FreeBSD 12

FreeBSD 12 — opensmtpd — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — opensmtpd — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: OpenSMTPd — LPE and RCE in OpenSMTPD's default install Related CVEs: CVE-2015-7687 CVE-2020-7247 CVE-2020-8793 CVE-2020-8794 Upstream summary: OpenSMTPD developers reports: An out of bounds read in smtpd allows an attacker […]

Read more
FreeBSD 12 — py39-flask-caching — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — py39-flask-caching — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-flask-caching — remote code execution or local privilege escalation vulnerabilities Related CVEs: CVE-2021-33026 Upstream summary: subnix reports: The Flask-Caching extension through 2.0.2 for Flask relies on Pickle for serialization, which […]

Read more
FreeBSD 12 — knot — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — knot — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: BIND,Knot,NSD,PowerDNS — denial over service via oversized zone transfers Related CVEs: CVE-2016-6170 CVE-2016-6171 CVE-2016-6172 CVE-2016-6173 Upstream summary: ISC reports: DNS protocols were designed with the assumption that a certain amount […]

Read more
FreeBSD 12 — cloud-init-devel — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — cloud-init-devel — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: cloud-init — sensitive data exposure in cloud-init logs Related CVEs: CVE-2023-1786 Upstream summary: [email protected] reports: Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could […]

Read more
FreeBSD 12 — chrony — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — chrony — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: chrony <= 3.5.1 data corruption through symlink vulnerability writing the pidfile Related CVEs: CVE-2015-1821 CVE-2015-1822 CVE-2015-1853 CVE-2020-14367 Upstream summary: Miroslav Lichvar reports: chrony-3.5.1 […] fixes a security issue in writing […]

Read more
FreeBSD 12 — linux-c7-curl — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — linux-c7-curl — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: curl — password overflow vulnerability Related CVEs: CVE-2017-8816 CVE-2017-8817 CVE-2017-8818 CVE-2018-14618 Upstream summary: curl security problems: CVE-2018-14618: NTLM password overflow via integer overflow The internal function Curl_ntlm_core_mk_nt_hash multiplies the length […]

Read more
FreeBSD 12 — py39-pymatgen — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — py39-pymatgen — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-pymatgen — regular expression denial of service Related CVEs: CVE-2022-42964 Upstream summary: An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the pymatgen PyPI package, when an […]

Read more
FreeBSD 12 — libksba — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — libksba — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libksba — local denial of service vulnerabilities Related CVEs: CVE-2016-4353 CVE-2016-4354 CVE-2016-4355 CVE-2016-4356 Upstream summary: Martin Prpic, Red Hat Product Security Team, reports: Denial of Service due to stack overflow […]

Read more
FreeBSD 12 — linux-rl9-libxml — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — linux-rl9-libxml — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libxml2 — multiple vulnerabilities Related CVEs: CVE-2025-49794 CVE-2025-49795 CVE-2025-6021 CVE-2025-6170 Upstream summary: Alan Coopersmith reports: As discussed in https://gitlab.gnome.org/GNOME/libxml2/-/issues/913 the security policy of libxml2 has been changed to disclose vulnerabilities […]

Read more
FreeBSD 12 — py39-py — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — py39-py — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py39-py — Regular expression Denial of Service vulnerability Related CVEs: CVE-2022-42969 Upstream summary: SCH227 reports: The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS (Regular […]

Read more
CHAT