Security Hardening

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: HAproxy — serious vulnerability affecting the HPACK decoder used for HTTP/2 Related CVEs: CVE-2012-2391 CVE-2015-3281 CVE-2016-5360 CVE-2020-11100 Upstream summary: The HAproxy Project reports: The main driver for this release is […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: End of Life Ports Upstream summary: These packages have reached End of Life status and/or have been removed from the Ports Tree. They may contain undocumented security issues. Please take […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: security/openvpn-auth-ldap — Fix buffer overflow in challenge/response Related CVEs: CVE-2024-28820 Upstream summary: Graham Northup reports: A buffer overflow in extract_openvpn_cr allows attackers with a valid LDAP username and who can […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-ormar — vulnerabilities Related CVEs: CVE-2026-26198 CVE-2026-27953 Upstream summary: https://github.com/ormar-orm/ormar/security/advisories reports: SQL Injection in aggregate functions min() and max() Pydantic Validation Bypass via __pk_only__ and __excluded__ Kwargs Injection in Model […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: wget — multiple vulnerabilities Related CVEs: CVE-2004-1487 CVE-2004-1488 Upstream summary: Jan Minar reports that there exists multiple vulnerabilities in wget: Wget erroneously thinks that the current directory is a fair […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: postorius — XSS Related CVEs: CVE-2026-44742 Upstream summary: NIST reports: Postorius through 1.3.13 does not escape HTML in the message subject when rendering it in the Held messages pop-up, as […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-ormar — vulnerabilities Related CVEs: CVE-2026-26198 CVE-2026-27953 Upstream summary: https://github.com/ormar-orm/ormar/security/advisories reports: SQL Injection in aggregate functions min() and max() Pydantic Validation Bypass via __pk_only__ and __excluded__ Kwargs Injection in Model […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: aacplusenc — denial of service Related CVEs: CVE-2017-14181 Upstream summary: Gentoo developers report: DeleteBitBuffer in libbitbuf/bitbuffer.c in mp4tools aacplusenc 0.17.5 allows remote attackers to cause a denial of service (invalid […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libtasn1 — Stack-based buffer overflow Related CVEs: CVE-2012-1569 CVE-2015-2806 CVE-2016-4008 CVE-2025-13151 Upstream summary: oss-security@ list reports: Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: End of Life Ports Upstream summary: These packages have reached End of Life status and/or have been removed from the Ports Tree. They may contain undocumented security issues. Please take […]