Security Hardening

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: xfs — multiple vulnerabilities Related CVEs: CVE-2007-4568 Upstream summary: Matthieu Herrb reports: Problem Description: Several vulnerabilities have been identified in xfs, the X font server. The QueryXBitmaps and QueryXExtents protocol […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Template::Toolkit — Directory traversal on write Related CVEs: CVE-2019-19781 Upstream summary: Art Manion and Will Dormann report: By using an older and less-secure form of open(), it is possible for […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: gnutls — multiple certificate verification issues Related CVEs: CVE-2006-4790 CVE-2009-1415 CVE-2009-1416 CVE-2009-1417 CVE-2009-2730 CVE-2012-1569 CVE-2012-1573 CVE-2014-0092  +1 more Upstream summary: GnuTLS project reports: A vulnerability was discovered that affects the […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Ansible — Ansible user credentials disclosure in ansible-connection module Related CVEs: CVE-2021-3620 Upstream summary: Red Hat reports: A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: spamassassin — Malicious rule configuration (.cf) files can be configured to run system commands Related CVEs: CVE-2016-1238 CVE-2017-15705 CVE-2018-11780 CVE-2018-11781 CVE-2018-11805 CVE-2019-12420 CVE-2020-1930 CVE-2020-1931  +1 more Upstream summary: The Apache […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mksh — TTY attachment privilege escalation Related CVEs: CVE-2008-1845 Upstream summary: Secunia reports: The vulnerability is caused due to an error when attaching to a TTY via the -T command […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: aiohttp — open redirect vulnerability Related CVEs: CVE-2021-21330 Upstream summary: Sviatoslav Sydorenko reports: Open redirect vulnerability — a maliciously crafted link to an aiohttp-based web-server could redirect the browser to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: tor — security regression Related CVEs: CVE-2009-0414 CVE-2009-0936 CVE-2009-0937 CVE-2009-0938 CVE-2010-1676 CVE-2011-0427 CVE-2014-5117 CVE-2017-0377 Upstream summary: The Tor Project reports: Tor 0.3.0.9 fixes a path selection bug that would allow […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: isc-dhcp-client — Stack overflow vulnerability Related CVEs: CVE-2009-0692 Upstream summary: US-CERT reports: The ISC DHCP dhclient application contains a stack buffer overflow, which may allow a remote, unauthenticated attacker to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ipython — Execution with Unnecessary Privileges Related CVEs: CVE-2022-21699 Upstream summary: IPython project reports: IPython 8.0.1, 7.31.1 and 5.11 are security releases that change some default values in order to […]