FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  524234
Date:      2020-01-27
Time:      01:38:10Z
Committer: timur

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
0c6b008d-35c4-11e6-8e82-002590263bf5flash -- multiple vulnerabilities

Adobe reports:

These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2016-1105, CVE-2016-4117).

These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-1097, CVE-2016-1106, CVE-2016-1107, CVE-2016-1108, CVE-2016-1109, CVE-2016-1110, CVE-2016-4108, CVE-2016-4110, CVE-2016-4121).

These updates resolve a heap buffer overflow vulnerability that could lead to code execution (CVE-2016-1101).

These updates resolve a buffer overflow vulnerability that could lead to code execution (CVE-2016-1103).

These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4161, CVE-2016-4162, CVE-2016-4163).

These updates resolve a vulnerability in the directory search path used to find resources that could lead to code execution (CVE-2016-4116).


Discovery 2016-05-12
Entry 2016-06-19
linux-c6-flashplugin
linux-c6_64-flashplugin
linux-f10-flashplugin
lt 11.2r202.621

CVE-2016-1096
CVE-2016-1097
CVE-2016-1098
CVE-2016-1099
CVE-2016-1100
CVE-2016-1101
CVE-2016-1102
CVE-2016-1103
CVE-2016-1104
CVE-2016-1105
CVE-2016-1106
CVE-2016-1107
CVE-2016-1108
CVE-2016-1109
CVE-2016-1110
CVE-2016-4108
CVE-2016-4109
CVE-2016-4110
CVE-2016-4111
CVE-2016-4112
CVE-2016-4113
CVE-2016-4114
CVE-2016-4115
CVE-2016-4116
CVE-2016-4117
CVE-2016-4120
CVE-2016-4121
CVE-2016-4160
CVE-2016-4161
CVE-2016-4162
CVE-2016-4163
https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
2482c798-93c6-11e6-846f-bc5ff4fb5ea1flash -- multiple vulnerabilities

Adobe reports:

Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and ChromeOS. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.

These updates resolve a type confusion vulnerability that could lead to code execution (CVE-2016-6992).

These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-6981, CVE-2016-6987).

These updates resolve a security bypass vulnerability (CVE-2016-4286).

These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, CVE-2016-6990).


Discovery 2016-10-11
Entry 2016-10-24
linux-c6-flashplugin
linux-c6_64-flashplugin
linux-c7-flashplugin
linux-f10-flashplugin
lt 11.2r202.637

CVE-2016-4273
CVE-2016-4286
CVE-2016-6981
CVE-2016-6982
CVE-2016-6983
CVE-2016-6984
CVE-2016-6985
CVE-2016-6986
CVE-2016-6987
CVE-2016-6989
CVE-2016-6990
CVE-2016-6992
https://helpx.adobe.com/security/products/flash-player/apsb16-32.html
de6d01d5-9c44-11e6-ba67-0011d823eebdflash -- remote code execution

Adobe reports:

Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address a critical vulnerability that could potentially allow an attacker to take control of the affected system.

Adobe is aware of a report that an exploit for CVE-2016-7855 exists in the wild, and is being used in limited, targeted attacks against users running Windows versions 7, 8.1 and 10.


Discovery 2016-10-26
Entry 2016-10-27
linux-f10-flashplugin
linux-c6-flashplugin
linux-c7-flashplugin
lt 11.2r202.643

CVE-2016-7855
https://helpx.adobe.com/security/products/flash-player/apsb16-36.html
0e3dfdde-35c4-11e6-8e82-002590263bf5flash -- multiple vulnerabilities

Adobe reports:

These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2016-4144, CVE-2016-4149).

These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-4142, CVE-2016-4143, CVE-2016-4145, CVE-2016-4146, CVE-2016-4147, CVE-2016-4148).

These updates resolve heap buffer overflow vulnerabilities that could lead to code execution (CVE-2016-4135, CVE-2016-4136, CVE-2016-4138).

These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-4122, CVE-2016-4123, CVE-2016-4124, CVE-2016-4125, CVE-2016-4127, CVE-2016-4128, CVE-2016-4129, CVE-2016-4130, CVE-2016-4131, CVE-2016-4132, CVE-2016-4133, CVE-2016-4134, CVE-2016-4137, CVE-2016-4141, CVE-2016-4150, CVE-2016-4151, CVE-2016-4152, CVE-2016-4153, CVE-2016-4154, CVE-2016-4155, CVE-2016-4156, CVE-2016-4166, CVE-2016-4171).

