FreeBSD

FreeBSD 13 — squirrelmail — multiple vulnerabilities (14 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — squirrelmail — multiple vulnerabilities (14 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: SquirrelMail — post-authentication access privileges Related CVEs: CVE-2004-1036 CVE-2005-0075 CVE-2005-0103 CVE-2005-0104 CVE-2005-1769 CVE-2005-2095 CVE-2006-0188 CVE-2006-0195  +6 more Upstream summary: Florian Grunow reports: An attacker able to exploit this vulnerability can […]

Read more
FreeBSD 13 — monotone — security advisory — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — monotone — security advisory — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: monotone — remote denial of service in default setup Upstream summary: The monotone developers report: Running "mtn ''" or "mtn ls ''" doesn't cause an internal error anymore. In monotone […]

Read more
FreeBSD 15 — websvn — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — websvn — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: websvn — reflected cross-site scripting Related CVEs: CVE-2008-5918 CVE-2008-5919 CVE-2009-0240 CVE-2013-6892 CVE-2016-2511 Upstream summary: Sebastien Delafond reports: Jakub Palaczynski discovered that websvn, a web viewer for Subversion repositories, does not […]

Read more
FreeBSD 14 — apache-struts — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — apache-struts — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Apache Commons FileUpload — denial of service (DoS) vulnerability Related CVEs: CVE-2016-3092 Upstream summary: Mark Thomas reports: CVE-2016-3092 is a denial of service vulnerability that has been corrected in the […]

Read more
FreeBSD 12 — freexl — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — freexl — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Multiple exploitable heap-based buffer overflow vulnerabilities exists in FreeXL 1.0.3 Related CVEs: CVE-2015-2776 CVE-2017-2923 CVE-2017-2924 Upstream summary: Cisco TALOS reports: An exploitable heap based buffer overflow vulnerability exists in the […]

Read more
FreeBSD 13 — postgresql91-server — multiple vulnerabilities (14 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — postgresql91-server — multiple vulnerabilities (14 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: PostgreSQL — Denial-of-Service and Code Injection Vulnerabilities Related CVEs: CVE-2014-8161 CVE-2015-0241 CVE-2015-0242 CVE-2015-0243 CVE-2015-0244 CVE-2015-3165 CVE-2015-3166 CVE-2015-3167  +6 more Upstream summary: PostgreSQL project reports: Security Fixes nested CASE expressions + […]

Read more
FreeBSD 15 — py38-pysaml — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — py38-pysaml — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: pysaml2 — multiple vulnerabilities Related CVEs: CVE-2021-21238 CVE-2021-21239 Upstream summary: pysaml2 Releases: Fix processing of invalid SAML XML documents – CVE-2021-21238 Fix unspecified xmlsec1 key-type preference – CVE-2021-21239 Table of […]

Read more
FreeBSD 13 — zabbix-frontend — security advisory — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — zabbix-frontend — security advisory — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: zabbix-frontend — multiple XSS vulnerabilities Upstream summary: Martina Matari reports: These URLs (hostgroups.php, usergrps.php) are vulnerable to persistent XSS attacks due to improper sanitation of gname variable when creating user […]

Read more
FreeBSD 12 — py312-social-auth-app-django — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — py312-social-auth-app-django — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-social-auth-app-django — Unsafe account association Related CVEs: CVE-2025-61783 Upstream summary: Michal Čihař reports: Upon authentication, the user could be associated by e-mail even if the associate_by_email pipeline was not included. […]

Read more
FreeBSD 14 — php56-xml — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — php56-xml — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php — multiple vulnerabilities Related CVEs: CVE-2016-3074 Upstream summary: The PHP Group reports: BCMath: Fixed bug #72093 (bcpowmod accepts negative scale and corrupts _one_ definition). Exif: Fixed bug #72094 (Out […]

Read more
CHAT