Debian 12 Bookworm

Debian 12 — crafty — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — crafty — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2003-0612 Upstream summary: Multiple buffer overflows in main.c for Crafty 19.3 allow local users to gain group "games" privileges via long command line arguments to crafty.bin. Table of […]

Read more
Debian 12 — gnome-screensaver — multiple vulnerabilities (9 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — gnome-screensaver — multiple vulnerabilities (9 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2006-1335 CVE-2007-3920 CVE-2007-6389 CVE-2008-0887 CVE-2009-4641 CVE-2009-4642 CVE-2010-0285 CVE-2010-0414  +1 more Upstream summary: gnome screensaver before 2.14, when running on an X server with AllowDeactivateGrabs and AllowClosedownGrabs enabled, allows […]

Read more
Debian 12 — libquartz-java — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libquartz-java — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2019-13990 Upstream summary: initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description. Table of contents Symptom & Impact Environment & Reproduction […]

Read more
Debian 12 — pacemaker — multiple vulnerabilities (9 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — pacemaker — multiple vulnerabilities (9 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2010-2496 CVE-2011-5271 CVE-2013-0281 CVE-2016-7035 CVE-2016-7797 CVE-2018-16877 CVE-2018-16878 CVE-2019-3885  +1 more Upstream summary: stonith-ng in pacemaker and cluster-glue passed passwords as commandline parameters, making it possible for local attackers […]

Read more
Debian 12 — vino — multiple vulnerabilities (9 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — vino — multiple vulnerabilities (9 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2011-0904 CVE-2011-0905 CVE-2011-1164 CVE-2011-1165 CVE-2012-4429 CVE-2013-5745 CVE-2014-6053 CVE-2018-7225  +1 more Upstream summary: The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x […]

Read more
Debian 12 — munin — multiple vulnerabilities (9 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — munin — multiple vulnerabilities (9 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2012-2103 CVE-2012-2104 CVE-2012-2147 CVE-2012-3512 CVE-2012-3513 CVE-2012-4678 CVE-2013-6048 CVE-2013-6359  +1 more Upstream summary: The qmailscan plugin for Munin 1.4.5 allows local users to overwrite arbitrary files via a symlink […]

Read more
Debian 12 — dcraw — multiple vulnerabilities (9 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — dcraw — multiple vulnerabilities (9 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2013-1438 CVE-2015-3885 CVE-2015-8366 CVE-2018-19565 CVE-2018-19566 CVE-2018-19567 CVE-2018-19568 CVE-2018-19655  +1 more Upstream summary: Unspecified vulnerability in dcraw 0.8.x through 0.8.9, as used in libraw, ufraw, shotwell, and other products, […]

Read more
Debian 12 — node-marked — multiple vulnerabilities (9 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — node-marked — multiple vulnerabilities (9 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2014-3743 CVE-2015-1370 CVE-2015-8854 CVE-2016-10531 CVE-2017-1000427 CVE-2017-16114 CVE-2018-25110 CVE-2022-21680  +1 more Upstream summary: Multiple cross-site scripting (XSS) vulnerabilities in the Marked module before 0.3.1 for Node.js allow remote attackers […]

Read more
Debian 12 — ruby-rails-html-sanitizer — multiple vulnerabilities (9 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — ruby-rails-html-sanitizer — multiple vulnerabilities (9 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2015-7578 CVE-2015-7579 CVE-2015-7580 CVE-2018-3741 CVE-2022-23517 CVE-2022-23518 CVE-2022-23519 CVE-2022-23520  +1 more Upstream summary: Cross-site scripting (XSS) vulnerability in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and […]

Read more
Debian 12 — grpc — multiple vulnerabilities (9 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — grpc — multiple vulnerabilities (9 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-7860 CVE-2017-7861 CVE-2017-8359 CVE-2017-9431 CVE-2023-32732 CVE-2023-33953 CVE-2023-44487 CVE-2023-4785  +1 more Upstream summary: Google gRPC before 2017-02-22 has an out-of-bounds write caused by a heap-based buffer overflow related to […]

Read more
CHAT