Security Hardening

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: security/openvpn-auth-ldap — Fix buffer overflow in challenge/response Related CVEs: CVE-2024-28820 Upstream summary: Graham Northup reports: A buffer overflow in extract_openvpn_cr allows attackers with a valid LDAP username and who can […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-ormar — vulnerabilities Related CVEs: CVE-2026-26198 CVE-2026-27953 Upstream summary: https://github.com/ormar-orm/ormar/security/advisories reports: SQL Injection in aggregate functions min() and max() Pydantic Validation Bypass via __pk_only__ and __excluded__ Kwargs Injection in Model […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: wget — multiple vulnerabilities Related CVEs: CVE-2004-1487 CVE-2004-1488 Upstream summary: Jan Minar reports that there exists multiple vulnerabilities in wget: Wget erroneously thinks that the current directory is a fair […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: postorius — XSS Related CVEs: CVE-2026-44742 Upstream summary: NIST reports: Postorius through 1.3.13 does not escape HTML in the message subject when rendering it in the Held messages pop-up, as […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-ormar — vulnerabilities Related CVEs: CVE-2026-26198 CVE-2026-27953 Upstream summary: https://github.com/ormar-orm/ormar/security/advisories reports: SQL Injection in aggregate functions min() and max() Pydantic Validation Bypass via __pk_only__ and __excluded__ Kwargs Injection in Model […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: aacplusenc — denial of service Related CVEs: CVE-2017-14181 Upstream summary: Gentoo developers report: DeleteBitBuffer in libbitbuf/bitbuffer.c in mp4tools aacplusenc 0.17.5 allows remote attackers to cause a denial of service (invalid […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libtasn1 — Stack-based buffer overflow Related CVEs: CVE-2012-1569 CVE-2015-2806 CVE-2016-4008 CVE-2025-13151 Upstream summary: oss-security@ list reports: Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: drm graphics drivers — potential information disclusure via local access Related CVEs: CVE-2019-0154 CVE-2019-11112 CVE-2019-14615 Upstream summary: Intel reports: .A potential security vulnerability in Intel(R) Processor Graphics may allow information […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: comms/hylafax — Malformed fax sender remote code execution in JPEG support Related CVEs: CVE-2004-1182 CVE-2018-17141 Upstream summary: A malicious sender that sets both JPEG and MH,MR,MMR or JBIG in the […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Perl — heap buffer overflow when transliterating non-ASCII bytes Related CVEs: CVE-2015-8607 CVE-2016-1238 CVE-2016-6185 CVE-2024-56406 Upstream summary: 9b29abf9-4ab0-4765-b253-1875cd9b441e reports: A heap buffer overflow vulnerability was discovered in Perl. When there […]