Security Hardening

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-33813 Upstream summary: An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request. Table of contents […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-37231 CVE-2021-37232 Upstream summary: A stack-buffer-overflow occurs in Atomicparsley 20210124.204813.840499f through APar_readX() in src/util.cpp while parsing a crafted mp4 file because of the missing boundary check. Table of […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2001-1034 CVE-2002-1049 CVE-2002-1050 CVE-2003-0886 CVE-2004-1182 CVE-2005-3069 CVE-2005-3070 CVE-2005-3538  +3 more Upstream summary: Format string vulnerability in Hylafax on FreeBSD allows local users to execute arbitrary code via format […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2025-29364 CVE-2025-29365 Upstream summary: spimsimulator spim v9.1.24 and before is vulnerable to Buffer Overflow in the READ_SYSCALL and WRITE_SYSCALL system calls. The application verifies the legitimacy of the […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-25694 CVE-2020-25695 CVE-2020-25696 CVE-2021-20229 CVE-2021-23214 CVE-2021-23222 CVE-2021-32027 CVE-2021-32028  +12 more Upstream summary: A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2007-6721 CVE-2011-3389 CVE-2013-0169 CVE-2013-1624 CVE-2015-6644 CVE-2015-7940 CVE-2016-1000338 CVE-2016-1000339  +12 more Upstream summary: The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2014-0012 CVE-2014-1402 CVE-2016-10745 CVE-2019-10906 CVE-2019-8341 CVE-2020-28493 CVE-2024-22195 CVE-2024-34064  +3 more Upstream summary: FileSystemBytecodeCache in Jinja2 2.7.2 does not properly create temporary directories, which allows local users to gain […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2023-38313 CVE-2023-38314 CVE-2023-38315 CVE-2023-38316 CVE-2023-38317 CVE-2023-38318 CVE-2023-38319 CVE-2023-38320  +7 more Upstream summary: An issue was discovered in OpenNDS Captive Portal before 10.1.2. it has a do_binauth NULL pointer […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2009-0115 CVE-2022-41973 CVE-2022-41974 Upstream summary: The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2009-4411 Upstream summary: The (1) setfacl and (2) getfacl commands in XFS acl 2.2.47, when running in recursive (-R) mode, follow symbolic links even when the –physical (aka […]