2026 - Page 2642 of 7467

Debian 12 — linux-ftpd-ssl — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — linux-ftpd-ssl — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2005-3524 CVE-2007-6263 CVE-2008-4247 Upstream summary: Buffer overflow in the SSL-ready version of linux-ftpd (linux-ftpd-ssl) 0.17 allows remote attackers to execute arbitrary code by creating a long directory name, […]

Read more
Debian 12 — libjgraphx-java — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libjgraphx-java — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-18197 Upstream summary: In mxGraphViewImageReader.java in mxGraph before 3.7.6, the SAXParserFactory instance in convert() is missing flags to prevent XML External Entity (XXE) attacks, as demonstrated by /ServerView. […]

Read more
Debian 13 — node-ua-parser-js — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on Debian 13

Debian 13 — node-ua-parser-js — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-7793 CVE-2021-27292 CVE-2022-25927 Upstream summary: The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info). […]

Read more
Debian 12 — dav1d — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — dav1d — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2023-32570 CVE-2024-1580 Upstream summary: VideoLAN dav1d before 1.2.0 has a thread_task.c race condition that can lead to an application crash, related to dav1d_decode_frame_exit. Table of contents Symptom & […]

Read more
Debian 13 — lookup-el — vulnerability — patch and remediation guide — diagnosis and fix on Debian 13

Debian 13 — lookup-el — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2007-0237 Upstream summary: The ndeb-binary feature in Lookup (lookup-el) allows local users to overwrite arbitrary files via a symlink attack on temporary files. Table of contents Symptom & […]

Read more
Debian 13 — apr — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on Debian 13

Debian 13 — apr — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2009-2412 CVE-2011-0419 CVE-2011-1928 CVE-2012-0840 CVE-2017-12613 CVE-2021-35940 CVE-2022-24963 CVE-2023-49582 Upstream summary: Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) […]

Read more
Debian 13 — node-chart.js — vulnerability — patch and remediation guide — diagnosis and fix on Debian 13

Debian 13 — node-chart.js — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-7746 Upstream summary: This affects the package chart.js before 2.9.4. The options parameter is not properly sanitized when it is processed. When the options are processed, the existing options […]

Read more
Debian 11 — libcgi-application-perl — vulnerability — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — libcgi-application-perl — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2013-7329 Upstream summary: The CGI::Application module before 4.50_50 and 4.50_51 for Perl, when run modes are not specified, allows remote attackers to obtain sensitive information (web queries and […]

Read more
Debian 11 — configobj — vulnerability — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — configobj — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2023-26112 Upstream summary: All versions of the package configobj are vulnerable to Regular Expression Denial of Service (ReDoS) via the validate function, using (.+?)\((.*)\). **Note:** This is only […]

Read more
Debian 11 — erlang — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — erlang — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2009-0130 CVE-2011-0766 CVE-2011-3389 CVE-2014-1693 CVE-2014-3566 CVE-2015-2774 CVE-2016-1000107 CVE-2016-10253  +12 more Upstream summary: lib/crypto/c_src/crypto_drv.c in erlang does not properly check the return value from the OpenSSL DSA_do_verify function, which […]

Read more
CHAT