Security Hardening

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2004-0422 Upstream summary: flim before 1.14.3 creates temporary files insecurely, which allows local users to overwrite arbitrary files of the Emacs user via a symlink attack. Table of […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2007-4739 Upstream summary: reprepro 1.3.0 through 2.2.3 does not properly verify signatures when updating repositories, which allows remote attackers to construct and distribute an ostensibly valid Release.gpg file […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2018-1056 CVE-2019-8379 CVE-2019-8383 CVE-2019-9210 CVE-2022-35014 CVE-2022-35015 CVE-2022-35016 CVE-2022-35017  +4 more Upstream summary: An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-5645 CVE-2020-9488 CVE-2021-44228 CVE-2021-44832 CVE-2021-45046 CVE-2021-45105 CVE-2025-68161 CVE-2026-34479  +2 more Upstream summary: In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2002-1391 CVE-2002-1392 CVE-2003-0516 CVE-2003-0517 CVE-2008-4936 CVE-2018-16741 CVE-2018-16742 CVE-2018-16743  +4 more Upstream summary: Buffer overflow in cnd-program for mgetty before 1.1.29 allows remote attackers to cause a denial of […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2018-16790 CVE-2021-32050 CVE-2023-0437 CVE-2024-6381 CVE-2024-6383 CVE-2025-0755 CVE-2025-12119 CVE-2025-14911  +4 more Upstream summary: _bson_iter_next_internal in bson-iter.c in libbson 1.12.0, as used in MongoDB mongo-c-driver and other products, has a […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2002-0914 CVE-2002-1311 CVE-2003-0040 CVE-2004-0224 CVE-2004-0591 CVE-2004-0777 CVE-2004-2313 CVE-2005-1308  +7 more Upstream summary: Double Precision Courier e-mail MTA allows remote attackers to cause a denial of service (CPU consumption) […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2005-3524 CVE-2007-6263 CVE-2008-4247 Upstream summary: Buffer overflow in the SSL-ready version of linux-ftpd (linux-ftpd-ssl) 0.17 allows remote attackers to execute arbitrary code by creating a long directory name, […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2014-4040 Upstream summary: snap in powerpc-utils 1.2.20 produces an archive with fstab and yaboot.conf files potentially containing cleartext passwords, and lacks a warning about reviewing this archive to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2011-4356 CVE-2021-23727 Upstream summary: Celery 2.1 and 2.2 before 2.2.8, 2.3 before 2.3.4, and 2.4 before 2.4.4 changes the effective id but not the real id during processing […]