Common Problems

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2005-0116 CVE-2005-0362 CVE-2005-0363 CVE-2005-0435 CVE-2005-0436 CVE-2005-0437 CVE-2005-0438 CVE-2005-1527  +12 more Upstream summary: AWStats 6.1, and other versions before 6.3, allows remote attackers to execute arbitrary commands via shell […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-10074 Upstream summary: The mail transport (aka Swift_Transport_MailTransport) in Swift Mailer before 5.4.5 might allow remote attackers to pass extra parameters to the mail command and consequently execute […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2013-2600 CVE-2017-1000494 CVE-2019-12107 CVE-2019-12108 CVE-2019-12109 CVE-2019-12110 CVE-2019-12111 CVE-2026-5720 Upstream summary: MiniUPnPd has information disclosure use of snprintf() Table of contents Symptom & Impact Environment & Reproduction Root Cause […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2005-0687 CVE-2006-3251 Upstream summary: Format string vulnerability in Hashcash 1.16 allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via format […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2004-1476 CVE-2007-6613 CVE-2017-18198 CVE-2017-18199 CVE-2017-18201 Upstream summary: Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows attackers to execute […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-42521 CVE-2025-57106 CVE-2025-57107 CVE-2025-57108 CVE-2025-57109 Upstream summary: There is a NULL pointer dereference vulnerability in VTK before 9.2.5, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2008-1167 CVE-2008-1168 CVE-2008-1922 CVE-2008-7249 CVE-2008-7250 CVE-2019-18932 Upstream summary: Stack-based buffer overflow in the useragent function in useragent.c in Squid Analysis Report Generator (Sarg) 2.2.3.1 allows remote attackers to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2026-6862 Upstream summary: A flaw was found in libefiboot, a component of efivar. The device path node parser in libefiboot fails to validate that each node's Length field is […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-2592 Upstream summary: python-oslo-middleware before versions 3.8.1, 3.19.1, 3.23.1 is vulnerable to an information disclosure. Software using the CatchError class could include sensitive values in a traceback's error […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2013-7449 CVE-2016-2087 CVE-2016-2233 Upstream summary: The ssl_do_connect function in common/server.c in HexChat before 2.10.2, XChat, and XChat-GNOME does not verify that the server hostname matches a domain name […]