Fix Prevention

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2015-9059 Upstream summary: picocom before 2.0 has a command injection vulnerability in the 'send and receive file' command because the command line is executed by /bin/sh unsafely. Table […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-31317 CVE-2021-31321 CVE-2025-0634 CVE-2025-53074 CVE-2025-53075 Upstream summary: Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Type Confusion in the VDasher constructor […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2012-4575 CVE-2015-4054 CVE-2015-6817 CVE-2021-3935 CVE-2025-12819 CVE-2025-2291 CVE-2026-6664 CVE-2026-6665  +2 more Upstream summary: The add_database function in objects.c in the pgbouncer pooler 1.5.2 for PostgreSQL allows remote attackers to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2009-5155 CVE-2018-17942 Upstream summary: In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2015-8807 CVE-2017-16907 Upstream summary: Cross-site scripting (XSS) vulnerability in the _renderVarInput_number function in horde/framework/Core/lib/Horde/Core/Ui/VarRenderer/Html.php in Horde Groupware before 5.2.12 and Horde Groupware Webmail Edition before 5.2.12 allows remote […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2013-7203 CVE-2018-16976 CVE-2018-20683 Upstream summary: gitolite before commit fa06a34 might allow local users to read arbitrary files in repositories via vectors related to the user umask when running […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2019-25058 Upstream summary: An issue was discovered in USBGuard before 1.1.0. On systems with the usbguard-dbus daemon running, an unprivileged user could make USBGuard allow all USB devices to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2007-6697 CVE-2008-0544 CVE-2017-12122 CVE-2017-14440 CVE-2017-14441 CVE-2017-14442 CVE-2017-14448 CVE-2017-14450  +12 more Upstream summary: Buffer overflow in the LWZReadByte function in IMG_gif.c in SDL_image before 1.2.7 allows remote attackers to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2009-1255 CVE-2009-1494 CVE-2009-2415 CVE-2010-1152 CVE-2011-4971 CVE-2013-0179 CVE-2013-7239 CVE-2013-7290  +12 more Upstream summary: The process_stat function in (1) Memcached before 1.2.8 and (2) MemcacheDB 1.2.0 discloses (a) the contents […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-15924 CVE-2019-5152 CVE-2019-5163 CVE-2019-5164 Upstream summary: In manager.c in ss-manager in shadowsocks-libev 3.1.0, improper parsing allows command injection via shell metacharacters in a JSON configuration request received via […]