FreeBSD 15

FreeBSD 15 — ipython — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — ipython — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: devel/ipython — multiple vulnerabilities Related CVEs: CVE-2015-4706 CVE-2015-4707 CVE-2015-5607 CVE-2015-6938 CVE-2015-7337 Upstream summary: Matthias Bussonnier reports: Summary: Local folder name was used in HTML templates without escaping, allowing XSS in […]

Read more
FreeBSD 15 — mod_dav_svn-lts — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — mod_dav_svn-lts — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Subversion — Multiple vulnerabilities in server code Related CVEs: CVE-2021-28544 CVE-2022-24070 Upstream summary: Subversion project reports: Subversion servers reveal 'copyfrom' paths that should be hidden according to configured path-based authorization […]

Read more
FreeBSD 15 — opendmarc — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — opendmarc — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: OpenDMARC – Remote denial of service Related CVEs: CVE-2019-16378 CVE-2019-20790 CVE-2020-12272 CVE-2020-12460 CVE-2021-34555 Upstream summary: OpenDMARC 1.4.1 and 1.4.1.1 will dereference a NULL pointer when encountering a multi-value From: header […]

Read more
FreeBSD 15 — github-release-monitor — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — github-release-monitor — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: github-release-monitor — multiple vulnerabilities Related CVEs: CVE-2025-55183 CVE-2025-55184 Upstream summary: https://nextjs.org/blog/security-update-2025-12-11 reports: Description (Medium) Source Code Exposure: CVE-2025-55183 A specifically crafted HTTP request can cause a Server Function to return […]

Read more
FreeBSD 15 — py311-strawberry-graphql — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — py311-strawberry-graphql — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-strawberry-graphql — Multiple vulnerabilities Related CVEs: CVE-2026-35523 CVE-2026-35526 Upstream summary: The Strawberry GraphQL project reports: Strawberry up until version 0.312.3 is vulnerable to an authentication bypass on WebSocket subscription endpoints. […]

Read more
FreeBSD 15 — sdl2_sound — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — sdl2_sound — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: sdl2_sound — multiple vulnerabilities Related CVEs: CVE-2023-45676 CVE-2023-45677 CVE-2023-45680 CVE-2023-45681 CVE-2023-45682 Upstream summary: GitHub Security Lab reports: stb_image.h and stb_vorbis libraries contain several memory access violations of different severity Wild […]

Read more
FreeBSD 15 — py313-ormar — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — py313-ormar — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-ormar — vulnerabilities Related CVEs: CVE-2026-26198 CVE-2026-27953 Upstream summary: https://github.com/ormar-orm/ormar/security/advisories reports: SQL Injection in aggregate functions min() and max() Pydantic Validation Bypass via __pk_only__ and __excluded__ Kwargs Injection in Model […]

Read more
FreeBSD 15 — libtasn — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — libtasn — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libtasn1 — Stack-based buffer overflow Related CVEs: CVE-2012-1569 CVE-2015-2806 CVE-2016-4008 CVE-2025-13151 Upstream summary: oss-security@ list reports: Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size […]

Read more
FreeBSD 15 — jakarta-tomcat — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — jakarta-tomcat — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: tomcat — XSS vulnerability in sample applications Related CVEs: CVE-2005-2090 CVE-2007-0450 CVE-2007-1355 CVE-2007-1358 Upstream summary: The Apache Project reports: The JSP and Servlet included in the sample application within the […]

Read more
FreeBSD 15 — py27-bleach — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — py27-bleach — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-bleach — regular expression denial-of-service Related CVEs: CVE-2020-6817 Upstream summary: Bleach developers reports: bleach.clean behavior parsing style attributes could result in a regular expression denial of service (ReDoS). Calls to […]

Read more
CHAT