Security Hardening

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: diffoscope — arbitrary file write Related CVEs: CVE-2017-0359 Upstream summary: Ximin Luo reports: [v67] introduced a security hole where diffoscope may write to arbitrary locations on disk depending on the […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: cups-base — HPGL buffer overflow vulnerability Related CVEs: CVE-2004-1267 Upstream summary: Ariel Berkman has discovered a buffer overflow vulnerability in CUPS's HPGL input driver. This vulnerability could be exploited to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-cryptography — tag forgery vulnerability Related CVEs: CVE-2018-10903 Upstream summary: The Python Cryptographic Authority (PyCA) project reports: finalize_with_tag() allowed tag truncation by default which can allow tag forgery in some […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: wordpress — multiple vulnerabilities Related CVEs: CVE-2007-4894 CVE-2007-5710 CVE-2008-4107 CVE-2008-5278 CVE-2014-9033 CVE-2014-9034 CVE-2014-9035 CVE-2014-9036  +3 more Upstream summary: MITRE reports: wp-login.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: p7zip-codec-rar — insufficient error handling Related CVEs: CVE-2018-5996 Upstream summary: MITRE reports: Insufficient exception handling in the method NCompress::NRar3::CDecoder::Code of 7-Zip before 18.00 and p7zip can lead to multiple memory […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: NSS — multiple vulnerabilities Related CVEs: CVE-2009-3555 CVE-2010-0173 CVE-2010-0174 CVE-2010-0175 CVE-2010-0176 CVE-2010-0177 CVE-2010-0178 CVE-2010-0179  +3 more Upstream summary: Mozilla Foundation reports: An out-of-bounds write during Base64 decoding operation in the […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: slixmpp — improper access control Related CVEs: CVE-2019-1000021 Upstream summary: NVD reports: slixmpp version before commit 7cd73b594e8122dddf847953fcfc85ab4d316416 contains an incorrect Access Control vulnerability in XEP-0223 plugin (Persistent Storage of Private […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: sendmail — race condition vulnerability Related CVEs: CVE-2006-0058 Upstream summary: Problem Description A race condition has been reported to exist in the handling by sendmail of asynchronous signals. Impact A […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Pillow — Multiple vulnerabilities Related CVEs: CVE-2016-0740 CVE-2016-0775 CVE-2016-9189 CVE-2016-9190 CVE-2019-16865 CVE-2019-19911 CVE-2020-5310 CVE-2020-5311  +2 more Upstream summary: Pillow developers report: This release addresses several security problems, as well as […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: websocket-extensions — ReDoS vulnerability Related CVEs: CVE-2020-7663 Upstream summary: Changelog: Remove a ReDoS vulnerability in the header parser (CVE-2020-7663) Table of contents Symptom & Impact Environment & Reproduction Root Cause […]