FreeBSD

FreeBSD 15 — gzip — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — gzip — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: zgrep — arbitrary file write Related CVEs: CVE-2005-0988 CVE-2005-1228 CVE-2006-4334 CVE-2006-4335 CVE-2006-4336 CVE-2006-4337 CVE-2006-4338 CVE-2022-1271 Upstream summary: RedHat reports: An arbitrary file write vulnerability was found in GNU gzip's zgrep […]

Read more
FreeBSD 12 — kdebase — multiple vulnerabilities (14 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — kdebase — multiple vulnerabilities (14 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: KDM — local privilege escalation vulnerability Related CVEs: CVE-2004-0717 CVE-2004-0718 CVE-2004-0721 CVE-2004-1156 CVE-2004-1157 CVE-2004-1158 CVE-2004-1160 CVE-2004-1171  +6 more Upstream summary: KDE Security Advisory reports: KDM contains a race condition that […]

Read more
FreeBSD 14 — mariadb-connector-c — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — mariadb-connector-c — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: MariaDB — Vulnerability in C API Related CVEs: CVE-2020-2574 Upstream summary: MariaDB reports: Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. […]

Read more
FreeBSD 12 — enscript-letterdj — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — enscript-letterdj — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: enscript — arbitrary code execution vulnerability Related CVEs: CVE-2004-1184 CVE-2004-1185 CVE-2004-1186 CVE-2008-3863 CVE-2008-4306 Upstream summary: Ulf Harnhammar of Secunia Research reports: Stack-based buffer overflow in the read_special_escape function in src/psgen.c […]

Read more
FreeBSD 15 — cabextract — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — cabextract — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: cabextract — directory traversal with UTF-8 symbols in filenames Related CVEs: CVE-2004-0916 CVE-2014-9556 CVE-2015-2060 Upstream summary: Cabextract ChangeLog reports: It was possible for cabinet files to extract to absolute file […]

Read more
FreeBSD 12 — ansible — multiple vulnerabilities (13 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — ansible — multiple vulnerabilities (13 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ansible – Vault password leak from temporary file Related CVEs: CVE-2013-2233 CVE-2013-4259 CVE-2013-4260 CVE-2014-4678 CVE-2014-4966 CVE-2015-3908 CVE-2015-6240 CVE-2016-3096  +5 more Upstream summary: Borja Tarraso reports: A flaw was found in […]

Read more
FreeBSD 13 — py310-dj51-social-auth-app-django — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — py310-dj51-social-auth-app-django — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-social-auth-app-django — Unsafe account association Related CVEs: CVE-2025-61783 Upstream summary: Michal Čihař reports: Upon authentication, the user could be associated by e-mail even if the associate_by_email pipeline was not included. […]

Read more
FreeBSD 13 — py39-cairosvg — security advisory — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — py39-cairosvg — security advisory — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: CairoSVG — Regular Expression Denial of Service vulnerability Upstream summary: CairoSVG security advisories: When processing SVG files, the python package CairoSVG uses two regular expressions which are vulnerable to Regular […]

Read more
FreeBSD 13 — rubygem-cgi — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — rubygem-cgi — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: rubygem-cgi — HTTP response splitting vulnerability Related CVEs: CVE-2021-33621 CVE-2021-41816 CVE-2021-41819 Upstream summary: Hiroshi Tokumaru reports: If an application that generates HTTP responses using the cgi gem with untrusted user […]

Read more
CHAT