Security Hardening

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-treq — sensitive information leak vulnerability Related CVEs: CVE-2022-23607 Upstream summary: Treq's request methods (`treq.get`, `treq.post`, `HTTPClient.request`, `HTTPClient.get`, etc.) accept cookies as a dictionary. Such cookies are not bound to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: zabbix — shell command injection vulnerability Related CVEs: CVE-2013-6824 Upstream summary: Recurity Labs Team project reports: Zabbix agent is vulnerable to remote command execution from the Zabbix server in some […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php — multiple vulnerabilities Related CVEs: CVE-2015-5589 CVE-2015-5590 CVE-2015-6831 CVE-2015-6832 CVE-2015-6833 CVE-2015-7803 CVE-2015-7804 Upstream summary: PHP reports: Phar: Fixed bug #69720 (Null pointer dereference in phar_get_fp_offset()). Fixed bug #70433 (Uninitialized […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-Flask-Cors — directory traversal vulnerability Related CVEs: CVE-2020-25032 Upstream summary: praetorian-colby-morgan reports: An issue was discovered in Flask-CORS (aka CORS Middleware for Flask) before 3.0.9. It allows ../ directory traversal […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: OpenEXR — multiple remote code execution and denial of service vulnerabilities Related CVEs: CVE-2017-9110 CVE-2017-9111 CVE-2017-9112 CVE-2017-9113 CVE-2017-9114 CVE-2017-9115 CVE-2017-9116 Upstream summary: Brandon Perry reports: [There] is a zip file […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-dparse — REDoS vulnerability Related CVEs: CVE-2022-39280 Upstream summary: yeisonvargasf reports: dparse is a parser for Python dependency files. dparse in versions before 0.5.2 contain a regular expression that is […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: rssh – multiple vulnerabilities Related CVEs: CVE-2004-0609 CVE-2005-3345 CVE-2012-3478 CVE-2019-1000018 CVE-2019-3463 CVE-2019-3464 Upstream summary: NVD reports: rssh version 2.3.4 contains a CWE-77: Improper Neutralization of Special Elements used in a […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: kwebkitpart, kde-runtime — insufficient input validation Related CVEs: CVE-2014-8600 Upstream summary: Albert Aastals Cid reports: kwebkitpart and the bookmarks:// io slave were not sanitizing input correctly allowing to some javascript […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-beaker — arbitrary code execution vulnerability Related CVEs: CVE-2013-7489 Upstream summary: matheusbrat reports: The Beaker library through 1.12.1 for Python is affected by deserialization of untrusted data, which could lead […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mpg123 — buffer overflow vulnerability Related CVEs: CVE-2003-0577 CVE-2003-0865 CVE-2004-0805 CVE-2004-0982 CVE-2004-0991 CVE-2004-1284 Upstream summary: Yuri D'Elia has found a buffer overflow vulnerability in mpg123's parsing of frame headers in […]