Security Hardening

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: rainloop — cross-site-scripting (XSS) vulnerability Related CVEs: CVE-2022-29360 Upstream summary: Simon Scannell reports: The code vulnerability can be easily exploited by an attacker by sending a malicious email to a […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: xine — multiple remote string vulnerabilities Related CVEs: CVE-2006-1905 Upstream summary: c0ntexb reports: There are 2 format string bugs in the latest version of Xine that could be exploited by […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-asyncssh — Allows bypass of authentication Upstream summary: mitre.org Reports: The SSH server implementation of AsyncSSH before 1.12.1 does not properly check whether authentication is completed before processing other requests […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Fix a buffer overflow in the tiff reader Upstream summary: libvips reports: A buffer overflow was found and fixed in the libvips code Table of contents Symptom & Impact Environment […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: shadowsocks-libev — command injection via shell metacharacters Upstream summary: MITRE reports: Improper parsing allows command injection via shell metacharacters in a JSON configuration request received via 127.0.0.1 UDP traffic. Table […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Helm — client unpacking chart that contains malicious content Upstream summary: Helm security notice A specially crafted chart may be able to unpack content into locations on the filesystem outside […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Several issues in Lynis Upstream summary: lynis update: This release resolves two security issues CVE-2020-13882 – Discovered by Sander Bos, code submission by Katarina Durechova CVE-2019-13033 – Discovered by Sander […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: nettle 3.7.2 — fix serious ECDSA signature verify bug Upstream summary: Niels Möller reports: I've prepared a new bug-fix release of Nettle, a low-level cryptographics library, to fix a serious […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: netdata — multiple vulnerabilities with streaming Upstream summary: Netdata reports: GHSA-xg38-3vmw-2978: Netdata Streaming Alert Command Injection GHSA-jx85-39cw-66f2: Netdata Streaming Authentication Bypass Table of contents Symptom & Impact Environment & Reproduction […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: OpenHAB CometVisu addon — Multiple vulnerabilities Upstream summary: OpenHAB reports: This patch release addresses the following security advisories: SSRF/XSS (CometVisu) – GHSA-v7gr-mqpj-wwh3 Sensitive information disclosure (CometVisu) – GHSA-3g4c-hjhr-73rj RCE through […]