Security Hardening

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-pymatgen — regular expression denial of service Related CVEs: CVE-2022-42964 Upstream summary: An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the pymatgen PyPI package, when an […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: KeePassX — information disclosure Related CVEs: CVE-2015-8378 Upstream summary: Yves-Alexis Perez reports: Starting an export (using File / Export to / KeepassX XML file) and cancelling it leads to KeepassX […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-suds — vulnerable to symlink attacks Related CVEs: CVE-2013-2217 Upstream summary: SUSE reports: cache.py in Suds 0.4, when tempdir is set to None, allows local users to redirect SOAP queries […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Pillow — Multiple vulnerabilities Related CVEs: CVE-2019-16865 CVE-2019-19911 CVE-2020-5310 CVE-2020-5311 CVE-2020-5312 CVE-2020-5313 Upstream summary: Pillow developers report: This release addresses several security problems, as well as addressing CVE-2019-19911. CVE-2019-19911 is […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: sam2p — multiple issues Related CVEs: CVE-2017-14628 CVE-2017-14629 CVE-2017-14630 CVE-2017-14631 CVE-2017-14636 CVE-2017-14637 Upstream summary: sam2p developers report: In sam2p 0.49.3, a heap-based buffer overflow exists in the pcxLoadImage24 function of […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mod_jk — information disclosure Related CVEs: CVE-2014-8111 Upstream summary: NIST reports: Apache Tomcat Connectors (mod_jk) before 1.2.41 ignores JkUnmount rules for subtrees of previous JkMount rules, which allows remote attackers […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: re2c — uncontrolled recursion Related CVEs: CVE-2018-21232 Upstream summary: re2c reports: re2c before 2.0 has uncontrolled recursion that causes stack consumption in find_fixed_tags. Table of contents Symptom & Impact Environment […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: sympa — Inappropriate use of the cookie parameter can be a security threat. This parameter may also not provide sufficient security. Related CVEs: CVE-2005-0073 CVE-2012-2352 CVE-2015-1306 CVE-2020-29668 CVE-2020-9369 Upstream summary: […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Vaultwarden — Multiple vulnerabilities Related CVEs: CVE-2024-39924 CVE-2024-39925 CVE-2024-39926 CVE-2025-24364 CVE-2025-24365 Upstream summary: The Vaultwarden project reports: GHSA-937x-3j8m-7w7p Unconfirmed Owner Can Purge Entire Organization Vault. GHSA-569v-845w-g82p Cross-Org Group Binding Enables […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: dcraw — integer overflow condition Related CVEs: CVE-2015-3885 Upstream summary: ocert reports: The dcraw tool, as well as several other projects re-using its code, suffers from an integer overflow condition […]