Debian 12 Bookworm

Debian 12 — rox — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — rox — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2002-1956 Upstream summary: ROX Filer 1.1.9 and 1.2 is installed with world writable permissions, which allows local users to write to arbitrary files. Table of contents Symptom & […]

Read more
Debian 12 — node-lodash — multiple vulnerabilities (10 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — node-lodash — multiple vulnerabilities (10 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2018-16487 CVE-2018-3721 CVE-2019-1010266 CVE-2019-10744 CVE-2020-28500 CVE-2020-8203 CVE-2021-23337 CVE-2025-13465  +2 more Upstream summary: A prototype pollution vulnerability was found in lodash <4.17.11 where the functions merge, mergeWith, and defaultsDeep […]

Read more
Debian 12 — libpgobject-util-dbadmin-perl — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libpgobject-util-dbadmin-perl — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2018-9246 Upstream summary: The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in LedgerSMB through 1.5.x, insufficiently sanitizes or escapes variable values used as part of shell command […]

Read more
Debian 12 — rawtherapee — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — rawtherapee — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2015-3885 CVE-2015-8366 CVE-2026-24808 Upstream summary: Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service (crash) via a […]

Read more
Debian 12 — eldav — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — eldav — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2003-0438 Upstream summary: eldav WebDAV client for Emacs, version 0.7.2 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files. […]

Read more
Debian 12 — rtmpdump — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — rtmpdump — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2015-8270 CVE-2015-8271 CVE-2015-8272 Upstream summary: The AMF3ReadString function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to cause a denial of service (invalid pointer dereference and […]

Read more
Debian 12 — gnuchess — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — gnuchess — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2015-8972 CVE-2019-15767 CVE-2021-30184 Upstream summary: Stack-based buffer overflow in the ValidateMove function in frontend/move.cc in GNU Chess (aka gnuchess) before 6.2.4 might allow context-dependent attackers to execute arbitrary […]

Read more
Debian 12 — gkrellm — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — gkrellm — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2003-0723 Upstream summary: Buffer overflow in gkrellmd for gkrellm 2.1.x before 2.1.14 may allow remote attackers to execute arbitrary code. Table of contents Symptom & Impact Environment & […]

Read more
Debian 12 — libcatalyst-plugin-authentication-perl — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libcatalyst-plugin-authentication-perl — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2026-5091 Upstream summary: Catalyst::Plugin::Authentication versions through 0.10024 for Perl is susceptible to timing attacks. These versions use Perl's built-in eq comparison. Discrepencies in timing could be used to […]

Read more
CHAT