Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Security issues that affect the FreeBSD operating system or applications in the FreeBSD Ports Collection are documented using the Vulnerabilities and Exposures Markup Language (VuXML). The current VuXML document that serves as the source for the content of this site can be found:

Please report security issues to the FreeBSD Security Team at . Full contact details, including information handling policies and PGP key, can be found on the FreeBSD Security page.


Entered Topic
2019-09-29 Exim -- heap-based buffer overflow in string_vformat leading to RCE
2019-09-06 Exim -- RCE with root privileges in TLS SNI handler
2019-07-25 Exim -- RCE in ${sort} expansion
2019-06-06 Exim -- RCE in deliver_message() function
2018-02-10 exim -- a buffer overflow vulnerability, remote code execution
2017-11-30 exim -- remote DoS attack in BDAT processing
2017-11-27 exim -- remote code execution, deny of service in BDAT
2017-06-21 exim -- Privilege escalation via multiple memory leaks
2016-12-25 exim -- DKIM private key leak
2016-03-02 exim -- local privillege escalation
2012-10-26 Exim -- remote code execution
2011-05-14 Exim -- remote code execution and information disclosure
2011-02-10 exim -- local privilege escalation
2011-01-08 exim -- local privilege escalation
2005-01-05 exim -- two buffer overflow vulnerabilities
2004-05-06 exim buffer overflow when verify = header_syntax is used