Systemd Services

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-1000376 Upstream summary: libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2024-55564 Upstream summary: The POSIX::2008 package before 0.24 for Perl has a potential _execve50c env buffer overflow. Table of contents Symptom & Impact Environment & Reproduction Root Cause […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-1000426 Upstream summary: MapProxy version 1.10.3 and older is vulnerable to a Cross Site Scripting attack in the demo service resulting in possible information disclosure. Table of contents Symptom […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2004-0188 Upstream summary: Heap-based buffer overflow in Calife 2.8.5 and earlier may allow local users to execute arbitrary code via a long password. Table of contents Symptom & […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2022-27811 Upstream summary: GNOME OCRFeeder before 0.8.4 allows OS command injection via shell metacharacters in a PDF or image filename. Table of contents Symptom & Impact Environment & […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-11546 CVE-2017-11547 CVE-2017-11549 Upstream summary: The insert_note_steps function in readmidi.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-23351 CVE-2021-23409 Upstream summary: The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service (DoS) via the parseVersion1() function. The reader in this package is a default […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-11590 CVE-2018-10733 CVE-2018-10767 Upstream summary: There is a NULL pointer dereference in the caseless_hash function in gxps-archive.c in libgxps 0.2.5. A crafted input will lead to a remote […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2007-4739 Upstream summary: reprepro 1.3.0 through 2.2.3 does not properly verify signatures when updating repositories, which allows remote attackers to construct and distribute an ostensibly valid Release.gpg file […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-1000487 CVE-2022-4244 CVE-2022-4245 CVE-2025-67030 Upstream summary: Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings. Table of […]