🟢 Low ⏱ 5–15 min Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read • Source: Debian Security Tracker Related CVEs: CVE-2017-18197 Upstream summary: In mxGraphViewImageReader.java in mxGraph before 3.7.6, the SAXParserFactory instance in convert() is missing flags to prevent XML External Entity (XXE) attacks, as demonstrated by /ServerView. Table […]
🟢 Low ⏱ 5–15 min Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read • Source: Debian Security Tracker Related CVEs: CVE-2021-30151 CVE-2022-23837 Upstream summary: Sidekiq through 5.1.3 and 6.x through 6.2.0 allows XSS via the queue name of the live-poll feature when Internet Explorer is used. Table of […]
🟢 Low ⏱ 5–15 min Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read • Source: Debian Security Tracker Related CVEs: CVE-2002-1275 CVE-2009-5067 Upstream summary: Unknown vulnerability in html2ps HTML/PostScript converter 1.0, when used within LPRng, allows remote attackers to execute arbitrary code via "unsanitized input." Table of contents […]
🟡 Medium ⏱ 10–30 min Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read • Source: Debian Security Tracker Related CVEs: CVE-2019-10069 CVE-2021-26825 CVE-2021-26826 Upstream summary: In Godot through 3.1, remote code execution is possible due to the deserialization policy not being applied correctly. Table of contents Symptom & […]
🟠 High ⏱ 15–60 min Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read • Source: Debian Security Tracker Related CVEs: CVE-2010-4203 CVE-2010-4489 CVE-2012-0823 CVE-2014-1578 CVE-2015-1258 CVE-2015-4485 CVE-2015-4486 CVE-2015-4506 +12 more Upstream summary: WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Chrome before 7.0.517.44, […]
🟡 Medium ⏱ 10–30 min Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read • Source: Debian Security Tracker Related CVEs: CVE-2020-17497 CVE-2020-8689 CVE-2023-52161 CVE-2024-28084 Upstream summary: eapol.c in iNet wireless daemon (IWD) through 1.8 allows attackers to trigger a PTK reinstallation by retransmitting EAPOL Msg4/4. Table of contents […]
🟢 Low ⏱ 5–15 min Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read • Source: Debian Security Tracker Related CVEs: CVE-2022-2553 CVE-2024-3049 Upstream summary: The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes […]
🟢 Low ⏱ 5–15 min Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read • Source: Debian Security Tracker Related CVEs: CVE-2022-31163 Upstream summary: TZInfo is a Ruby library that provides access to time zone data and allows times to be converted using time zone rules. Versions prior to 0.36.1, […]
🟢 Low ⏱ 5–15 min Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read • Source: Debian Security Tracker Related CVEs: CVE-2022-47021 Upstream summary: A null pointer dereference issue was discovered in functions op_get_data and op_open1 in opusfile.c in xiph opusfile 0.9 thru 0.12 allows attackers to cause denial […]
🟡 Medium ⏱ 10–30 min Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read • Source: Debian Security Tracker Related CVEs: CVE-2018-10243 CVE-2019-17420 CVE-2024-23837 CVE-2024-28871 CVE-2024-45797 CVE-2025-53537 Upstream summary: htp_parse_authorization_digest in htp_parsers.c in LibHTP 0.5.26 allows remote attackers to cause a heap-based buffer over-read via an authorization digest header. […]
Progressive Robot: Your Gateway to Comprehensive IT Solutions — Specializing in Web Development, Mobile App Development, and Expert IT Services.
© All Copyright by Progressiverobot.com
VAT Number ( 506152326 )
