Systemd Services

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2008-7315 Upstream summary: UI-Dialog 1.09 and earlier allows remote attackers to execute arbitrary commands. Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2012-3417 Upstream summary: The good_client function in rquotad (rquota_svc.c) in Linux DiskQuota (aka quota) before 3.17 invokes the hosts_ctl function the first time without a host name, which […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2004-0042 CVE-2004-2259 CVE-2011-0762 CVE-2011-2189 CVE-2015-1419 CVE-2021-3618 Upstream summary: vsftpd 1.1.3 generates different error messages depending on whether or not a valid username exists, which allows remote attackers to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2011-3389 CVE-2014-3566 Upstream summary: The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2025-9288 Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage Step-by-Step Diagnosis Solution – Primary Fix Solution – Alternative Approaches Verification & Acceptance Criteria […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2007-3231 Upstream summary: Buffer overflow in MeCab before 0.96 has unknown impact and attack vectors. Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2025-9375 Upstream summary: XML Injection vulnerability in xmltodict allows Input Data Manipulation. This issue affects xmltodict: from 0.14.2 before 0.15.1. NOTE: the scope of this CVE is disputed by […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-3697 CVE-2016-9962 CVE-2019-16884 CVE-2019-19921 CVE-2019-5736 CVE-2021-30465 CVE-2021-43784 CVE-2022-29162  +8 more Upstream summary: libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2002-1563 CVE-2003-0740 CVE-2008-2420 CVE-2011-2940 CVE-2013-1762 CVE-2015-3644 CVE-2021-20230 Upstream summary: stunnel 4.0.3 and earlier allows attackers to cause a denial of service (crash) via SIGCHLD signal handler race conditions […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2009-0784 CVE-2009-2911 CVE-2009-4273 CVE-2010-0411 CVE-2010-0412 CVE-2010-4170 CVE-2010-4171 CVE-2011-1769  +4 more Upstream summary: Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr […]