Debian

Debian 13 — guake — vulnerability — patch and remediation guide — diagnosis and fix on Debian 13

Debian 13 — guake — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-23556 Upstream summary: The package guake before 3.8.5 are vulnerable to Exposed Dangerous Method or Function due to the exposure of execute_command and execute_command_by_uuid methods via the d-bus interface, […]

Read more
Debian 11 — libvdpau — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — libvdpau — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2015-5198 CVE-2015-5199 CVE-2015-5200 Upstream summary: libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to gain privileges via unspecified vectors, related to the […]

Read more
Debian 11 — super — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — super — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2002-0817 CVE-2004-0579 CVE-2011-2776 CVE-2014-0470 Upstream summary: Format string vulnerability in super for Linux allows local users to gain root privileges via a long command line argument. Table of […]

Read more
Debian 11 — groonga — vulnerability — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — groonga — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2019-11675 Upstream summary: The groonga-httpd package 6.1.5-1 for Debian sets the /var/log/groonga ownership to the groonga account, which might let local users obtain root access because of unsafe […]

Read more
Debian 13 — xmlbeans — vulnerability — patch and remediation guide — diagnosis and fix on Debian 13

Debian 13 — xmlbeans — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-23926 Upstream summary: The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include […]

Read more
Debian 13 — rpyc — vulnerability — patch and remediation guide — diagnosis and fix on Debian 13

Debian 13 — rpyc — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2024-27758 Upstream summary: In RPyC before 6.0.0, when a server exposes a method that calls the attribute named __array__ for a client-provided netref (e.g., np.array(client_netref)), a remote attacker can […]

Read more
Debian 12 — libmwaw — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — libmwaw — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-9433 Upstream summary: Document Liberation Project libmwaw before 2017-04-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the MsWrd1Parser::readFootnoteCorrespondance function in lib/MsWrd1Parser.cxx. Table of […]

Read more
Debian 13 — rpm — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on Debian 13

Debian 13 — rpm — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2005-2096 CVE-2005-4889 CVE-2006-5466 CVE-2010-2059 CVE-2010-2197 CVE-2010-2198 CVE-2010-2199 CVE-2011-3378  +12 more Upstream summary: zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via […]

Read more
Debian 12 — systemd-cron — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — systemd-cron — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-9525 Upstream summary: In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks […]

Read more
Debian 11 — radicale — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on Debian 11

Debian 11 — radicale — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2015-8747 CVE-2015-8748 CVE-2017-8342 Upstream summary: The multifilesystem storage backend in Radicale before 1.1 allows remote attackers to read or write to arbitrary files via a crafted component name. […]

Read more
CHAT