FreeBSD

FreeBSD 12 — py37-treq — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — py37-treq — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-treq — sensitive information leak vulnerability Related CVEs: CVE-2022-23607 Upstream summary: Treq's request methods (`treq.get`, `treq.post`, `HTTPClient.request`, `HTTPClient.get`, etc.) accept cookies as a dictionary. Such cookies are not bound to […]

Read more
FreeBSD 15 — kea-devel — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — kea-devel — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ISC KEA — Invalid characters cause assert Related CVEs: CVE-2025-11232 CVE-2025-40779 Upstream summary: Internet Systems Consortium, Inc. reports: To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" […]

Read more
FreeBSD 12 — sgeee — security advisory — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — sgeee — security advisory — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: sge — local root exploit in bundled rsh executable Upstream summary: Sun Microsystems reports: The SGE 6.0u7_1 release fixes a security bug which can allow malicious users to gain root […]

Read more
FreeBSD 12 — apache-xml-security-c — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — apache-xml-security-c — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: xml-security-c — crashes on malformed KeyInfo content Related CVEs: CVE-2013-2156 CVE-2013-2210 Upstream summary: The shibboleth project reports: SAML messages, assertions, and metadata all commonly make use of the XML Signature […]

Read more
FreeBSD 13 — traefik — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — traefik — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: traefik — Unauthorized exposure of the REST provider Related CVEs: CVE-2018-15598 CVE-2019-9512 CVE-2019-9514 CVE-2022-23469 CVE-2022-41721 CVE-2022-46153 CVE-2023-24534 CVE-2023-29013  +12 more Upstream summary: The traefik project releases a new version addressing […]

Read more
FreeBSD 14 — vim+ruby — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — vim+ruby — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: vim — vulnerabilities in modeline handling: glob, expand Related CVEs: CVE-2004-1138 CVE-2005-2368 Upstream summary: Georgi Guninski discovered a way to construct Vim modelines that execute arbitrary shell commands. The vulnerability […]

Read more
FreeBSD 15 — ru-bogofilter — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — ru-bogofilter — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: bogofilter — RFC 2047 decoder denial-of-service vulnerability Related CVEs: CVE-2004-1007 Upstream summary: The bogofilter team has been provided with a test case of a malformatted (non-conformant) RFC-2047 encoded word that […]

Read more
FreeBSD 15 — lynx — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — lynx — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: lynx — SSL certificate validation error Related CVEs: CVE-2005-3120 CVE-2014-3566 CVE-2016-9179 Upstream summary: Axel Beckert reports: […] I was able to capture the password given on the commandline in traffic […]

Read more
FreeBSD 15 — mupad — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — mupad — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: xpm — image decoding vulnerabilities Related CVEs: CVE-2004-0687 CVE-2004-0688 Upstream summary: Chris Evans discovered several vulnerabilities in the libXpm image decoder: A stack-based buffer overflow in xpmParseColors An integer overflow […]

Read more
FreeBSD 14 — py27-pycrypto — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — py27-pycrypto — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: pycrypto — PRNG reseed race condition Related CVEs: CVE-2013-1445 Upstream summary: Dwayne Litzenberger reports: In PyCrypto before v2.6.1, the Crypto.Random pseudo-random number generator (PRNG) exhibits a race condition that may […]

Read more
CHAT