Systemd Services

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-2510 Upstream summary: BeanShell (bsh) before 2.0b6, when included on the classpath by an application that uses Java serialization or XStream, allows remote attackers to execute arbitrary code […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2015-1833 CVE-2016-6801 CVE-2023-37895 CVE-2025-53689 CVE-2025-58782 Upstream summary: XML external entity (XXE) vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2025-11017 Upstream summary: A vulnerability was detected in OGRECave Ogre up to 14.4.1. The impacted element is the function Ogre::LogManager::stream of the file /ogre/OgreMain/src/OgreLogManager.cpp. Performing manipulation of the […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 10 (buster) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2022-1664 Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage Step-by-Step Diagnosis Solution – Primary Fix Solution – Alternative Approaches Verification & Acceptance […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2014-0074 CVE-2016-4437 CVE-2016-6802 CVE-2019-12422 CVE-2020-11989 CVE-2020-13933 CVE-2020-17510 CVE-2020-1957  +9 more Upstream summary: Apache Shiro 1.x before 1.2.3, when using an LDAP server with unauthenticated bind enabled, allows remote […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2002-0901 CVE-2016-10729 CVE-2016-10730 CVE-2022-37703 CVE-2022-37704 CVE-2022-37705 CVE-2023-30577 Upstream summary: Multiple buffer overflows in Advanced Maryland Automatic Network Disk Archiver (AMANDA) 2.3.0.4 allow (1) remote attackers to execute arbitrary […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2017-7178 CVE-2017-9031 CVE-2021-3427 Upstream summary: CSRF was discovered in the web UI in Deluge before 1.3.14. The exploitation methodology involves (1) hosting a crafted plugin that executes an […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2022-40983 CVE-2022-43591 CVE-2025-12385 Upstream summary: An integer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2018-1084 CVE-2025-30472 CVE-2026-35091 CVE-2026-35092 Upstream summary: corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c. Table of contents Symptom & Impact Environment & Reproduction Root […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2020-25614 Upstream summary: xmlquery before 1.3.1 lacks a check for whether a LoadURL response is in the XML format, which allows attackers to cause a denial of service […]