FreeBSD 12

FreeBSD 12 — apache+mod_ssl+mod_snmp+mod_accel+ipv — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — apache+mod_ssl+mod_snmp+mod_accel+ipv — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: apache — Prevent chunk-size integer overflow on platforms where sizeof(int) < sizeof(long) Related CVEs: CVE-2005-2088 CVE-2005-3352 CVE-2006-3747 Upstream summary: Apache ChangeLog reports: Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c […]

Read more
FreeBSD 12 — py38-configobj — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — py38-configobj — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Configobj — Regular Expression Denial of Service attack Related CVEs: CVE-2023-26112 Upstream summary: [email protected] reports: All versions of the package configobj are vulnerable to Regular Expression Denial of Service (ReDoS) […]

Read more
FreeBSD 12 — pdftohtml — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — pdftohtml — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: xpdf — stack based buffer overflow Related CVEs: CVE-2004-1125 CVE-2005-0064 CVE-2007-3387 Upstream summary: The KDE Team reports: kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains a vulnerability […]

Read more
FreeBSD 12 — lynx — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — lynx — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: lynx — SSL certificate validation error Related CVEs: CVE-2005-3120 CVE-2014-3566 CVE-2016-9179 Upstream summary: Axel Beckert reports: […] I was able to capture the password given on the commandline in traffic […]

Read more
FreeBSD 12 — openjdk7-jre — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — openjdk7-jre — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: java — multiple vulnerabilities Related CVEs: CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4810 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842  +12 more Upstream summary: Oracle reports: This Critical Patch Update contains 25 new security fixes for […]

Read more
FreeBSD 12 — tinymce — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — tinymce — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: TinyMCE — mXSS in multiple plugins Related CVEs: CVE-2023-48219 Upstream summary: TinyMCE reports: Special characters in unescaped text nodes can trigger mXSS when using TinyMCE undo/redo, getContentAPI, resetContentAPI, and Autosave […]

Read more
FreeBSD 12 — varnish-libvmod-digest — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — varnish-libvmod-digest — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: www/varnish-libvmod-digest — base64 decoding vulnerability Related CVEs: CVE-2023-41104 Upstream summary: varnish developers report: Common usage of vmod-digest is for basic HTTP authentication, in which case it may be possible for […]

Read more
FreeBSD 12 — py314-spotipy — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — py314-spotipy — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: spotipy — CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Related CVEs: CVE-2025-66040 Upstream summary: https://github.com/spotipy-dev/spotipy/security/advisories/GHSA-r77h-rpp9-w2xm reports: Spotipy is a Python library for the Spotify Web API. […]

Read more
FreeBSD 12 — py313-pdfminer.six — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — py313-pdfminer.six — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-pdfminer.six — Arbitrary Code Execution in pdfminer.six via Crafted PDF Input Related CVEs: CVE-2025-64512 Upstream summary: Pieter Marsman reports: pdfminer.six will execute arbitrary code from a malicious pickle file if […]

Read more
FreeBSD 12 — py312-social-auth-app-django — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — py312-social-auth-app-django — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-social-auth-app-django — Unsafe account association Related CVEs: CVE-2025-61783 Upstream summary: Michal Čihař reports: Upon authentication, the user could be associated by e-mail even if the associate_by_email pipeline was not included. […]

Read more
CHAT