Common Problems

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2011-4104 Upstream summary: The from_yaml method in serializers.py in Django Tastypie before 0.9.10 does not properly deserialize YAML data, which allows remote attackers to execute arbitrary Python code via […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-5180 CVE-2017-1000381 CVE-2020-14354 CVE-2020-22217 CVE-2020-8277 CVE-2021-3672 CVE-2022-4904 CVE-2023-31124  +6 more Upstream summary: Heap-based buffer overflow in the ares_create_query function in c-ares 1.x before 1.12.0 allows remote attackers to cause […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-4235 CVE-2022-3064 Upstream summary: Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2018-1000002 CVE-2018-10920 CVE-2018-1110 CVE-2019-10190 CVE-2019-10191 CVE-2019-19331 CVE-2020-12667 CVE-2021-40083  +6 more Upstream summary: Improper input validation bugs in DNSSEC validators components in Knot Resolver (prior version 1.5.2) allow attacker in […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2025-57804 Upstream summary: h2 is a pure-Python implementation of a HTTP/2 protocol stack. Prior to version 4.3.0, an HTTP/2 request splitting vulnerability allows attackers to perform request smuggling attacks […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-7751 Upstream summary: pathval before version 1.1.1 is vulnerable to prototype pollution. Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage Step-by-Step Diagnosis Solution […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2025-58438 Upstream summary: internetarchive is a Python and Command-Line Interface to Archive.org In versions 5.5.0 and below, there is a directory traversal (path traversal) vulnerability in the File.download() method […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2015-6584 CVE-2021-23445 Upstream summary: Cross-site scripting (XSS) vulnerability in the DataTables plugin 1.10.8 and earlier for jQuery allows remote attackers to inject arbitrary web script or HTML via the […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2024-21646 CVE-2024-25110 CVE-2024-27099 CVE-2024-29195 Upstream summary: Azure uAMQP is a general purpose C library for AMQP 1.0. The UAMQP library is used by several clients to implement AMQP protocol […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2003-1053 CVE-2005-0117 Upstream summary: Multiple buffer overflows in XShisen allow attackers to execute arbitrary code via a long (1) -KCONV command line option or (2) XSHISENLIB environment variable. Table […]