Security Hardening

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: pycrypto — PRNG reseed race condition Related CVEs: CVE-2013-1445 Upstream summary: Dwayne Litzenberger reports: In PyCrypto before v2.6.1, the Crypto.Random pseudo-random number generator (PRNG) exhibits a race condition that may […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: RubyGems — multiple vulnerabilities Related CVEs: CVE-2017-0903 CVE-2019-8320 CVE-2019-8321 CVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325 Upstream summary: RubyGems Security Advisories: CVE-2019-8320: Delete directory using symlink when decompressing tar CVE-2019-8321: Escape sequence injection […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-flask-caching — remote code execution or local privilege escalation vulnerabilities Related CVEs: CVE-2021-33026 Upstream summary: subnix reports: The Flask-Caching extension through 2.0.2 for Flask relies on Pickle for serialization, which […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Sane — Multiple Vulnerabilities Related CVEs: CVE-2020-12861 CVE-2020-12862 CVE-2020-12863 CVE-2020-12864 CVE-2020-12865 CVE-2020-12866 CVE-2020-12867 Upstream summary: The Sane Project reports: epson2: fixes CVE-2020-12867 (GHSL-2020-075) and several memory management issues found while […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Ruby Activemodel Gem — Circumvention of attr_protected Related CVEs: CVE-2013-0276 Upstream summary: Aaron Patterson reports: The attr_protected method allows developers to specify a blacklist of model attributes which users should […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: End of Life Ports Related CVEs: CVE-2005-1992 CVE-2005-2337 CVE-2006-3694 CVE-2006-5467 CVE-2006-6303 CVE-2008-2726 Upstream summary: These packages have reached End of Life status and/or have been removed from the Ports Tree. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: foreman-proxy SSL verification issue Related CVEs: CVE-2014-3691 Upstream summary: Foreman Security reports: The smart proxy when running in an SSL-secured mode permits incoming API calls to any endpoint without requiring, […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-psutil — double free vulnerability Related CVEs: CVE-2019-18874 Upstream summary: ret2libc reports: psutil (aka python-psutil) through 5.6.5 can have a double free. This occurs because of refcount mishandling within a […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: PHP Composer — Multiple vulnerabilities Related CVEs: CVE-2023-43655 CVE-2024-24821 CVE-2024-35241 CVE-2024-35242 CVE-2026-40176 CVE-2026-40261 Upstream summary: Composer project reports: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261) Fixed command […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: LibYAML input sanitization errors Related CVEs: CVE-2014-2525 Upstream summary: oCERT reports: The LibYAML project is an open source YAML 1.1 parser and emitter written in C. The library is affected […]