Fix Prevention

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2013-1438 CVE-2013-1439 CVE-2013-2126 Upstream summary: Unspecified vulnerability in dcraw 0.8.x through 0.8.9, as used in libraw, ufraw, shotwell, and other products, allows context-dependent attackers to cause a denial of […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2013-6441 CVE-2015-1331 CVE-2015-1334 CVE-2015-1335 CVE-2016-10124 CVE-2016-8649 CVE-2017-18641 CVE-2017-5985  +4 more Upstream summary: The lxc-sshd template (templates/lxc-sshd.in) in LXC before 1.0.0.beta2 uses read-write permissions when mounting /sbin/init, which allows local […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2005-0079 CVE-2016-10894 Upstream summary: Buffer overflow in xtrlock 2.0 allows local users to cause a denial of service (application crash) and hijack the desktop session. Table of contents Symptom […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2009-3560 CVE-2009-3720 Upstream summary: The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2023-24056 Upstream summary: In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconf_tuple_parse. For example, a .pc file containing a few hundred […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-3028 Upstream summary: git-big-picture before 1.0.0 mishandles ' characters in a branch name, leading to code execution. Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2026-4751 Upstream summary: NULL Pointer Dereference vulnerability in tmate-io tmate.This issue affects tmate: before 2.4.0. Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2013-7322 Upstream summary: usersfile.c in liboath in OATH Toolkit before 2.4.1 does not properly handle lines containing an invalid one-time-password (OTP) type and a user name in /etc/users.oath, which […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-35910 CVE-2020-35911 CVE-2020-35912 CVE-2020-35913 CVE-2020-35914 Upstream summary: An issue was discovered in the lock_api crate before 0.4.2 for Rust. A data race can occur because of MappedMutexGuard unsoundness. Table […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2003-0188 Upstream summary: lv reads a .lv file from the current working directory, which allows local users to execute arbitrary commands as other lv users by placing malicious .lv […]