Fix Prevention

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2015-1192 Upstream summary: Absolute path traversal vulnerability in kgb 1.0b4 allows remote attackers to write to arbitrary files via a full pathname in a crafted archive. Table of […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2014-4510 CVE-2017-7443 CVE-2020-5202 CVE-2025-11146 CVE-2025-11147 Upstream summary: Cross-site scripting (XSS) vulnerability in job.cc in apt-cacher-ng 0.7.26 allows remote attackers to inject arbitrary web script or HTML via a […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2025-64512 CVE-2025-70559 Upstream summary: Pdfminer.six is a community maintained fork of the original PDFMiner, a tool for extracting information from PDF documents. Prior to version 20251107, pdfminer.six will […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2015-1326 Upstream summary: python-dbusmock before version 0.15.1 AddTemplate() D-Bus method call or DBusTestCase.spawn_server_template() method could be tricked into executing malicious code if an attacker supplies a .pyc file. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-42260 CVE-2023-34194 Upstream summary: TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the TIXML_UTF_LEAD_0 case. It can be triggered by a crafted XML message […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2013-6047 Upstream summary: Multiple cross-site scripting (XSS) vulnerabilities in the site creation interface in ikiwiki-hosting before 0.20131025 allow remote attackers to inject arbitrary web script or HTML via […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-14178 CVE-2019-11502 CVE-2019-11503 CVE-2019-7303 CVE-2019-7304 CVE-2020-11934 CVE-2020-27352 CVE-2021-3155  +10 more Upstream summary: In snapd 2.27 through 2.29.2 the 'snap logs' command could be made to call journalctl without […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-25576 Upstream summary: An issue was discovered in the rand_core crate before 0.4.2 for Rust. Casting of byte slices to integer slices mishandles alignment constraints. Table of contents Symptom […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-5208 CVE-2017-5331 CVE-2017-5332 CVE-2017-5333 CVE-2017-6009 CVE-2017-6010 CVE-2017-6011 Upstream summary: Integer overflow in the wrestool program in icoutils before 0.31.1 allows remote attackers to cause a denial of service […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2023-48795 Upstream summary: The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that […]