Security Hardening

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: dia — XFig Import Plugin Buffer Overflow Related CVEs: CVE-2006-1550 Upstream summary: Secunia reports: Some vulnerabilities have been reported in Dia, which potentially can be exploited by malicious people to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Pillow — Multiple vulnerabilities Related CVEs: CVE-2016-0740 CVE-2016-0775 CVE-2016-9189 CVE-2016-9190 CVE-2019-16865 CVE-2019-19911 CVE-2020-5310 CVE-2020-5311  +2 more Upstream summary: Pillow developers report: This release addresses several security problems, as well as […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: coturn — information leakage Related CVEs: CVE-2020-4067 Upstream summary: Felix Dörre reports: The issue is that STUN/TURN response buffer is not initialized properly. (CWE 665) This is a leak of […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: tcl/tk — buffer overflow in ReadImage function Related CVEs: CVE-2007-5137 Upstream summary: A Buffer overflow in the ReadImage function in generic/tkImgGIF.c in Tcl/Tk, allows remote attackers to execute arbitrary code […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: opengrok — Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise OpenGrok. Related CVEs: CVE-2021-2322 Upstream summary: Bobby Rauch of Accenture reports: I ended up […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Unbound/NSD — Denial of service vulnerability Related CVEs: CVE-2009-1755 CVE-2012-2978 CVE-2012-2979 CVE-2016-6170 CVE-2016-6171 CVE-2016-6172 CVE-2016-6173 CVE-2019-13207  +1 more Upstream summary: NLNetLabs reports: Unbound and NSD when writing the PID file […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ha — Directory traversals Related CVEs: CVE-2015-1198 Upstream summary: Alexander Cherepanov reports: Version 0.999b and older of ha archiver is susceptible to directory traversal vulnerabilities via absolute and relative paths. […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: openexr, ilmbase — security fixes related to reading corrupted input files Related CVEs: CVE-2018-18443 CVE-2018-18444 CVE-2021-20296 CVE-2021-3474 CVE-2021-3475 CVE-2021-3476 CVE-2021-3477 CVE-2021-3478  +1 more Upstream summary: Cary Phillips reports: Patch release […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ghostscript — zseticcspace() function buffer overflow vulnerability Related CVEs: CVE-2008-0411 Upstream summary: Chris Evans from the Google Security Team reports: Severity: parsing of evil PostScript file will result in arbitrary […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: PyYAML — arbitrary code execution Related CVEs: CVE-2020-14343 Upstream summary: A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution […]