Security Hardening

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: potrace — multiple memory failure Related CVEs: CVE-2016-8685 CVE-2016-8686 Upstream summary: potrace reports: CVE-2016-8685: invalid memory access in findnext CVE-2016-8686: memory allocation failure Table of contents Symptom & Impact Environment […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: vlc — Use after free vulnerability Related CVEs: CVE-2016-5108 CVE-2018-11529 Upstream summary: Mitre reports: VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ruby — XML round-trip vulnerability in REXML Related CVEs: CVE-2021-28965 Upstream summary: Juho Nurminen reports: When parsing and serializing a crafted XML document, REXML gem (including the one bundled with […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: chocolate-doom — Arbitrary code execution Related CVEs: CVE-2020-14983 Upstream summary: Michal Dardas from LogicalTrust reports: The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled num_players […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: kdelibs — local DCOP denial of service vulnerability Related CVEs: CVE-2004-1165 CVE-2005-0365 CVE-2005-0396 Upstream summary: A KDE Security Advisory reports: Sebastian Krahmer of the SUSE LINUX Security Team reported a […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: seatd-launch — remove files with escalated privileges with SUID Related CVEs: CVE-2021-41387 CVE-2022-25643 Upstream summary: Kenny Levinsen reports: seatd-launch could use a user-specified socket path instead of the internally generated […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: zgrep — arbitrary file write Related CVEs: CVE-2005-0988 CVE-2005-1228 CVE-2006-4334 CVE-2006-4335 CVE-2006-4336 CVE-2006-4337 CVE-2006-4338 CVE-2022-1271 Upstream summary: RedHat reports: An arbitrary file write vulnerability was found in GNU gzip's zgrep […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: pyblosxom — atom flavor multiple XML injection vulnerabilities Upstream summary: Security Focus reports: PyBlosxom is prone to multiple XML-injection vulnerabilities because the application fails to properly sanitize user-supplied input before […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: trafficserver — resource consumption Related CVEs: CVE-2012-0256 CVE-2014-3525 CVE-2020-9494 Upstream summary: Bryan Call reports: ATS is vulnerable to certain types of HTTP/2 HEADERS frames that can cause the server to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: unarj — long filename buffer overflow Related CVEs: CVE-2004-0947 CVE-2004-1027 Upstream summary: Ludwig Nussel has discovered a buffer overflow vulnerability in unarj's handling of long filenames which could potentially lead […]