Fix Prevention

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-11020 CVE-2020-15134 Upstream summary: Faye (NPM, RubyGem) versions greater than 0.5.0 and before 1.0.4, 1.1.3 and 1.2.5, has the potential for authentication bypass in the extension system. The […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-5026 CVE-2018-19960 CVE-2021-41867 CVE-2021-41868 CVE-2022-21689 CVE-2022-21690 CVE-2022-21691 CVE-2022-21692  +4 more Upstream summary: hs.py in OnionShare before 0.9.1 allows local users to modify the hiddenservice by pre-creating the /tmp/onionshare […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2015-9244 CVE-2019-14939 Upstream summary: Keys of objects in mysql node module v2.0.0-alpha7 and earlier are not escaped with `mysql.escape()` which could lead to SQL Injection. Table of contents […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2026-48700 Upstream summary: An issue was discovered in all versions of PCManFM-Qt starting from 1.1.0. When a regular file's path is passed as a URI in an org.freedesktop.FileManager1.ShowFolders D-Bus […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2009-0130 CVE-2011-0766 CVE-2011-3389 CVE-2014-1693 CVE-2014-3566 CVE-2015-2774 CVE-2016-1000107 CVE-2016-10253  +12 more Upstream summary: lib/crypto/c_src/crypto_drv.c in erlang does not properly check the return value from the OpenSSL DSA_do_verify function, which […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2009-5009 CVE-2010-3901 CVE-2010-3902 CVE-2010-3903 CVE-2012-3291 CVE-2012-6128 CVE-2013-7098 CVE-2019-16239  +2 more Upstream summary: Double free vulnerability in OpenConnect before 1.40 might allow remote AnyConnect SSL VPN servers to cause […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2015-8856 Upstream summary: Cross-site scripting (XSS) vulnerability in the serve-index package before 1.6.3 for Node.js allows remote attackers to inject arbitrary web script or HTML via a crafted […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2013-7448 Upstream summary: Directory traversal vulnerability in wiki.c in didiwiki allows remote attackers to read arbitrary files via the page parameter to api/page/get. Table of contents Symptom & […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2013-6384 CVE-2014-4615 CVE-2019-3830 Upstream summary: (1) impl_db2.py and (2) impl_mongodb.py in OpenStack Ceilometer 2013.2 and earlier, when the logging level is set to INFO, logs the connection string […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2009-3560 CVE-2009-3720 Upstream summary: The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a […]