Security Hardening

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: RabbitMQ-C — auth credentials visible in commandline tool options Related CVEs: CVE-2019-18609 CVE-2023-35789 Upstream summary: hadmut reports: This C library includes 2 command-line tools that can take credentials as command-line […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: QtNetwork — potential buffer overflow Related CVEs: CVE-2023-51714 Upstream summary: Andy Shaw reports: A potential integer overflow has been discovered in Qt's HTTP2 implementation. If the HTTP2 implementation receives more […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: lftp — multiple HTTP client download filename vulnerability Related CVEs: CVE-2003-0963 CVE-2010-2251 Upstream summary: The get1 command, as used by lftpget, in LFTP before 4.0.6 does not properly validate a […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: p5-XSLoader — local arbitrary code execution Related CVEs: CVE-2016-6185 Upstream summary: Jakub Wilk reports: XSLoader tries to load code from a subdirectory in the cwd when called inside a string […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: SquirrelMail — post-authentication access privileges Related CVEs: CVE-2004-1036 CVE-2005-0075 CVE-2005-0103 CVE-2005-0104 CVE-2005-1769 CVE-2005-2095 CVE-2006-0188 CVE-2006-0195  +6 more Upstream summary: Florian Grunow reports: An attacker able to exploit this vulnerability can […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: kde-runtime — kdesu: displayed command truncated by unicode string terminator Related CVEs: CVE-2013-7252 CVE-2014-8600 CVE-2016-7787 Upstream summary: Albert Aastals Cid reports: A maliciously crafted command line for kdesu can result […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-pdfminer.six — Arbitrary Code Execution in pdfminer.six via Crafted PDF Input Related CVEs: CVE-2025-64512 Upstream summary: Pieter Marsman reports: pdfminer.six will execute arbitrary code from a malicious pickle file if […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Prosody XMPP server advisory 2026-04-29 Related CVEs: CVE-2016-0756 CVE-2016-1231 CVE-2016-1232 CVE-2021-32917 CVE-2021-32918 CVE-2021-32919 CVE-2021-32920 CVE-2021-32921  +6 more Upstream summary: The Prosody team reports: Traffic patterns were discovered which can cause […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: expat — denial of service vulnerability on malformed input Related CVEs: CVE-2016-0718 Upstream summary: Gustavo Grieco reports: The Expat XML parser mishandles certain kinds of malformed input documents, resulting in […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: pysaml2 — multiple vulnerabilities Related CVEs: CVE-2021-21238 CVE-2021-21239 Upstream summary: pysaml2 Releases: Fix processing of invalid SAML XML documents – CVE-2021-21238 Fix unspecified xmlsec1 key-type preference – CVE-2021-21239 Table of […]