Debian 12 Bookworm

Debian 12 — gradle — multiple vulnerabilities (13 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — gradle — multiple vulnerabilities (13 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-6199 CVE-2019-11065 CVE-2019-15052 CVE-2019-16370 CVE-2021-29428 CVE-2021-29429 CVE-2021-32751 CVE-2023-35946  +5 more Upstream summary: ObjectSocketWrapper.java in Gradle 2.12 allows remote attackers to execute arbitrary code via a crafted serialized object. […]

Read more
Debian 12 — node-formidable — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — node-formidable — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2022-29622 CVE-2025-46653 Upstream summary: An arbitrary file upload vulnerability in formidable v3.1.4 allows attackers to execute arbitrary code via a crafted filename. NOTE: some third parties dispute this […]

Read more
Debian 12 — uudeview — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — uudeview — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2004-0333 CVE-2004-2265 CVE-2008-2266 Upstream summary: Buffer overflow in the UUDeview package, as used in WinZip 6.2 through WinZip 8.1 SR-1, and possibly other packages, allows remote attackers to […]

Read more
Debian 12 — libxmp — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libxmp — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2025-47256 Upstream summary: Libxmp through 4.6.2 has a stack-based buffer overflow in depack_pha in loaders/prowizard/pha.c via a malformed Pha format tracker module in a .mod file. Table of […]

Read more
Debian 12 — ioquake3 — multiple vulnerabilities (12 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — ioquake3 — multiple vulnerabilities (12 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2006-2082 CVE-2006-2236 CVE-2006-2875 CVE-2006-3324 CVE-2006-3325 CVE-2011-1412 CVE-2011-2764 CVE-2011-3012  +4 more Upstream summary: Directory traversal vulnerability in Quake 3 engine, as used in products including Quake3 Arena, Return to […]

Read more
Debian 12 — libeconf — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libeconf — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2023-22652 CVE-2023-32181 Upstream summary: A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue […]

Read more
Debian 12 — kiwi — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — kiwi — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-17532 Upstream summary: examples/framework/news/news3.py in Kiwi 1.9.22 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct […]

Read more
Debian 12 — scorched3d — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — scorched3d — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2005-3486 CVE-2005-3487 CVE-2005-3488 Upstream summary: Multiple format string vulnerabilities in Scorched 3D 39.1 (bf) and earlier allow remote attackers to execute arbitrary code via various (1) GLConsole::addLine, (2) […]

Read more
Debian 12 — golang-github-seccomp-libseccomp-golang — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — golang-github-seccomp-libseccomp-golang — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-18367 Upstream summary: libseccomp-golang 0.9.0 and earlier incorrectly generates BPFs that OR multiple arguments rather than ANDing them. A process running under a restrictive seccomp filter that specified […]

Read more
Debian 12 — libsolv — multiple vulnerabilities (12 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libsolv — multiple vulnerabilities (12 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2018-20532 CVE-2018-20533 CVE-2018-20534 CVE-2019-20387 CVE-2021-3200 CVE-2021-33928 CVE-2021-33929 CVE-2021-33930  +4 more Upstream summary: There is a NULL pointer dereference at ext/testcase.c (function testcase_read) in libsolvext.a in libsolv through 0.7.2 […]

Read more
CHAT