Security Hardening

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: WebCalendar — multiple vulnerabilities Related CVEs: CVE-2012-0846 CVE-2012-1495 CVE-2012-1496 Upstream summary: Hanno Boeck reports: Fixes [are now available] for various security vulnerabilities including LFI (local file inclusion), XSS (cross site […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: OpenSSL — OOB memory access vulnerability Related CVEs: CVE-2023-5678 CVE-2023-6129 CVE-2023-6237 CVE-2024-0727 CVE-2024-2511 CVE-2024-4603 CVE-2024-4741 CVE-2024-5535  +2 more Upstream summary: The OpenSSL project reports: Low-level invalid GF(2^m) parameters lead to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-ormar — vulnerabilities Related CVEs: CVE-2026-26198 CVE-2026-27953 Upstream summary: https://github.com/ormar-orm/ormar/security/advisories reports: SQL Injection in aggregate functions min() and max() Pydantic Validation Bypass via __pk_only__ and __excluded__ Kwargs Injection in Model […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: End of Life Ports Upstream summary: These packages have reached End of Life status and/or have been removed from the Ports Tree. They may contain undocumented security issues. Please take […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: kdelibs — integer overflow in khtml Related CVEs: CVE-2005-0396 CVE-2006-4811 Upstream summary: Red Hat reports: An integer overflow flaw was found in the way Qt handled pixmap images. The KDE […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: rpm4 — Multiple Vulnerabilities Related CVEs: CVE-2021-3521 CVE-2021-35938 CVE-2021-35939 Upstream summary: rpm project reports: Fix intermediate symlinks not verified (CVE-2021-35939). Fix subkey binding signatures not checked on PGP public keys […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: kibana4 — XSS vulnerability Related CVEs: CVE-2015-8131 Upstream summary: Elastic reports: Fixes XSS vulnerability (CVE pending) – Thanks to Vladimir Ivanov for responsibly reporting. Table of contents Symptom & Impact […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: xpm — image decoding vulnerabilities Related CVEs: CVE-2004-0687 CVE-2004-0688 Upstream summary: Chris Evans discovered several vulnerabilities in the libXpm image decoder: A stack-based buffer overflow in xpmParseColors An integer overflow […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: evince and atril — command injection vulnerability in CBT handler Related CVEs: CVE-2006-5864 CVE-2017-1000083 Upstream summary: GNOME reports: The comic book backend in evince 3.24.0 (and earlier) is vulnerable to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Emacs — Arbitrary code execution vulnerability Related CVEs: CVE-2022-45939 CVE-2022-48337 CVE-2022-48338 CVE-2022-48339 CVE-2024-30202 CVE-2024-30203 CVE-2024-30204 CVE-2024-30205  +2 more Upstream summary: Problem Description A shell injection vulnerability exists in GNU Emacs […]