Security Hardening

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: viewvc — Arbitrary server filesystem content Related CVEs: CVE-2025-54141 Upstream summary: cmpilato reports: The ViewVC standalone web server (standalone.py) is a script provided in the ViewVC distribution for the purposes […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: rubygem-doorkeeper — token revocation vulnerability Related CVEs: CVE-2018-1000211 Upstream summary: NVD reports: Doorkeeper version 4.2.0 and later contains a Incorrect Access Control vulnerability in Token revocation API's authorized method that […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: SOGo — SAML user authentication impersonation Related CVEs: CVE-2021-33054 Upstream summary: sogo.nu reports: SOGo was not validating the signatures of any SAML assertions it received. This means any actor with […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Slixmpp — Lack of SSL Certificate hostname validation in XMLStream Related CVEs: CVE-2022-45197 Upstream summary: NIST reports: Slixmpp before 1.8.3 lacks SSL Certificate hostname validation in XMLStream, allowing an attacker […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-setuptools — Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Related CVEs: CVE-2025-47273 Upstream summary: https://github.com/pypa/setuptools/security/advisories/GHSA-5rjg-fvgr-3xxf reports: setuptools is a package that allows users to download, build, […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mod_access_referer — null pointer dereference vulnerability Related CVEs: CVE-2003-1054 Upstream summary: A malformed Referer header field causes the Apache ap_parse_uri_components function to discard it with the result that a pointer […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: postgresql-contrib — insecure temporary file creation Related CVEs: CVE-2004-0977 Upstream summary: The make_oidjoins_check script in the PostgreSQL RDBMS has insecure handling of temporary files, which could lead to an attacker […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: apache — heap overflow in mod_proxy Related CVEs: CVE-2004-0492 Upstream summary: A buffer overflow exists in mod_proxy which may allow an attacker to launch local DoS attacks and possibly execute […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: oftpd denial-of-service vulnerability (PORT command) Related CVEs: CVE-2004-0376 Upstream summary: Philippe Oechslin reported a denial-of-service vulnerability in oftpd. The oftpd server can be crashed by sending a PORT command containing […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: openssl — potential SSL 2.0 rollback Related CVEs: CVE-2005-2969 Upstream summary: Vulnerability: Such applications are affected if they use the option SSL_OP_MSIE_SSLV2_RSA_PADDING. This option is implied by use of SSL_OP_ALL, […]