Security Hardening

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: plone — multiple vulnerabilities Related CVEs: CVE-2006-1711 CVE-2006-4249 CVE-2007-0240 CVE-2007-5741 CVE-2011-0720 Upstream summary: Plone.org reports: Versions Affected: All current Plone versions. Versions Not Affected: None. Nature of vulnerability: Allows creation […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: dcraw — integer overflow condition Related CVEs: CVE-2015-3885 Upstream summary: ocert reports: The dcraw tool, as well as several other projects re-using its code, suffers from an integer overflow condition […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: gstreamer1-rtsp-server — Potential Denial-of-Service (DoS) with specially crafted client requests Related CVEs: CVE-2024-44331 Upstream summary: Qingpeng Du reports: A series of specially crafted client requests during streaming setup (post client […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: osc — shell command injection via crafted _service files Related CVEs: CVE-2015-0778 Upstream summary: SUSE Security Update reports: osc before 0.151.0 allows remote attackers to execute arbitrary commands via shell […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: plasma[56]-plasma-workspace — Unauthorized users can access session manager Related CVEs: CVE-2024-36041 Upstream summary: David Edmundson reports: KSmserver, KDE's XSMP manager, incorrectly allows connections via ICE based purely on the host, […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-wagtail — stored XSS vulnerability Related CVEs: CVE-2020-11001 CVE-2020-11037 CVE-2020-15118 CVE-2023-28836 CVE-2023-28837 Upstream summary: A stored cross-site scripting (XSS) vulnerability exists on ModelAdmin views within the Wagtail admin interface. A […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: eog — out-of-bounds write Related CVEs: CVE-2016-6855 Upstream summary: Felix Riemann reports: CVE-2016-6855 out-of-bounds write in eog 3.10.2. Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: www/varnish-libvmod-digest — base64 decoding vulnerability Related CVEs: CVE-2023-41104 Upstream summary: varnish developers report: Common usage of vmod-digest is for basic HTTP authentication, in which case it may be possible for […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: iperf3 — buffer overflow Related CVEs: CVE-2016-4303 Upstream summary: ESnet reports: A malicious process can connect to an iperf3 server and, by sending a malformed message on the control channel, […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: lightdm-kde-greeter — Privilege Escalation from lightdm Service User to root Related CVEs: CVE-2025-62876 Upstream summary: SUSE Security Team reports: A Execution with Unnecessary Privileges vulnerability in lightdm-kde-greeter allows escalation from […]