FreeBSD

FreeBSD 12 — enscript-a — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — enscript-a — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: enscript — arbitrary code execution vulnerability Related CVEs: CVE-2004-1184 CVE-2004-1185 CVE-2004-1186 CVE-2008-3863 CVE-2008-4306 Upstream summary: Ulf Harnhammar of Secunia Research reports: Stack-based buffer overflow in the read_special_escape function in src/psgen.c […]

Read more
FreeBSD 12 — shtool — security advisory — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — shtool — security advisory — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: shtool — insecure temporary file creation Upstream summary: A Zataz advisory reports that shtool contains a security flaw which could allow a malicious local user to create or overwrite the […]

Read more
FreeBSD 12 — homebox — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — homebox — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: homebox — multiple vulnerabilities Related CVEs: CVE-2026-26272 CVE-2026-27600 CVE-2026-27981 Upstream summary: Homebox reports: [HIGH] CVE-2026-27981: Auth Rate Limit Bypass via IP Spoofing [MODERATE] CVE-2026-27600: Blind SSRF [MODERATE] CVE-2026-26272: Stored XSS […]

Read more
FreeBSD 13 — lightdm-kde-greeter — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — lightdm-kde-greeter — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: lightdm-kde-greeter — Privilege Escalation from lightdm Service User to root Related CVEs: CVE-2025-62876 Upstream summary: SUSE Security Team reports: A Execution with Unnecessary Privileges vulnerability in lightdm-kde-greeter allows escalation from […]

Read more
FreeBSD 12 — phpmyfaq-php — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — phpmyfaq-php — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: phpmyfaq — multiple vulnerabilities Related CVEs: CVE-2023-5863 CVE-2023-5865 Upstream summary: phpMyFAQ team reports: Stored cross-site scripting (XSS) and unauthenticated config backup download vulnerability Table of contents Symptom & Impact Environment […]

Read more
FreeBSD 12 — yahoo-ui — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — yahoo-ui — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: YUI JavaScript library — JavaScript injection exploits in Flash components Related CVEs: CVE-2010-4207 CVE-2010-4208 CVE-2010-4209 CVE-2012-5881 CVE-2012-5882 Upstream summary: The YUI team reports: Vulnerability in YUI 2.4.0 through YUI 2.9.0 […]

Read more
FreeBSD 15 — py38-tflite — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — py38-tflite — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-tflite — buffer overflow vulnerability Related CVEs: CVE-2021-37689 CVE-2022-41894 Upstream summary: Thibaut Goetghebuer-Planchon reports: The reference kernel of the CONV_3D_TRANSPOSE TensorFlow Lite operator wrongly increments the data_ptr when adding the […]

Read more
FreeBSD 13 — py310-dj52-social-auth-app-django — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — py310-dj52-social-auth-app-django — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-social-auth-app-django — Unsafe account association Related CVEs: CVE-2025-61783 Upstream summary: Michal Čihař reports: Upon authentication, the user could be associated by e-mail even if the associate_by_email pipeline was not included. […]

Read more
FreeBSD 12 — libmysofa — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — libmysofa — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libmysoft — Heap-based buffer overflow vulnerability Related CVEs: CVE-2021-3756 Upstream summary: Zhengjie Du reports: There are some heap-buffer-overflows in mysofa2json of libmysofa. They are in function loudness, mysofa_check and readOHDRHeaderMessageDataLayout. […]

Read more
CHAT