Security Hardening

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: clamav — multiple vulnerabilities Related CVEs: CVE-2019-12625 CVE-2019-12900 Upstream summary: Micah Snyder reports: An out of bounds write was possible within ClamAV&s NSIS bzip2 library when attempting decompression in cases […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: pyrad — multiple vulnerabilities Related CVEs: CVE-2013-0294 CVE-2013-0342 Upstream summary: Nathaniel McCallum reports: packet.py in pyrad before 2.1 uses weak random numbers to generate RADIUS authenticators and hash passwords, which […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: pysaml2 — multiple vulnerabilities Related CVEs: CVE-2021-21238 CVE-2021-21239 Upstream summary: pysaml2 Releases: Fix processing of invalid SAML XML documents – CVE-2021-21238 Fix unspecified xmlsec1 key-type preference – CVE-2021-21239 Table of […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-httpie — exposure of sensitive information vulnerabilities Related CVEs: CVE-2022-0430 CVE-2022-24737 Upstream summary: Glyph reports: HTTPie is a command-line HTTP client. HTTPie has the practical concept of sessions, which help […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: devel/viewvc-devel is vulnerable to cross-site scripting Related CVEs: CVE-2023-22456 CVE-2023-22464 Upstream summary: C. Michael Pilato reports: security fix: escape revision view copy paths (#311) [CVE-2023-22464] security fix: escape revision view […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: modsecurity3 — multiple vulnerabilities Related CVEs: CVE-2026-30923 CVE-2026-42268 Upstream summary: ModSecurity is an open source web application firewall engine. According to the upstream changelog, multiple vulnerabilities have been fixed. CVE-2026-42268: […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-strawberry-graphql — Multiple vulnerabilities Related CVEs: CVE-2026-35523 CVE-2026-35526 Upstream summary: The Strawberry GraphQL project reports: Strawberry up until version 0.312.3 is vulnerable to an authentication bypass on WebSocket subscription endpoints. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: End of Life Ports Upstream summary: These packages have reached End of Life status and/or have been removed from the Ports Tree. They may contain undocumented security issues. Please take […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: kibana4 — XSS vulnerability Related CVEs: CVE-2015-8131 Upstream summary: Elastic reports: Fixes XSS vulnerability (CVE pending) – Thanks to Vladimir Ivanov for responsibly reporting. Table of contents Symptom & Impact […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: SnappyMail — multiple mXSS in HTML sanitizer Related CVEs: CVE-2024-45800 Upstream summary: Oskar reports: SnappyMail uses the `cleanHtml()` function to cleanup HTML and CSS in emails. Research discovered that the […]