These updates resolve a vulnerability in the directory search path used to find resources that could lead to code execution (CVE-2016-4140).

These updates resolve a vulnerability that could be exploited to bypass the same-origin-policy and lead to information disclosure (CVE-2016-4139).


Discovery 2016-06-16
Entry 2016-06-19
linux-c6-flashplugin
linux-c6_64-flashplugin
linux-f10-flashplugin
lt 11.2r202.626

CVE-2016-4122
CVE-2016-4123
CVE-2016-4124
CVE-2016-4125
CVE-2016-4127
CVE-2016-4128
CVE-2016-4129
CVE-2016-4130
CVE-2016-4131
CVE-2016-4132
CVE-2016-4133
CVE-2016-4134
CVE-2016-4135
CVE-2016-4136
CVE-2016-4137
CVE-2016-4138
CVE-2016-4139
CVE-2016-4140
CVE-2016-4141
CVE-2016-4142
CVE-2016-4143
CVE-2016-4144
CVE-2016-4145
CVE-2016-4146
CVE-2016-4147
CVE-2016-4148
CVE-2016-4149
CVE-2016-4150
CVE-2016-4151
CVE-2016-4152
CVE-2016-4153
CVE-2016-4154
CVE-2016-4155
CVE-2016-4156
CVE-2016-4166
CVE-2016-4171
https://helpx.adobe.com/security/products/flash-player/apsb16-18.html
96f6bf10-a731-11e6-95ca-0011d823eebdflash -- multiple vulnerabilities

Adobe reports:

  • These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2016-7860, CVE-2016-7861, CVE-2016-7865).
  • These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-7857, CVE-2016-7858, CVE-2016-7859, CVE-2016-7862, CVE-2016-7863, CVE-2016-7864).

Discovery 2016-11-08
Entry 2016-11-10
linux-c6-flashplugin
linux-c7-flashplugin
linux-f10-flashplugin
lt 11.2r202.644

https://helpx.adobe.com/security/products/flash-player/apsb16-37.html
CVE-2016-7857
CVE-2016-7858
CVE-2016-7859
CVE-2016-7860
CVE-2016-7861
CVE-2016-7862
CVE-2016-7863
CVE-2016-7864
CVE-2016-7865
a522d6ac-4aed-11e6-97ea-002590263bf5flash -- multiple vulnerabilities

Adobe reports:

These updates resolve a race condition vulnerability that could lead to information disclosure (CVE-2016-4247).

These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2016-4223, CVE-2016-4224, CVE-2016-4225).

These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, CVE-2016-4248).

These updates resolve a heap buffer overflow vulnerability that could lead to code execution (CVE-2016-4249).

These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, CVE-2016-4246).

These updates resolve a memory leak vulnerability (CVE-2016-4232).

These updates resolve stack corruption vulnerabilities that could lead to code execution (CVE-2016-4176, CVE-2016-4177).

These updates resolve a security bypass vulnerability that could lead to information disclosure (CVE-2016-4178).


Discovery 2016-07-12
Entry 2016-07-16
linux-c6-flashplugin
linux-c6_64-flashplugin
linux-f10-flashplugin
lt 11.2r202.632

CVE-2016-4172
CVE-2016-4173
CVE-2016-4174
CVE-2016-4175
CVE-2016-4176
CVE-2016-4177
CVE-2016-4178
CVE-2016-4179
CVE-2016-4180
CVE-2016-4181
CVE-2016-4182
CVE-2016-4183
CVE-2016-4184
CVE-2016-4185
CVE-2016-4186
CVE-2016-4187
CVE-2016-4188
CVE-2016-4189
CVE-2016-4190
CVE-2016-4217
CVE-2016-4218
CVE-2016-4219
CVE-2016-4220
CVE-2016-4221
CVE-2016-4222
CVE-2016-4223
CVE-2016-4224
CVE-2016-4225
CVE-2016-4226
CVE-2016-4227
CVE-2016-4228
CVE-2016-4229
CVE-2016-4230
CVE-2016-4231
CVE-2016-4232
CVE-2016-4233
CVE-2016-4234
CVE-2016-4235
CVE-2016-4236
CVE-2016-4237
CVE-2016-4238
CVE-2016-4239
CVE-2016-4240
CVE-2016-4241
CVE-2016-4242
CVE-2016-4243
CVE-2016-4244
CVE-2016-4245
CVE-2016-4246
CVE-2016-4247
CVE-2016-4248
CVE-2016-4249
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html
f7b3d1eb-f738-11e5-a710-0011d823eebdflash -- multiple vulnerabilities

