FreeBSD

FreeBSD 15 — mod_access_referer — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — mod_access_referer — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mod_access_referer — null pointer dereference vulnerability Related CVEs: CVE-2003-1054 Upstream summary: A malformed Referer header field causes the Apache ap_parse_uri_components function to discard it with the result that a pointer […]

Read more
FreeBSD 15 — horde — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — horde — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: horde — XSS vulnerabilities Related CVEs: CVE-2005-0961 CVE-2005-3759 CVE-2006-1491 CVE-2006-2195 CVE-2006-3548 CVE-2015-8807 CVE-2016-2228 Upstream summary: The Horde Team reports: Fixed XSS vulnerabilities in menu bar and form renderer. Table of […]

Read more
FreeBSD 15 — viewcvs — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — viewcvs — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: viewcvs — information leakage Related CVEs: CVE-2004-0915 Upstream summary: The hide_cvsroot and forbidden configuration options are not properly honored by viewcvs when exporting to a tar file which can lead […]

Read more
FreeBSD 15 — py39-social-auth-app-django — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — py39-social-auth-app-django — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-social-auth-app-django — Unsafe account association Related CVEs: CVE-2024-32879 CVE-2025-61783 Upstream summary: Michal Čihař reports: Upon authentication, the user could be associated by e-mail even if the associate_by_email pipeline was not […]

Read more
FreeBSD 15 — serendipity — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — serendipity — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: serendipity — XSS Related CVEs: CVE-2008-1385 CVE-2008-1386 CVE-2019-11870 Upstream summary: MITRE: Serendipity before 2.1.5 has XSS via EXIF data that is mishandled in the templates/2k11/admin/media_choose.tpl Editor Preview feature or the […]

Read more
FreeBSD 14 — bacula — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — bacula — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: bacula — Console ACL Bypass Related CVEs: CVE-2012-4430 Upstream summary: A security issue has been reported in Bacula, which can be exploited by malicious users to bypass certain security restrictions. […]

Read more
FreeBSD 13 — openttd — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — openttd — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: OpenTTD — Denial of service using forcefully crashed aircrafts Related CVEs: CVE-2010-2534 CVE-2010-4168 CVE-2011-3341 CVE-2011-3342 CVE-2011-3343 CVE-2012-0049 CVE-2012-3436 CVE-2013-6411 Upstream summary: The OpenTTD Team reports: The problem is caused by […]

Read more
FreeBSD 13 — elasticsearch — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — elasticsearch — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: textproc/elasticsearch6 — field disclosure flaw Related CVEs: CVE-2014-3120 CVE-2014-6439 CVE-2015-1427 CVE-2015-3337 CVE-2015-4165 CVE-2015-5377 CVE-2015-5531 CVE-2020-7019 Upstream summary: Elastic reports: A field disclosure flaw was found in Elasticsearch when running a […]

Read more
FreeBSD 15 — gdk-pixbuf — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — gdk-pixbuf — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: gdk-pixbuf2 — a heap buffer overflow Related CVEs: CVE-2004-0782 CVE-2004-0783 CVE-2004-0788 CVE-2015-4491 CVE-2015-7673 CVE-2015-7674 CVE-2025-7345 Upstream summary: [email protected] reports: A flaw exists in gdk-pixbuf within the gdk_pixbuf__jpeg_image_load_increment function (io-jpeg.c) and […]

Read more
FreeBSD 15 — xmltooling — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — xmltooling — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: xmltooling — remote resource access Related CVEs: CVE-2015-2684 CVE-2018-0486 CVE-2018-0489 Upstream summary: Shibboleth consortium reports: An updated version of the XMLTooling library that is part of the OpenSAML and Shibboleth […]

Read more
CHAT