Security Hardening

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mod_jk — information disclosure Related CVEs: CVE-2014-8111 Upstream summary: NIST reports: Apache Tomcat Connectors (mod_jk) before 1.2.41 ignores JkUnmount rules for subtrees of previous JkMount rules, which allows remote attackers […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: net/krill — DoS vulnerability Related CVEs: CVE-2023-0158 Upstream summary: MITRE reports: NLnet Labs Krill supports direct access to the RRDP repository content through its built-in web server at the "/rrdp" […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: plone — multiple vulnerabilities Related CVEs: CVE-2006-1711 CVE-2006-4249 CVE-2007-0240 CVE-2007-5741 CVE-2011-0720 Upstream summary: Plone.org reports: Versions Affected: All current Plone versions. Versions Not Affected: None. Nature of vulnerability: Allows creation […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Apache 1.3 — mod_proxy reverse proxy exposure Related CVEs: CVE-2004-0940 CVE-2005-2088 CVE-2005-3352 CVE-2006-3747 CVE-2011-3368 Upstream summary: Apache HTTP server project reports: An exposure was found when using mod_proxy in reverse […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: bogofilter — heap corruption by invalid base64 input Related CVEs: CVE-2004-1007 CVE-2005-4591 CVE-2005-4592 CVE-2010-2494 CVE-2012-5468 Upstream summary: David Relson reports: Fix a heap corruption in base64 decoder on invalid input. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Configobj — Regular Expression Denial of Service attack Related CVEs: CVE-2023-26112 Upstream summary: [email protected] reports: All versions of the package configobj are vulnerable to Regular Expression Denial of Service (ReDoS) […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: glibc — gethostbyname buffer overflow Related CVEs: CVE-2015-0235 Upstream summary: Robert Krátký reports: GHOST is a 'buffer overflow' bug affecting the gethostbyname() and gethostbyname2() function calls in the glibc library. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-social-auth-app-django — Improper Handling of Case Sensitivity Related CVEs: CVE-2024-32879 Upstream summary: GitHub Advisory Database: Python Social Auth is a social authentication/registration mechanism. Prior to version 5.4.1, due to default […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: electron{22,24,25} — Heap buffer overflow in vp8 encoding in libvpx Related CVEs: CVE-2014-1578 CVE-2015-4485 CVE-2015-4486 CVE-2015-4506 CVE-2023-5217 Upstream summary: Electron developers report: This update fixes the following vulnerability: Security: backported […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: p5-XSLoader — local arbitrary code execution Related CVEs: CVE-2016-6185 Upstream summary: Jakub Wilk reports: XSLoader tries to load code from a subdirectory in the cwd when called inside a string […]