Security Hardening

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-psutil — double free vulnerability Related CVEs: CVE-2019-18874 Upstream summary: ret2libc reports: psutil (aka python-psutil) through 5.6.5 can have a double free. This occurs because of refcount mishandling within a […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: PHP Composer — Multiple vulnerabilities Related CVEs: CVE-2023-43655 CVE-2024-24821 CVE-2024-35241 CVE-2024-35242 CVE-2026-40176 CVE-2026-40261 Upstream summary: Composer project reports: Fixed command injection via malicious Perforce reference (GHSA-gqw4-4w2p-838q / CVE-2026-40261) Fixed command […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: LibYAML input sanitization errors Related CVEs: CVE-2014-2525 Upstream summary: oCERT reports: The LibYAML project is an open source YAML 1.1 parser and emitter written in C. The library is affected […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-nicotine-plus — Denial of service vulnerability Related CVEs: CVE-2021-45848 Upstream summary: ztauras reports: Denial of service (DoS) vulnerability in Nicotine+ starting with version 3.0.3 and prior to version 3.2.1 allows […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: zenphoto — multiple vulnerabilities Related CVEs: CVE-2007-6666 CVE-2015-5591 CVE-2015-5592 CVE-2015-5593 CVE-2015-5594 CVE-2015-5595 Upstream summary: zenphoto reports: Fixes several SQL Injection, XSS and path traversal security issues Table of contents Symptom […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Pillow — Multiple vulnerabilities Related CVEs: CVE-2019-16865 CVE-2019-19911 CVE-2020-5310 CVE-2020-5311 CVE-2020-5312 CVE-2020-5313 Upstream summary: Pillow developers report: This release addresses several security problems, as well as addressing CVE-2019-19911. CVE-2019-19911 is […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py39-sentry-sdk — sensitive cookies leak Related CVEs: CVE-2023-28117 Upstream summary: Tom Wolters reports: When using the Django integration of the Sentry SDK in a specific configuration it is possible to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-twisted — multiple vulnerabilities Related CVEs: CVE-2019-12387 CVE-2019-9512 CVE-2019-9514 CVE-2019-9515 CVE-2020-10108 CVE-2020-10109 Upstream summary: Twisted developers reports: All HTTP clients in twisted.web.client now raise a ValueError when called with a […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: MariaDB — Multiple vulnerabilities Related CVEs: CVE-2026-44168 CVE-2026-44169 CVE-2026-44170 CVE-2026-44171 CVE-2026-44172 CVE-2026-44173 Upstream summary: The MariaDB project reports: See linked CVE's for details. Table of contents Symptom & Impact Environment […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: gstreamer1-plugins-ogg — Out-of-bounds write in Ogg demuxer Related CVEs: CVE-2024-47615 Upstream summary: The GStreamer Security Center reports: An out-of-bounds write in the Ogg demuxer that can cause crashes for certain […]