Operations

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2013-2503 CVE-2015-1030 CVE-2015-1031 CVE-2015-1380 CVE-2015-1381 CVE-2015-1382 CVE-2016-1982 CVE-2016-1983  +12 more Upstream summary: Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2026-44544 Upstream summary: gittuf is a platform-agnostic Git security system. Prior to 0.14.0, an attacker with push access to gittuf's Reference State Log (RSL) can roll back the current […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2012-0215 CVE-2014-6633 CVE-2015-0861 CVE-2016-1241 CVE-2016-1242 CVE-2017-0360 CVE-2019-10868 CVE-2022-26661  +4 more Upstream summary: model/modelstorage.py in the Tryton application framework (trytond) before 2.4.0 for Python does not properly restrict access […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2005-2966 CVE-2006-1550 CVE-2006-2453 CVE-2006-2480 CVE-2008-5984 CVE-2019-19451 Upstream summary: The Python SVG import plugin (diasvg_import.py) for DIA 0.94 and earlier allows user-assisted attackers to execute arbitrary commands via a […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2023-22895 Upstream summary: The bzip2 crate before 0.4.4 for Rust allow attackers to cause a denial of service via a large file that triggers an integer overflow in […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2006-0635 CVE-2018-20374 CVE-2018-20375 CVE-2018-20376 CVE-2019-12495 CVE-2019-9754 Upstream summary: Tiny C Compiler (TCC) 0.9.23 (aka TinyCC) evaluates the "i>sizeof(int)" expression to false when i equals -1, which might introduce […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2002-1215 CVE-2005-2231 CVE-2006-3121 CVE-2006-3815 CVE-2009-3736 Upstream summary: Multiple format string vulnerabilities in heartbeat 0.4.9 and earlier (claimed as buffer overflows in some sources) allow remote attackers to execute […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-7608 Upstream summary: yargs-parser could be tricked into adding or modifying properties of Object.prototype using a "__proto__" payload. Table of contents Symptom & Impact Environment & Reproduction Root Cause […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2008-1925 CVE-2012-1836 CVE-2012-6696 CVE-2012-6697 CVE-2015-6674 CVE-2015-8702 CVE-2016-7142 CVE-2019-20917  +2 more Upstream summary: Buffer overflow in InspIRCd before 1.1.18, when using the namesx and uhnames modules, allows remote attackers […]