Security Hardening

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: slurm-wlm — Several security issues Related CVEs: CVE-2018-7033 CVE-2023-49933 CVE-2023-49934 CVE-2023-49935 CVE-2023-49936 CVE-2023-49937 CVE-2023-49938 Upstream summary: Slurm releases notes: Description CVE-2023-49933 through CVE-2023-49938 Slurm versions 23.11.1, 23.02.7, 22.05.11 are now […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-flask-caching — remote code execution or local privilege escalation vulnerabilities Related CVEs: CVE-2021-33026 Upstream summary: subnix reports: The Flask-Caching extension through 2.0.2 for Flask relies on Pickle for serialization, which […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mbed TLS (PolarSSL) — multiple vulnerabilities Related CVEs: CVE-2013-4623 CVE-2013-5915 CVE-2015-1182 CVE-2015-5291 CVE-2018-0487 CVE-2018-0488 Upstream summary: Simon Butcher reports: Defend against Bellcore glitch attacks by verifying the results of RSA […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Ruby Activemodel Gem — Circumvention of attr_protected Related CVEs: CVE-2013-0276 Upstream summary: Aaron Patterson reports: The attr_protected method allows developers to specify a blacklist of model attributes which users should […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Vim/NeoVim — Security vulnerability Related CVEs: CVE-2004-1138 CVE-2005-2368 CVE-2007-2953 CVE-2008-2712 CVE-2008-3076 CVE-2016-1248 Upstream summary: Security releases for Vim/NeoVim: Sandbox escape allows for arbitrary code execution. Table of contents Symptom & […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: serf — SSL Certificate Null Byte Poisoning Related CVEs: CVE-2014-3504 Upstream summary: serf Development list reports: Serf provides APIs to retrieve information about a certificate. These APIs return the information […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-psutil — double free vulnerability Related CVEs: CVE-2019-18874 Upstream summary: ret2libc reports: psutil (aka python-psutil) through 5.6.5 can have a double free. This occurs because of refcount mishandling within a […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: PHP Composer — Multiple vulnerabilities Related CVEs: CVE-2023-43655 CVE-2024-24821 CVE-2024-35241 CVE-2024-35242 CVE-2026-40176 CVE-2026-40261 Upstream summary: Composer project reports: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261) Fixed command […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mail/trojita — may leak mail contents (not user credentials) over unencrypted connection Related CVEs: CVE-2014-2567 Upstream summary: Jan Kundrát reports: An SSL stripping vulnerability was discovered in Trojitá, a fast […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-nicotine-plus — Denial of service vulnerability Related CVEs: CVE-2021-45848 Upstream summary: ztauras reports: Denial of service (DoS) vulnerability in Nicotine+ starting with version 3.0.3 and prior to version 3.2.1 allows […]