Logging Monitoring

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2002-1158 CVE-2002-1159 Upstream summary: Buffer overflow in the irw_through function for Canna 3.5b2 and earlier allows local users to execute arbitrary code as the bin user. Table of […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2019-9837 Upstream summary: Doorkeeper::OpenidConnect (aka the OpenID Connect extension for Doorkeeper) 1.4.x and 1.5.x before 1.5.4 has an open redirect via the redirect_uri field in an OAuth authorization […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2014-5444 CVE-2020-24661 Upstream summary: Geary before 0.6.3 does not present the user with a warning when a TLS certificate error is detected, which makes it easier for remote […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2019-0231 CVE-2024-52046 CVE-2026-41635 Upstream summary: Handling of the close_notify SSL/TLS message does not lead to a connection closure, leading the server to retain the socket opened and to […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2010-1330 CVE-2011-4838 CVE-2012-5370 CVE-2015-3900 CVE-2017-17742 CVE-2018-1000073 CVE-2018-1000074 CVE-2018-1000075  +12 more Upstream summary: The regular expression engine in JRuby before 1.4.1, when $KCODE is set to 'u', does not […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-13645 CVE-2025-60018 CVE-2025-60019 CVE-2026-2574 Upstream summary: In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2022-24775 CVE-2023-29197 Upstream summary: guzzlehttp/psr7 is a PSR-7 HTTP message library. Versions prior to 1.8.4 and 2.1.1 are vulnerable to improper header parsing. An attacker could sneak in […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-9590 Upstream summary: puppet-swift before versions 8.2.1, 9.4.4 is vulnerable to an information-disclosure in Red Hat OpenStack Platform director's installation of Object Storage (swift). During installation, the Puppet […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2022-46338 Upstream summary: g810-led 0.4.2, a LED configuration tool for Logitech Gx10 keyboards, contained a udev rule to make supported device nodes world-readable and writable, allowing any process […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-7435 CVE-2017-7436 CVE-2017-9269 CVE-2017-9271 CVE-2018-7685 CVE-2019-18900 Upstream summary: In libzypp before 20170803 it was possible to add unsigned YUM repositories without warning to the user that could lead […]