Security Hardening

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: bogofilter — heap corruption by invalid base64 input Related CVEs: CVE-2004-1007 CVE-2005-4591 CVE-2005-4592 CVE-2010-2494 CVE-2012-5468 Upstream summary: David Relson reports: Fix a heap corruption in base64 decoder on invalid input. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Configobj — Regular Expression Denial of Service attack Related CVEs: CVE-2023-26112 Upstream summary: [email protected] reports: All versions of the package configobj are vulnerable to Regular Expression Denial of Service (ReDoS) […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: glibc — gethostbyname buffer overflow Related CVEs: CVE-2015-0235 Upstream summary: Robert Krátký reports: GHOST is a 'buffer overflow' bug affecting the gethostbyname() and gethostbyname2() function calls in the glibc library. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-social-auth-app-django — Improper Handling of Case Sensitivity Related CVEs: CVE-2024-32879 Upstream summary: GitHub Advisory Database: Python Social Auth is a social authentication/registration mechanism. Prior to version 5.4.1, due to default […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: electron{22,24,25} — Heap buffer overflow in vp8 encoding in libvpx Related CVEs: CVE-2014-1578 CVE-2015-4485 CVE-2015-4486 CVE-2015-4506 CVE-2023-5217 Upstream summary: Electron developers report: This update fixes the following vulnerability: Security: backported […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: p5-XSLoader — local arbitrary code execution Related CVEs: CVE-2016-6185 Upstream summary: Jakub Wilk reports: XSLoader tries to load code from a subdirectory in the cwd when called inside a string […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-pdfminer.six — Arbitrary Code Execution in pdfminer.six via Crafted PDF Input Related CVEs: CVE-2025-64512 Upstream summary: Pieter Marsman reports: pdfminer.six will execute arbitrary code from a malicious pickle file if […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php — multiple vulnerabilities Related CVEs: CVE-2016-3074 Upstream summary: The PHP Group reports: BCMath: Fixed bug #72093 (bcpowmod accepts negative scale and corrupts _one_ definition). Exif: Fixed bug #72094 (Out […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-social-auth-app-django — Unsafe account association Related CVEs: CVE-2025-61783 Upstream summary: Michal Čihař reports: Upon authentication, the user could be associated by e-mail even if the associate_by_email pipeline was not included. […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: palemoon — multiple vulnerabilities Related CVEs: CVE-2017-7832 CVE-2017-7835 CVE-2017-7840 CVE-2018-5102 CVE-2018-5122 Upstream summary: Pale Moon reports: CVE-2018-5102: Use-after-free in HTML media elements CVE-2018-5122: Potential integer overflow in DoCrypt Table of […]