FreeBSD

FreeBSD 14 — gstreamer1-rtsp-server — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — gstreamer1-rtsp-server — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: gstreamer1-rtsp-server — Potential Denial-of-Service (DoS) with specially crafted client requests Related CVEs: CVE-2024-44331 Upstream summary: Qingpeng Du reports: A series of specially crafted client requests during streaming setup (post client […]

Read more
FreeBSD 13 — lasso — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — lasso — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: lasso — signature checking failure Related CVEs: CVE-2021-28091 Upstream summary: entrouvert reports: When AuthnResponse messages are not signed (which is permitted by the specifiation), all assertion's signatures should be checked, […]

Read more
FreeBSD 13 — py36-aiohttp — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — py36-aiohttp — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: aiohttp — open redirect vulnerability Related CVEs: CVE-2021-21330 Upstream summary: Sviatoslav Sydorenko reports: Open redirect vulnerability — a maliciously crafted link to an aiohttp-based web-server could redirect the browser to […]

Read more
FreeBSD 13 — libvpx — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — libvpx — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: electron{22,24,25} — Heap buffer overflow in vp8 encoding in libvpx Related CVEs: CVE-2014-1578 CVE-2015-4485 CVE-2015-4486 CVE-2015-4506 CVE-2023-5217 Upstream summary: Electron developers report: This update fixes the following vulnerability: Security: backported […]

Read more
FreeBSD 14 — xmltooling — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — xmltooling — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: xmltooling — remote resource access Related CVEs: CVE-2015-2684 CVE-2018-0486 CVE-2018-0489 Upstream summary: Shibboleth consortium reports: An updated version of the XMLTooling library that is part of the OpenSAML and Shibboleth […]

Read more
FreeBSD 12 — graylog — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — graylog — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: graylog — remote code execution in log4j from user-controlled log input Related CVEs: CVE-2021-44228 CVE-2021-45046 Upstream summary: Apache Software Foundation reports: It was found that the fix to address CVE-2021-44228 […]

Read more
FreeBSD 15 — extman — security advisory — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — extman — security advisory — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: extman — password bypass vulnerability Upstream summary: Extmail team reports: Emergency update #4 fixes a serious security vulnerability. Successful exploit of this vulnerability would allow attacker to change user's password […]

Read more
FreeBSD 14 — plasma5-plasma-workspace — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — plasma5-plasma-workspace — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: plasma[56]-plasma-workspace — Unauthorized users can access session manager Related CVEs: CVE-2024-36041 Upstream summary: David Edmundson reports: KSmserver, KDE's XSMP manager, incorrectly allows connections via ICE based purely on the host, […]

Read more
FreeBSD 13 — python313t — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — python313t — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Python — The webbrowser.open() API allows leading dashes Related CVEs: CVE-2025-15366 CVE-2025-15367 CVE-2026-0865 CVE-2026-1299 CVE-2026-4519 Upstream summary: https://github.com/python/cpython/pull/143931 reports: The webbrowser.open() API would accept leading dashes in the URL which […]

Read more
FreeBSD 15 — upnp — multiple vulnerabilities (12 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — upnp — multiple vulnerabilities (12 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: upnp — stack overflow vulnerability Related CVEs: CVE-2012-5958 CVE-2012-5959 CVE-2012-5960 CVE-2012-5961 CVE-2012-5962 CVE-2012-5963 CVE-2012-5964 CVE-2012-5965  +4 more Upstream summary: Mitre reports: A stack overflow in pupnp 1.16.1 can cause the […]

Read more
CHAT