Common Problems

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2004-1000 CVE-2009-4013 CVE-2009-4014 CVE-2009-4015 CVE-2013-1429 CVE-2017-8829 Upstream summary: lintian 1.23 and earlier removes the working directory even if it was not created by lintian, which may allow local […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2007-6209 CVE-2014-10070 CVE-2014-10071 CVE-2014-10072 CVE-2016-10714 CVE-2017-18205 CVE-2017-18206 CVE-2018-0502  +8 more Upstream summary: Util/difflog.pl in zsh 4.3.4 allows local users to overwrite arbitrary files via a symlink attack on […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-10117 CVE-2016-10118 CVE-2016-10119 CVE-2016-10120 CVE-2016-10121 CVE-2016-10122 CVE-2016-10123 CVE-2016-9016  +10 more Upstream summary: Firejail does not restrict access to –tmpfs, which allows local users to gain privileges, as demonstrated […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-32839 CVE-2023-30608 CVE-2024-4340 Upstream summary: sqlparse is a non-validating SQL parser module for Python. In sqlparse versions 0.4.0 and 0.4.1 there is a regular Expression Denial of Service […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-9445 CVE-2016-9446 CVE-2016-9809 CVE-2016-9812 CVE-2016-9813 CVE-2017-5843 CVE-2017-5848 CVE-2021-3185  +10 more Upstream summary: Integer overflow in the vmnc decoder in the gstreamer allows remote attackers to cause a denial […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2018-11797 CVE-2018-8036 CVE-2021-27807 CVE-2021-27906 CVE-2021-31811 CVE-2021-31812 CVE-2026-23907 CVE-2026-33929 Upstream summary: In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-15366 CVE-2025-69873 Upstream summary: An issue was discovered in ajv.validate() in Ajv (aka Another JSON Schema Validator) 6.12.2. A carefully crafted JSON schema could be provided that allows […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-12481 CVE-2017-12482 CVE-2017-2807 CVE-2017-2808 Upstream summary: The find_option function in option.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service (stack-based buffer overflow and application […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-10173 Upstream summary: Directory traversal vulnerability in the minitar before 0.6 and archive-tar-minitar 0.5.2 gems for Ruby allows remote attackers to write to arbitrary files via a .. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2007-4601 Upstream summary: A regression error in tcp-wrappers 7.6.dbs-10 and 7.6.dbs-11 might allow remote attackers to bypass intended access restrictions when a service uses libwrap but does not […]