Operations

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2009-3300 CVE-2009-3474 CVE-2009-3475 CVE-2009-3476 CVE-2019-19191 CVE-2021-28963 CVE-2021-31826 CVE-2025-9943 Upstream summary: Multiple cross-site scripting (XSS) vulnerabilities in the Identity Provider (IdP) 1.3.x before 1.3.4 and 2.x before 2.1.5, and […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-2625 Upstream summary: It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2025-48924 Upstream summary: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.commons:commons-lang3 3.0 before 3.18.0. The methods ClassUtils.getClass(…) […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2015-0283 CVE-2021-3480 Upstream summary: The slapi-nis plug-in before 0.54.2 does not properly reallocate memory when processing user accounts, which allows remote attackers to cause a denial of service […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2005-3535 Upstream summary: Buffer overflow in KETM 0.0.6 allows local users to execute arbitrary code via unknown vectors. Table of contents Symptom & Impact Environment & Reproduction Root […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2008-4952 Upstream summary: emacs-jabber in emacs-jabber 0.7.91 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.log temporary file. Table of contents Symptom & […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2005-3540 Upstream summary: Buffer overflow in petris before 1.0.1 allows remote attackers to execute arbitrary code via unspecified attack vectors. Table of contents Symptom & Impact Environment & […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-35863 CVE-2021-21299 CVE-2021-32714 CVE-2021-32715 CVE-2022-31394 Upstream summary: An issue was discovered in the hyper crate before 0.12.34 for Rust. HTTP request smuggling can occur. Remote code execution can […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-11988 Upstream summary: Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2019-15758 CVE-2019-15759 CVE-2019-7151 CVE-2019-7152 CVE-2019-7153 CVE-2019-7154 CVE-2019-7662 CVE-2019-7700  +12 more Upstream summary: An issue was discovered in Binaryen 1.38.32. Missing validation rules in asmjs/asmangle.cpp can lead to an […]