Security Hardening

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-markdown2 — regular expression denial of service vulnerability Related CVEs: CVE-2020-11888 CVE-2021-26813 Upstream summary: Ben Caller reports: markdown2 >=1.0.1.18, fixed in 2.4.0, is affected by a regular expression denial of […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: enscript — arbitrary code execution vulnerability Related CVEs: CVE-2004-1184 CVE-2004-1185 CVE-2004-1186 CVE-2008-3863 CVE-2008-4306 Upstream summary: Ulf Harnhammar of Secunia Research reports: Stack-based buffer overflow in the read_special_escape function in src/psgen.c […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-cryptography — includes a vulnerable copy of OpenSSL Related CVEs: CVE-2023-0286 CVE-2023-23931 Upstream summary: pyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in cryptography […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Wagtail — XSS vulnerability Related CVEs: CVE-2020-11001 CVE-2020-11037 CVE-2020-15118 Upstream summary: GitHub Advisory Database: When a form page type is made available to Wagtail editors through the wagtail.contrib.forms app, and […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: node, iojs, and v8 — denial of service Related CVEs: CVE-2011-4815 CVE-2011-4838 CVE-2011-5036 CVE-2011-5037 CVE-2015-5380 Upstream summary: node reports: This release of Node.js fixes a bug that triggers an out-of-band […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: poweradmin — multiple XSS vulnerabilities Upstream summary: Multiple cross-site scripting (XSS) vulnerabilities Multiple scripts are vulnerable to XSS attacks. Table of contents Symptom & Impact Environment & Reproduction Root Cause […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libsrtp — DoS via crafted RTP header vulnerability Related CVEs: CVE-2015-6360 Upstream summary: libsrtp reports: Prevent potential DoS attack due to lack of bounds checking on RTP header CSRC count […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: net/eternalterminal — Multiple vulnerabilities Related CVEs: CVE-2022-48257 CVE-2022-48258 Upstream summary: Mitre reports: etserver and etclient have predictable logfile names in /tmp and they are world-readable logfiles Table of contents Symptom […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-cinder — unauthorized data access Related CVEs: CVE-2014-3641 CVE-2022-47951 Upstream summary: Utkarsh Gupta reports: An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: SQLite < 3.50.3 — CWE-190 Integer Overflow or Wraparound in FTS5 module Related CVEs: CVE-2015-3414 CVE-2015-3415 CVE-2015-3416 CVE-2016-6153 CVE-2017-10989 CVE-2018-8740 CVE-2019-5018 CVE-2020-11655  +12 more Upstream summary: https://github.com/google/security-research/security/advisories/GHSA-v2c8-vqqp-hv3g reports: An integer […]