Security Hardening

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Apache Commons FileUpload — denial of service (DoS) vulnerability Related CVEs: CVE-2016-3092 Upstream summary: Mark Thomas reports: CVE-2016-3092 is a denial of service vulnerability that has been corrected in the […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-pdfminer.six — Arbitrary Code Execution in pdfminer.six via Crafted PDF Input Related CVEs: CVE-2025-64512 Upstream summary: Pieter Marsman reports: pdfminer.six will execute arbitrary code from a malicious pickle file if […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: pidgin — MSN overflow parsing SLP messages Related CVEs: CVE-2009-1373 CVE-2009-1374 CVE-2009-1375 CVE-2009-1376 CVE-2009-2694 Upstream summary: Secunia reports: A vulnerability has been reported in Pidgin, which can be exploited by […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: xdelta3 — buffer overflow vulnerability Related CVEs: CVE-2014-9765 Upstream summary: Stepan Golosunov reports: Buffer overflow was found and fixed in xdelta3 binary diff tool that allows arbitrary code execution from […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: p5-Crypt-CBC — Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Related CVEs: CVE-2025-2814 Upstream summary: Lib-Crypt-CBC project reports: Crypt::CBC versions between 1.21 and 3.05 for Perl may use the rand() […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php — multiple vulnerabilities Related CVEs: CVE-2015-6834 CVE-2015-6835 CVE-2015-6836 CVE-2015-6837 CVE-2015-6838 Upstream summary: PHP reports: Core: Fixed bug #70172 (Use After Free Vulnerability in unserialize()). Fixed bug #70219 (Use after […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: pygments — shell injection vulnerability Related CVEs: CVE-2015-8557 Upstream summary: NVD reports: The FontManager._get_nix_font_path function in formatters/img.py in Pygments 1.2.2 through 2.0.2 allows remote attackers to execute arbitrary commands via […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: HAproxy — serious vulnerability affecting the HPACK decoder used for HTTP/2 Related CVEs: CVE-2012-2391 CVE-2015-3281 CVE-2016-5360 CVE-2020-11100 Upstream summary: The HAproxy Project reports: The main driver for this release is […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: osip — Improper Restriction of Operations within the Bounds of a Memory Buffer Related CVEs: CVE-2017-7853 Upstream summary: osip developers reports: In libosip2 in GNU oSIP 4.1.0 and 5.0.0, a […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: devel/ocaml-opam — CWE-24 Path Traversal: '../filedir' Related CVEs: CVE-2026-41082 Upstream summary: https://github.com/ocaml/opam/releases/tag/2.5.1 reports: In OCaml opam before 2.5.1, a .install field containing a destination filepath can use ../ to reach […]