Security Hardening

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libcdaudio — remote buffer overflow and code execution Related CVEs: CVE-2005-0706 CVE-2008-5030 Upstream summary: securityfocus reports: The 'libcdaudio' library is prone to a remote heap code in the context of […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libaudiofile — heap-based overflow in Microsoft ADPCM compression module Related CVEs: CVE-2014-0159 Upstream summary: Debian reports: Heap-based buffer overflow in msadpcm.c in libaudiofile in audiofile 0.2.6 allows context-dependent attackers to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ChaSen — buffer overflow Related CVEs: CVE-2011-4000 Upstream summary: JVN iPedia reports: ChaSen provided by Nara Institute of Science and Technology is a software for morphologically analyzing Japanese. ChaSen contains […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: GNU binutils — multiple vulnerabilities Related CVEs: CVE-2014-8501 CVE-2014-8502 CVE-2014-8503 Upstream summary: US-CERT/NIST reports: The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: GNU binutils — multiple vulnerabilities Related CVEs: CVE-2014-8501 CVE-2014-8502 CVE-2014-8503 Upstream summary: US-CERT/NIST reports: The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-pymatgen — regular expression denial of service Related CVEs: CVE-2022-42964 Upstream summary: An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the pymatgen PyPI package, when an […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: bash — remote code execution Related CVEs: CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 Upstream summary: Note that this is different than the public "Shellshock" issue. Specially crafted environment variables could […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: lcms2 — Integer overflow Related CVEs: CVE-2013-4160 CVE-2026-41254 Upstream summary: https://github.com/mm2/Little-CMS/commit/da6110b1d14abc394633a388209abd5ebedd7ab0 reports: Little CMS (lcms2) through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: oniguruma — multiple vulnerabilities Related CVEs: CVE-2017-9224 CVE-2017-9226 CVE-2017-9227 CVE-2017-9228 Upstream summary: the PHP project reports: A stack out-of-bounds read occurs in match_at() during regular expression searching. A logical error […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: lighttpd – use-after-free vulnerabilities Related CVEs: CVE-2005-0453 CVE-2007-1869 CVE-2007-1870 CVE-2007-3947 CVE-2007-3948 CVE-2007-3949 CVE-2007-3950 CVE-2007-4727  +11 more Upstream summary: Lighttpd Project reports: Security fixes for Lighttpd: security: process headers after combining […]