Fix Prevention

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2005-4895 CVE-2018-13420 Upstream summary: Multiple integer overflows in TCMalloc (tcmalloc.cc) in gperftools before 0.4 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-41556 CVE-2022-30292 CVE-2026-2659 CVE-2026-2661 CVE-2026-3388 CVE-2026-3389 CVE-2026-8258 CVE-2026-8261 Upstream summary: sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bounds read (in the core interpreter) that […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2013-2738 CVE-2013-2739 CVE-2013-2745 CVE-2020-12695 CVE-2020-28926 CVE-2022-26505 CVE-2023-33476 CVE-2023-47430  +1 more Upstream summary: minidlna has SQL Injection that may allow retrieval of arbitrary files Table of contents Symptom & […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2025-40920 Upstream summary: Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using the Perl Data::UUID library. * Data::UUID does not use a strong cryptographic source for generating UUIDs. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2025-0218 Upstream summary: When batch jobs are executed by pgAgent, a script is created in a temporary directory and then executed. In versions of pgAgent prior to 4.2.3, […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2022-2514 CVE-2022-2523 CVE-2022-2589 Upstream summary: The time and filter parameters in Fava prior to v1.22 are vulnerable to reflected XSS due to the lack of escaping of error […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2022-2211 Upstream summary: A vulnerability was found in libguestfs. This issue occurs while calculating the greatest possible number of matching keys in the get_keys() function. This flaw leads to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2018-18246 CVE-2018-18247 CVE-2018-18248 CVE-2018-18249 CVE-2018-18250 CVE-2020-24368 CVE-2021-32746 CVE-2021-32747  +8 more Upstream summary: Icinga Web 2 before 2.6.2 has CSRF via /icingaweb2/config/moduledisable?name=monitoring to disable the monitoring module, or via […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2008-3920 CVE-2008-3969 CVE-2012-1187 CVE-2016-10188 CVE-2016-10189 CVE-2017-5668 Upstream summary: Unspecified vulnerability in BitlBee before 1.2.2 allows remote attackers to "recreate" and "hijack" existing accounts via unspecified vectors. Table of […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2005-0664 CVE-2006-4168 CVE-2007-2645 CVE-2007-6351 CVE-2007-6352 CVE-2009-3895 CVE-2012-2812 CVE-2012-2813  +12 more Upstream summary: Buffer overflow in the EXIF library (libexif) 0.6.9 does not properly validate the structure of the […]