FreeBSD 15

FreeBSD 15 — zgv — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — zgv — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: zgv, xzgv — heap overflow vulnerability Related CVEs: CVE-2004-0994 CVE-2006-1060 Upstream summary: Gentoo reports: Andrea Barisani of Gentoo Linux discovered xzgv and zgv allocate insufficient memory when rendering images with […]

Read more
FreeBSD 15 — py34-cryptography — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — py34-cryptography — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-cryptography — tag forgery vulnerability Related CVEs: CVE-2016-9243 CVE-2018-10903 Upstream summary: The Python Cryptographic Authority (PyCA) project reports: finalize_with_tag() allowed tag truncation by default which can allow tag forgery in […]

Read more
FreeBSD 15 — dovecot-pigeonhole — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — dovecot-pigeonhole — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: dovecot-pigeonhole — Sieve excessive resource usage Related CVEs: CVE-2019-11500 CVE-2020-28200 Upstream summary: Dovecot team reports reports: Sieve interpreter is not protected against abusive scripts that claim excessive resource usage. Fixed […]

Read more
FreeBSD 15 — stunnel — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — stunnel — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: stunnel — Remote Code Execution Related CVEs: CVE-2011-2940 CVE-2013-1762 Upstream summary: Michal Trojnara reports: 64-bit versions of stunnel with the following conditions: * NTLM authentication enabled * CONNECT protocol negotiation […]

Read more
FreeBSD 15 — ossec-hids-client — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — ossec-hids-client — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: security/ossec-hids-* — root escalation via syscheck feature Related CVEs: CVE-2014-5284 CVE-2015-3222 Upstream summary: OSSEC reports: The CVE-2015-3222 vulnerability, which allows for root escalation via sys check has been fixed in […]

Read more
FreeBSD 15 — groovy — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — groovy — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: groovy — remote execution of untrusted code/DoS vulnerability Related CVEs: CVE-2015-3253 CVE-2016-6814 Upstream summary: The Apache Groovy project reports: When an application with Groovy on classpath uses standard Java serialization […]

Read more
FreeBSD 15 — pear-Horde_Image — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — pear-Horde_Image — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: pear-Horde_Image — DoS vulnerability Related CVEs: CVE-2017-9773 CVE-2017-9774 Upstream summary: Michael J Rubinsky reports: The second vulnerability (CVE-2017-9773) is a DOS vulnerability. This only affects Horde installations that do not […]

Read more
FreeBSD 15 — ark — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — ark — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ark — extraction outside of extraction directory Related CVEs: CVE-2020-16116 CVE-2020-24654 Upstream summary: Albert Astals Cid reports: Overview A maliciously crafted TAR archive containing symlink entries would install files anywhere […]

Read more
FreeBSD 15 — py36-urllib — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — py36-urllib — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: urllib3 — multiple vulnerabilities Related CVEs: CVE-2018-20060 CVE-2019-11236 CVE-2019-11324 Upstream summary: NIST reports: (by search in the range 2018/01/01 – 2019/11/10): urllib3 before version 1.23 does not remove the Authorization […]

Read more
CHAT