heimdal kadmind version4 support. All versions of Heimdal including 0.6.1 are known to be vulnerable...

FreeBSD-SA-04:08.heimdal

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:08.heimdal Security Advisory The FreeBSD Project Topic: heimdal cross-realm trust vulnerability Category: core Module: cryptoheimdal Announced: 2004-05-05...