Security Hardening

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: rubygem-ruby_parser — insecure tmp file usage Related CVEs: CVE-2013-0162 Upstream summary: Michael Scherer reports: This is a relatively minor tmp file usage issue. Table of contents Symptom & Impact Environment […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: qpress — directory traversal Related CVEs: CVE-2022-45866 Upstream summary: [email protected] reports: qpress before PierreLvx/qpress 20220819 and before version 11.3, as used in Percona XtraBackup and other products, allows directory traversal […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ghostscript — exploitable buffer overflow in (T)BCP in PS interpreter Related CVEs: CVE-2023-28879 Upstream summary: [email protected] reports: In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Emacs — Arbitrary code execution vulnerability Related CVEs: CVE-2022-45939 CVE-2022-48337 CVE-2022-48338 CVE-2022-48339 CVE-2024-53920 CVE-2025-1244 Upstream summary: Problem Description A shell injection vulnerability exists in GNU Emacs due to improper handling […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: OpenLDAP — incorrect handling of NULL in certificate Common Name Related CVEs: CVE-2009-3767 Upstream summary: Jan Lieskovsky reports: OpenLDAP does not properly handle a '\0' character in a domain name […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-kerberos — DoS and MitM vulnerabilities Related CVEs: CVE-2015-3206 Upstream summary: macosforgebot reports: The checkPassword function in python-kerberos does not authenticate the KDC it attempts to communicate with, which allows […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Tomcat — Request Smuggling Related CVEs: CVE-2020-11996 CVE-2020-13934 CVE-2020-13935 CVE-2020-9484 CVE-2022-34305 CVE-2022-42252 Upstream summary: Apache Tomcat reports: If Tomcat was configured to ignore invalid HTTP headers via setting rejectIllegalHeader to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: polkit — Local Privilege Escalation Related CVEs: CVE-2015-3218 CVE-2015-3255 CVE-2015-3256 CVE-2015-4625 CVE-2021-3560 CVE-2021-4034 Upstream summary: Qualys reports: We discovered a Local Privilege Escalation (from any user to root) in polkit's […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-impacket — multiple path traversal vulnerabilities Related CVEs: CVE-2021-31800 Upstream summary: asolino reports: Multiple path traversal vulnerabilities exist in smbserver.py in Impacket through 0.9.22. An attacker that connects to a […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: shutter — arbitrary code execution Related CVEs: CVE-2015-0854 Upstream summary: Luke Farone reports: In the "Shutter" screenshot application, I discovered that using the "Show in folder" menu option while viewing […]