Common Problems

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-31317 CVE-2021-31321 CVE-2025-0634 CVE-2025-53074 CVE-2025-53075 Upstream summary: Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Type Confusion in the VDasher constructor […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-12762 Upstream summary: json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend. Table of contents Symptom & Impact […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2008-4575 CVE-2008-4639 CVE-2008-4640 CVE-2008-4641 CVE-2016-3822 CVE-2018-16554 CVE-2018-17088 CVE-2018-6612  +12 more Upstream summary: Buffer overflow in the DoCommand function in jhead before 2.84 might allow context-dependent attackers to cause […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2025-54869 Upstream summary: FPDI is a collection of PHP classes that facilitate reading pages from existing PDF documents and using them as templates in FPDF. In versions 2.6.2 […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2013-6459 Upstream summary: Cross-site scripting (XSS) vulnerability in the will_paginate gem before 3.0.5 for Ruby allows remote attackers to inject arbitrary web script or HTML via vectors involving […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2018-12435 CVE-2018-20187 CVE-2018-9127 CVE-2018-9860 CVE-2021-24115 CVE-2021-40529 CVE-2022-43705 CVE-2024-34702  +7 more Upstream summary: Botan 2.5.0 through 2.6.0 before 2.7.0 allows a memory-cache side-channel attack on ECDSA signatures, aka the […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-4303 CVE-2023-38403 CVE-2023-7250 CVE-2024-26306 CVE-2024-53580 CVE-2025-54349 CVE-2025-54350 Upstream summary: The parse_string function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 9 (stretch) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2019-17570 Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage Step-by-Step Diagnosis Solution – Primary Fix Solution – Alternative Approaches Verification & Acceptance […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-4570 CVE-2016-4571 CVE-2018-20004 CVE-2018-20005 CVE-2018-20592 CVE-2018-20593 CVE-2026-5037 Upstream summary: The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2023-31038 CVE-2025-54812 CVE-2025-54813 CVE-2026-40023 Upstream summary: SQL injection in Log4cxx when using the ODBC appender to send log messages to a database.  No fields sent to the database […]