FreeBSD 15

FreeBSD 15 — php71-exif — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — php71-exif — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: PHP — Multiple vulnerabilities in EXIF module Related CVEs: CVE-2019-11034 CVE-2019-11035 Upstream summary: The PHP project reports: Heap-buffer-overflow in php_ifd_get32s (CVE-2019-11034) Heap-buffer-overflow in exif_iif_add_value (CVE-2019-11035) Table of contents Symptom & […]

Read more
FreeBSD 15 — consul — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — consul — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: consul — rpc: authorize raft requests Related CVEs: CVE-2017-15133 CVE-2020-25864 CVE-2020-28053 CVE-2021-28156 CVE-2021-37219 Upstream summary: Hashicorp reports: HashiCorp Consul Raft RPC layer allows non-server agents with a valid certificate signed […]

Read more
FreeBSD 15 — bacula-web — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — bacula-web — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Bacula-Web — Multiple Vulnerabilities Related CVEs: CVE-2021-26119 CVE-2021-26120 Upstream summary: Bacula-Web reports: Address Smarty CVE Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage Step-by-Step […]

Read more
FreeBSD 15 — py37-pysaml — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — py37-pysaml — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: pysaml2 — multiple vulnerabilities Related CVEs: CVE-2021-21238 CVE-2021-21239 Upstream summary: pysaml2 Releases: Fix processing of invalid SAML XML documents – CVE-2021-21238 Fix unspecified xmlsec1 key-type preference – CVE-2021-21239 Table of […]

Read more
FreeBSD 15 — postgresql-client — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — postgresql-client — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: databases/postgresql*-client — multiple vulnerabilities Related CVEs: CVE-2009-4034 CVE-2009-4136 CVE-2012-0866 CVE-2012-0867 CVE-2012-0868 Upstream summary: The PostgreSQL Global Development Group reports: These vulnerabilities could allow users to define triggers that execute functions […]

Read more
FreeBSD 15 — py311-httpie — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — py311-httpie — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-httpie — exposure of sensitive information vulnerabilities Related CVEs: CVE-2022-0430 CVE-2022-24737 Upstream summary: Glyph reports: HTTPie is a command-line HTTP client. HTTPie has the practical concept of sessions, which help […]

Read more
FreeBSD 15 — rubygem-railties — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — rubygem-railties — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: rails — multiple vulnerabilities Related CVEs: CVE-2013-4491 CVE-2013-6414 CVE-2013-6415 CVE-2013-6416 CVE-2013-6417 Upstream summary: Rails weblog: Rails 3.2.16 and 4.0.2 have been released! These two releases contain important security fixes, so […]

Read more
FreeBSD 15 — py313-strawberry-graphql — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — py313-strawberry-graphql — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-strawberry-graphql — Multiple vulnerabilities Related CVEs: CVE-2026-35523 CVE-2026-35526 Upstream summary: The Strawberry GraphQL project reports: Strawberry up until version 0.312.3 is vulnerable to an authentication bypass on WebSocket subscription endpoints. […]

Read more
FreeBSD 15 — py312-dj52-strawberry-graphql — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — py312-dj52-strawberry-graphql — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-strawberry-graphql — Multiple vulnerabilities Related CVEs: CVE-2026-35523 CVE-2026-35526 Upstream summary: The Strawberry GraphQL project reports: Strawberry up until version 0.312.3 is vulnerable to an authentication bypass on WebSocket subscription endpoints. […]

Read more
FreeBSD 15 — exim-ldap — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — exim-ldap — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: exim — local privilege escalation Related CVEs: CVE-2004-0400 CVE-2005-0021 CVE-2005-0022 CVE-2011-0017 Upstream summary: exim.org reports: CVE-2011-0017 – check return value of setuid/setgid. This is a privilege escalation vulnerability whereby the […]

Read more
CHAT