Debian 11

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2000-1254 CVE-2002-0655 CVE-2002-0656 CVE-2002-0657 CVE-2002-0659 CVE-2002-1568 CVE-2003-0078 CVE-2003-0131  +12 more Upstream summary: crypto/rsa/rsa_gen.c in OpenSSL before 0.9.6 mishandles C bitwise-shift operations that exceed the size of an expression, […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2001-1534 CVE-2002-0392 CVE-2002-0654 CVE-2002-0661 CVE-2002-0840 CVE-2002-1156 CVE-2002-1592 CVE-2002-1593  +12 more Upstream summary: mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable information including host IP address, […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2004-1405 CVE-2004-2152 CVE-2004-2185 CVE-2004-2186 CVE-2004-2187 CVE-2005-0534 CVE-2005-0535 CVE-2005-0536  +12 more Upstream summary: MediaWiki 1.3.8 and earlier, when used with Apache mod_mime, does not properly handle files with two […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2004-0129 CVE-2004-1055 CVE-2004-1147 CVE-2004-1148 CVE-2004-2630 CVE-2004-2631 CVE-2004-2632 CVE-2005-0459  +12 more Upstream summary: Directory traversal vulnerability in export.php in phpMyAdmin 2.5.5 and earlier allows remote attackers to read arbitrary […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2004-0803 CVE-2004-0804 CVE-2004-0886 CVE-2004-1183 CVE-2004-1307 CVE-2004-1308 CVE-2005-1544 CVE-2005-2452  +12 more Upstream summary: Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2005-4807 CVE-2005-4808 CVE-2006-2362 CVE-2008-2310 CVE-2012-3509 CVE-2014-8484 CVE-2014-8485 CVE-2014-8501  +12 more Upstream summary: Stack-based buffer overflow in the as_bad function in messages.c in the GNU as (gas) assembler in […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2014-1745 CVE-2020-10018 CVE-2020-11793 CVE-2020-13543 CVE-2020-13558 CVE-2020-13584 CVE-2020-13753 CVE-2020-27918  +12 more Upstream summary: Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35.0.1916.114, allows […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2014-7947 CVE-2015-1239 CVE-2015-6581 CVE-2015-8871 CVE-2016-10504 CVE-2016-10505 CVE-2016-10506 CVE-2016-10507  +12 more Upstream summary: OpenJPEG before r2944, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2015-20107 CVE-2019-20907 CVE-2020-10735 CVE-2020-26116 CVE-2020-27619 CVE-2020-29651 CVE-2021-23336 CVE-2021-28861  +12 more Upstream summary: In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into […]