Security Hardening

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: surf — private information disclosure Related CVEs: CVE-2012-0842 Upstream summary: surf does not protect its cookie jar against access read access from other local users Table of contents Symptom & […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: tt-rss — multiple vulnerabilities Related CVEs: CVE-2016-10033 CVE-2016-10045 CVE-2016-6175 CVE-2017-5223 CVE-2020-25787 CVE-2020-25788 CVE-2020-25789 Upstream summary: tt-rss project reports: The cached_url feature mishandles JavaScript inside an SVG document. imgproxy in plugins/af_proxy_http/init.php […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-Flask-Cors — directory traversal vulnerability Related CVEs: CVE-2020-25032 Upstream summary: praetorian-colby-morgan reports: An issue was discovered in Flask-CORS (aka CORS Middleware for Flask) before 3.0.9. It allows ../ directory traversal […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: GnuPG and Libgcrypt — side-channel attack vulnerability Related CVEs: CVE-2013-4242 Upstream summary: Werner Koch of the GNU project reports: Noteworthy changes in version 1.5.3: Mitigate the Yarom/Falkner flush+reload side-channel attack […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-django-photologue — XSS vulnerability Related CVEs: CVE-2022-4526 Upstream summary: domiee13 reports: A vulnerability was found in django-photologue up to 3.15.1 and classified as problematic. Affected by this issue is some […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: nss-pam-ldapd — file descriptor buffer overflow Related CVEs: CVE-2013-0288 Upstream summary: Garth Mollett reports: A file descriptor overflow issue in the use of FD_SET() in nss-pam-ldapd can lead to a […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: cloud-init — sensitive data exposure in cloud-init logs Related CVEs: CVE-2023-1786 Upstream summary: [email protected] reports: Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-beaker — arbitrary code execution vulnerability Related CVEs: CVE-2013-7489 Upstream summary: matheusbrat reports: The Beaker library through 1.12.1 for Python is affected by deserialization of untrusted data, which could lead […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: twiki — remote Perl code execution Related CVEs: CVE-2004-1037 CVE-2006-3336 CVE-2008-3195 CVE-2008-5304 CVE-2008-5305 CVE-2014-7236 Upstream summary: TWiki developers report: The debugenableplugins request parameter allows arbitrary Perl code execution. Using an […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: dbus-glib — privledge escalation Related CVEs: CVE-2013-0292 Upstream summary: Sebastian Krahmer reports: A privilege escalation flaw was found in the way dbus-glib, the D-Bus add-on library to integrate the standard […]