FreeBSD

FreeBSD 14 — php55-soap — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — php55-soap — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php — multiple vulnerabilities Related CVEs: CVE-2015-6831 CVE-2015-6832 CVE-2015-6833 CVE-2015-6834 CVE-2015-6835 CVE-2015-6836 CVE-2015-6837 CVE-2015-6838 Upstream summary: PHP reports: Core: Fixed bug #70172 (Use After Free Vulnerability in unserialize()). Fixed bug […]

Read more
FreeBSD 13 — ja-xlockmore — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — ja-xlockmore — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: xlockmore — local exploit Related CVEs: CVE-2012-4524 Upstream summary: Ignatios Souvatzis of NetBSD reports: Due to an error in the dclock screensaver in xlockmore, users who explicitly use this screensaver […]

Read more
FreeBSD 14 — varnish — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — varnish — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Vinyl/Varnish — HTTP/2 parsing deficiency Related CVEs: CVE-2013-4484 CVE-2017-8807 CVE-2022-23959 CVE-2023-43622 CVE-2023-44487 CVE-2025-30346 CVE-2025-8671 Upstream summary: Vinyl Development Team reports: A deficiency in HTTP/2 request parsing can be exploited to […]

Read more
FreeBSD 15 — py311-borgbackup — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — py311-borgbackup — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Borg (Backup) — flaw in cryptographic authentication scheme in Borg allowed an attacker to fake archives and indirectly cause backup data loss. Related CVEs: CVE-2023-36811 Upstream summary: Thomas Waldmann reports: […]

Read more
FreeBSD 14 — libgcrypt — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — libgcrypt — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libgcrypt — ECDSA timing attack Related CVEs: CVE-2013-4242 CVE-2015-7511 CVE-2016-6313 CVE-2017-0379 CVE-2017-7526 CVE-2018-0495 CVE-2019-13627 Upstream summary: GnuPG reports: Mitigate an ECDSA timing attack. Table of contents Symptom & Impact Environment […]

Read more
FreeBSD 15 — py37-treq — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — py37-treq — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-treq — sensitive information leak vulnerability Related CVEs: CVE-2022-23607 Upstream summary: Treq's request methods (`treq.get`, `treq.post`, `HTTPClient.request`, `HTTPClient.get`, etc.) accept cookies as a dictionary. Such cookies are not bound to […]

Read more
FreeBSD 14 — php5-phar — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — php5-phar — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php — multiple vulnerabilities Related CVEs: CVE-2015-5589 CVE-2015-5590 CVE-2015-6831 CVE-2015-6832 CVE-2015-6833 CVE-2015-7803 CVE-2015-7804 Upstream summary: PHP reports: Phar: Fixed bug #69720 (Null pointer dereference in phar_get_fp_offset()). Fixed bug #70433 (Uninitialized […]

Read more
FreeBSD 15 — py37-Flask-Cors — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — py37-Flask-Cors — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-Flask-Cors — directory traversal vulnerability Related CVEs: CVE-2020-25032 Upstream summary: praetorian-colby-morgan reports: An issue was discovered in Flask-CORS (aka CORS Middleware for Flask) before 3.0.9. It allows ../ directory traversal […]

Read more
FreeBSD 14 — win32-codecs — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — win32-codecs — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: win32-codecs — multiple vulnerabilities Related CVEs: CVE-2006-4381 CVE-2006-4382 CVE-2006-4384 CVE-2006-4385 CVE-2006-4386 CVE-2006-4388 CVE-2006-4389 Upstream summary: The Apple Security Team reports that there are multiple vulnerabilities within QuickTime (one of the […]

Read more
FreeBSD 15 — py311-django-photologue — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — py311-django-photologue — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-django-photologue — XSS vulnerability Related CVEs: CVE-2022-4526 Upstream summary: domiee13 reports: A vulnerability was found in django-photologue up to 3.15.1 and classified as problematic. Affected by this issue is some […]

Read more
CHAT