Security Hardening

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: unzoo — Directory Traversal Vulnerability Upstream summary: Secunia reports: Doubles has discovered a vulnerability in Unzoo, which potentially can be exploited by malicious people to compromise a user's system. The […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-setuptools — Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Related CVEs: CVE-2025-47273 Upstream summary: https://github.com/pypa/setuptools/security/advisories/GHSA-5rjg-fvgr-3xxf reports: setuptools is a package that allows users to download, build, […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: MySQL — Multiple vulnerabilities Upstream summary: Oracle reports: 36 new security patches for Oracle MySQL. 11 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: pglogical — shell command injection in pglogical.create_subscription() Related CVEs: CVE-2021-3515 Upstream summary: 2ndQuadrant reports: Fix pg_dump/pg_restore execution (CVE-2021-3515) Correctly escape the connection string for both pg_dump and pg_restore so that […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ledger — multiple vulnerabilities Related CVEs: CVE-2017-2807 CVE-2017-2808 Upstream summary: Talos reports: An exploitable buffer overflow vulnerability exists in the tag parsing functionality of Ledger-CLI 3.1.1. A specially crafted journal […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mutt — Remote Buffer Overflow Vulnerability Upstream summary: SecurityFocus reports: Mutt is prone to a remote buffer-overflow vulnerability. This issue is due to the application's failure to properly bounds-check user-supplied […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: aiohttp — open redirect vulnerability Related CVEs: CVE-2021-21330 Upstream summary: Sviatoslav Sydorenko reports: Open redirect vulnerability — a maliciously crafted link to an aiohttp-based web-server could redirect the browser to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libpurple/pidgin — multiple vulnerabilities Related CVEs: CVE-2009-1373 CVE-2009-1374 CVE-2009-1375 CVE-2009-1376 CVE-2009-2694 CVE-2010-0277 CVE-2010-0420 CVE-2010-0423  +5 more Upstream summary: The pidgin development team reports: . Table of contents Symptom & Impact […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: sge — local root exploit in bundled rsh executable Upstream summary: Sun Microsystems reports: The SGE 6.0u7_1 release fixes a security bug which can allow malicious users to gain root […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ark — extraction outside of extraction directory Related CVEs: CVE-2020-16116 CVE-2020-24654 Upstream summary: Albert Astals Cid reports: Overview A maliciously crafted TAR archive containing symlink entries would install files anywhere […]