FreeBSD

FreeBSD 13 — tor-devel — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — tor-devel — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: tor — security regression Related CVEs: CVE-2009-0414 CVE-2009-0936 CVE-2009-0937 CVE-2009-0938 CVE-2010-1676 CVE-2011-0427 CVE-2014-5117 CVE-2017-0377 Upstream summary: The Tor Project reports: Tor 0.3.0.9 fixes a path selection bug that would allow […]

Read more
FreeBSD 13 — postgresql12-server — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — postgresql12-server — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: PostgreSQL — SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID Related CVEs: CVE-2020-1720 CVE-2021-23214 CVE-2021-23222 CVE-2021-3677 CVE-2022-1552 CVE-2024-10976 CVE-2024-10978 CVE-2024-7348 Upstream summary: PostgreSQL project reports: Incorrect privilege assignment […]

Read more
FreeBSD 15 — apache_fp — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — apache_fp — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: apache — Prevent chunk-size integer overflow on platforms where sizeof(int) < sizeof(long) Related CVEs: CVE-2005-2088 CVE-2005-3352 CVE-2006-3747 Upstream summary: Apache ChangeLog reports: Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c […]

Read more
FreeBSD 13 — named — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — named — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: FreeBSD — Predictable query ids in named(8) Related CVEs: CVE-2007-0493 CVE-2007-0494 CVE-2007-2926 Upstream summary: Problem Description: When named(8) is operating as a recursive DNS server or sending NOTIFY requests to […]

Read more
FreeBSD 14 — tauthon — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — tauthon — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: tauthon — Regular Expression Denial of Service Related CVEs: CVE-2020-8492 Upstream summary: The :class:`~urllib.request.AbstractBasicAuthHandler` class of the :mod:`urllib.request` module uses an inefficient regular expression which can be exploited by an […]

Read more
FreeBSD 12 — py310-WsgiDAV — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — py310-WsgiDAV — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-WsgiDAV — XSS vulnerability Related CVEs: CVE-2022-41905 Upstream summary: Implementations using this library with directory browsing enabled may be susceptible to Cross Site Scripting (XSS) attacks. Table of contents Symptom […]

Read more
FreeBSD 12 — mod_pubcookie — security advisory — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — mod_pubcookie — security advisory — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mod_pubcookie — cross site scripting vulnerability Upstream summary: Nathan Dors of the Pubcookie Project reports: Non-persistent XSS vulnerabilities were found in the Pubcookie Apache module (mod_pubcookie) and ISAPI filter. These […]

Read more
FreeBSD 15 — sudo-rs — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — sudo-rs — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: sudo-rs — Authenticating user not recorded properly in timestamp Related CVEs: CVE-2025-64170 CVE-2025-64517 Upstream summary: Trifecta Tech Foundation reports: With Defaults targetpw (or Defaults rootpw) enabled, the password of the […]

Read more
FreeBSD 14 — postgresql95-client — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — postgresql95-client — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: PostgreSQL vulnerabilities Related CVEs: CVE-2016-5423 CVE-2016-5424 Upstream summary: The PostgreSQL project reports: Security Fixes nested CASE expressions + database and role names with embedded special characters CVE-2017-7484: selectivity estimators bypass […]

Read more
CHAT