Security Hardening

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mcweject — exploitable buffer overflow Related CVEs: CVE-2007-1719 Upstream summary: CVE reports: Buffer overflow in eject.c in Jason W. Bacon mcweject 0.9 on FreeBSD, and possibly other versions, allows local […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mgetty+sendfax — symlink attack via insecure temporary files Related CVEs: CVE-2008-4936 Upstream summary: Debian reports: Faxspool in mgetty 1.1.36 allows local users to overwrite arbitrary files via a symlink attack […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: swfdec — exposure of sensitive information Related CVEs: CVE-2008-1834 Upstream summary: Secunia reports: A vulnerability has been reported in swfdec, which can be exploited by malicious people to disclose sensitive […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Django — multiple vulnerabilities Related CVEs: CVE-2022-28346 CVE-2022-28347 CVE-2022-34265 CVE-2022-36359 CVE-2022-41323 CVE-2023-23969 CVE-2023-24580 CVE-2023-31047  +12 more Upstream summary: Django reports: CVE-2025-59681: Potential SQL injection in QuerySet.annotate(), alias(), aggregate(), and extra() […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: freerdp — clients using the `/video` command line switch might read uninitialized data Related CVEs: CVE-2020-11017 CVE-2020-11018 CVE-2020-11019 CVE-2020-11038 CVE-2020-11039 CVE-2020-11040 CVE-2020-11041 CVE-2020-11043  +12 more Upstream summary: MITRE reports: All […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: drupal6-cck — cross-site scripting Related CVEs: CVE-2009-1069 Upstream summary: Drupal CCK plugin developer reports: The Node reference and User reference sub-modules, which are part of the Content Construction Kit (CCK) […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: xterm — DECRQSS remote command execution vulnerability Related CVEs: CVE-2008-2383 Upstream summary: SecurityFocus reports: The xterm program is prone to a remote command-execution vulnerability because it fails to sufficiently validate […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: SQLite < 3.50.3 — CWE-190 Integer Overflow or Wraparound in FTS5 module Related CVEs: CVE-2015-3414 CVE-2015-3415 CVE-2015-3416 CVE-2016-6153 CVE-2017-10989 CVE-2018-8740 CVE-2019-5018 CVE-2020-11655  +12 more Upstream summary: https://github.com/google/security-research/security/advisories/GHSA-v2c8-vqqp-hv3g reports: An integer […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mysql — denial of service vulnerability Related CVEs: CVE-2015-4792 CVE-2015-4802 CVE-2015-4807 CVE-2015-4815 CVE-2015-4826 CVE-2015-4830 CVE-2015-4836 CVE-2015-4858  +12 more Upstream summary: Openwall reports: C client library for MySQL (libmysqlclient.so) has use-after-free […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: PostgresSQL — TYPE in pg_temp execute arbitrary SQL during `SECURITY DEFINER` execution Related CVEs: CVE-2016-0766 CVE-2016-0773 CVE-2016-2193 CVE-2016-3065 CVE-2016-5423 CVE-2016-5424 CVE-2017-15098 CVE-2017-15099  +12 more Upstream summary: The PostgreSQL project reports: […]