Common Problems

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2012-3417 Upstream summary: The good_client function in rquotad (rquota_svc.c) in Linux DiskQuota (aka quota) before 3.17 invokes the hosts_ctl function the first time without a host name, which […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-7151 CVE-2025-67873 CVE-2025-68114 Upstream summary: Capstone 3.0.4 has an out-of-bounds vulnerability (SEGV caused by a read memory access) in X86_insn_reg_intel in arch/X86/X86Mapping.c. Table of contents Symptom & Impact […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2012-3453 Upstream summary: logol 1.5.0 uses world writable permissions for the /var/lib/logol/results directory, which allows local users to delete or overwrite arbitrary files. Table of contents Symptom & […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2005-1849 CVE-2005-2096 Upstream summary: inftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of service (application crash) via an invalid file that causes a large dynamic […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2022-41862 CVE-2023-2454 CVE-2023-2455 CVE-2023-39417 CVE-2023-39418 CVE-2023-5868 CVE-2023-5869 CVE-2023-5870  +12 more Upstream summary: In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-6129 CVE-2018-0739 CVE-2018-12437 CVE-2019-17362 Upstream summary: The rsa_verify_hash_ex function in rsa_verify_hash.c in LibTomCrypt, as used in OP-TEE before 2.2.0, does not validate that the message length is equal […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2011-1716 CVE-2013-4173 CVE-2015-1430 CVE-2016-2054 CVE-2016-2055 CVE-2016-2056 CVE-2016-2057 CVE-2016-2058  +8 more Upstream summary: Multiple cross-site scripting (XSS) vulnerabilities in the Web UI in Xymon before 4.3.1 allow remote attackers […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2026-7246 Upstream summary: Pallets Click, versions 8.3.2 and below, contain a command injection vulnerability in the click.edit() function, allowing attackers to pass arbitrary OS commands from an unprivileged […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2012-2320 CVE-2012-2321 CVE-2012-2322 CVE-2012-6459 CVE-2017-12865 CVE-2021-26675 CVE-2021-26676 CVE-2021-33833  +8 more Upstream summary: ConnMan before 0.85 does not ensure that netlink messages originate from the kernel, which allows remote […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2005-2966 CVE-2006-1550 CVE-2006-2453 CVE-2006-2480 CVE-2008-5984 CVE-2019-19451 Upstream summary: The Python SVG import plugin (diasvg_import.py) for DIA 0.94 and earlier allows user-assisted attackers to execute arbitrary commands via a […]