Security Hardening

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mod_fcgid — possible heap buffer overwrite Related CVEs: CVE-2013-4365 Upstream summary: Apache Project reports: Fix possible heap buffer overwrite. Table of contents Symptom & Impact Environment & Reproduction Root Cause […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: MariaDB — Multiple vulnerabilities Related CVEs: CVE-2025-21490 CVE-2026-44168 CVE-2026-44169 CVE-2026-44170 CVE-2026-44171 CVE-2026-44172 CVE-2026-44173 Upstream summary: The MariaDB project reports: See linked CVE's for details. Table of contents Symptom & Impact […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: rubygem-dragonfly — arbitrary code execution Related CVEs: CVE-2013-1756 Upstream summary: Mark Evans reports: Unfortnately there is a security vulnerability in Dragonfly when used with Rails which would potentially allow an […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-dparse — REDoS vulnerability Related CVEs: CVE-2022-39280 Upstream summary: yeisonvargasf reports: dparse is a parser for Python dependency files. dparse in versions before 0.5.2 contain a regular expression that is […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Ruby — Denial of Service and Unsafe Object Creation Vulnerability in JSON Related CVEs: CVE-2013-0269 Upstream summary: Aaron Patterson reports: When parsing certain JSON documents, the JSON gem can be […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: vim — arbitrary command execution Related CVEs: CVE-2004-1138 CVE-2005-2368 CVE-2007-2953 CVE-2008-2712 CVE-2008-3076 CVE-2016-1248 Upstream summary: Mitre reports: vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: LZO — potential buffer overrun when processing malicious input data Related CVEs: CVE-2014-4608 Upstream summary: Markus Franz Xaver Johannes Oberhumer reports, in the package's NEWS file: Fixed a potential integer […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-kerberos — DoS and MitM vulnerabilities Related CVEs: CVE-2015-3206 Upstream summary: macosforgebot reports: The checkPassword function in python-kerberos does not authenticate the KDC it attempts to communicate with, which allows […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: bzip2 — multiple issues Related CVEs: CVE-2005-0953 CVE-2005-1260 CVE-2008-1372 CVE-2010-0405 CVE-2016-3189 CVE-2019-12900 Upstream summary: bzip2 developers reports: CVE-2016-3189 – Fix use-after-free in bzip2recover (Jakub Martisko) CVE-2019-12900 – Detect out-of-range nSelectors […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: icecast — Cross-Site Scripting Vulnerability Related CVEs: CVE-2001-0784 CVE-2001-1083 CVE-2001-1229 CVE-2001-1230 CVE-2002-0177 CVE-2004-0781 Upstream summary: Caused by improper filtering of HTML code in the status display, it is possible for […]