Adobe reports:

These updates resolve integer overflow vulnerabilities that could lead to code execution (CVE-2016-0963, CVE-2016-0993, CVE-2016-1010).

These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, CVE-2016-1000).

These updates resolve a heap overflow vulnerability that could lead to code execution (CVE-2016-1001).

These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, CVE-2016-1005).


Discovery 2016-03-10
Entry 2016-03-31
linux-c6-flashplugin
linux-f10-flashplugin
linux-c6_64-flashplugin
lt 11.2r202.577

CVE-2016-0960
CVE-2016-0961
CVE-2016-0962
CVE-2016-0963
CVE-2016-0986
CVE-2016-0987
CVE-2016-0988
CVE-2016-0989
CVE-2016-0990
CVE-2016-0991
CVE-2016-0992
CVE-2016-0993
CVE-2016-0994
CVE-2016-0995
CVE-2016-0996
CVE-2016-0997
CVE-2016-0998
CVE-2016-0999
CVE-2016-1000
CVE-2016-1001
CVE-2016-1002
CVE-2016-1005
CVE-2016-1010
https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
5d8e56c3-9e67-4d5b-81c9-3a409dfd705fflash -- multiple vulnerabilities

Adobe reports:

These updates resolve a type confusion vulnerability that could lead to code execution (CVE-2016-0985).

These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984).

These updates resolve a heap buffer overflow vulnerability that could lead to code execution (CVE-2016-0971).

These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, CVE-2016-0981).


Discovery 2016-02-09
Entry 2016-02-10
linux-c6-flashplugin
linux-f10-flashplugin
linux-c6_64-flashplugin
lt 11.2r202.569

CVE-2016-0964
CVE-2016-0965
CVE-2016-0966
CVE-2016-0967
CVE-2016-0968
CVE-2016-0969
CVE-2016-0970
CVE-2016-0971
CVE-2016-0972
CVE-2016-0973
CVE-2016-0974
CVE-2016-0975
CVE-2016-0976
CVE-2016-0977
CVE-2016-0978
CVE-2016-0979
CVE-2016-0980
CVE-2016-0981
CVE-2016-0982
CVE-2016-0983
CVE-2016-0984
CVE-2016-0985
https://helpx.adobe.com/security/products/flash-player/apsb16-04.html
07888b49-35c4-11e6-8e82-002590263bf5flash -- multiple vulnerabilities

Adobe reports:

These updates harden a mitigation against JIT spraying attacks that could be used to bypass memory layout randomization mitigations (CVE-2016-1006).

These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2016-1015, CVE-2016-1019).

These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-1011, CVE-2016-1013, CVE-2016-1016, CVE-2016-1017, CVE-2016-1031).

These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, CVE-2016-1033).

These updates resolve a stack overflow vulnerability that could lead to code execution (CVE-2016-1018).

These updates resolve a security bypass vulnerability (CVE-2016-1030).

These updates resolve a vulnerability in the directory search path used to find resources that could lead to code execution (CVE-2016-1014).


Discovery 2016-04-07
Entry 2016-06-19
linux-c6-flashplugin
linux-c6_64-flashplugin
linux-f10-flashplugin
lt 11.2r202.616

CVE-2016-1006
CVE-2016-1011
CVE-2016-1012
CVE-2016-1013
CVE-2016-1014
CVE-2016-1015
CVE-2016-1016
CVE-2016-1017
CVE-2016-1018
CVE-2016-1019
CVE-2016-1020
CVE-2016-1021
CVE-2016-1022
CVE-2016-1023
CVE-2016-1024
CVE-2016-1025
CVE-2016-1026
CVE-2016-1027
CVE-2016-1028
CVE-2016-1029
CVE-2016-1030
CVE-2016-1031
CVE-2016-1032
CVE-2016-1033
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html