Common Problems

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2023-48795 CVE-2026-4541 Upstream summary: The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2007-1269 Upstream summary: GNUMail 1.1.2 and earlier does not properly use the –status-fd argument when invoking GnuPG, which prevents GNUMail from visually distinguishing between signed and unsigned portions […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2002-1424 CVE-2002-1425 CVE-2011-4919 Upstream summary: Buffer overflow in munpack in mpack 1.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-46823 CVE-2025-61911 CVE-2025-61912 Upstream summary: python-ldap before 3.4.0 is vulnerable to a denial of service when ldap.schema is used for untrusted schema definitions, because of a regular expression […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2003-0853 CVE-2003-0854 CVE-2005-1039 CVE-2007-4998 CVE-2008-1946 CVE-2014-9471 CVE-2015-1865 CVE-2016-2781  +4 more Upstream summary: An integer overflow in ls in the fileutils or coreutils packages may allow local users to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2022-4964 Upstream summary: Ubuntu's pipewire-pulse in snap grants microphone access even when the snap interface for audio-record is not set. Table of contents Symptom & Impact Environment & Reproduction […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2014-1935 Upstream summary: 9base 1:6-6 and 1:6-7 insecurely creates temporary files which results in predictable filenames. Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2009-3560 CVE-2009-3720 CVE-2015-8396 CVE-2015-8397 CVE-2024-22373 CVE-2024-22391 CVE-2024-25569 CVE-2025-11266  +5 more Upstream summary: The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2005-0012 CVE-2009-2294 Upstream summary: Format string vulnerability in the a_Interface_msg function in Dillo before 0.8.3-r4 allows remote attackers to execute arbitrary code via format string specifiers in a […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2012-3514 Upstream summary: OCaml Xml-Light Library before r234 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial […]