Troubleshooting

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2012-6612 CVE-2013-6397 CVE-2013-6407 CVE-2013-6408 CVE-2017-12629 CVE-2017-3163 CVE-2017-3164 CVE-2018-1308  +9 more Upstream summary: The (1) UpdateRequestHandler for XSLT or (2) XPathEntityProcessor in Apache Solr before 4.1 allows remote attackers […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-4249 Upstream summary: A vulnerability was found in xml-conduit. It has been classified as problematic. Affected is an unknown function of the file xml-conduit/src/Text/XML/Stream/Parse.hs of the component DOCTYPE Entity […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2013-6629 CVE-2013-6630 CVE-2014-9092 CVE-2016-3616 CVE-2017-15232 CVE-2018-11212 CVE-2018-11213 CVE-2018-11214  +9 more Upstream summary: The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-42576 Upstream summary: The bluemonday sanitizer before 1.0.16 for Go, and before 0.0.8 for Python (in pybluemonday), does not properly enforce policies associated with the SELECT, STYLE, and OPTION […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2014-0074 CVE-2016-4437 CVE-2016-6802 CVE-2019-12422 CVE-2020-11989 CVE-2020-13933 CVE-2020-17510 CVE-2020-1957  +9 more Upstream summary: Apache Shiro 1.x before 1.2.3, when using an LDAP server with unauthenticated bind enabled, allows remote […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2005-0509 CVE-2006-5072 CVE-2006-6104 CVE-2007-5197 CVE-2008-3422 CVE-2008-3906 CVE-2009-0217 CVE-2009-0689  +10 more Upstream summary: Multiple cross-site scripting (XSS) vulnerabilities in the Mono 1.0.5 implementation of ASP.NET (.Net) allow remote attackers […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 13 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-9181 Upstream summary: perl-Image-Info: When parsing an SVG file, external entity expansion (XXE) was not disabled. An attacker could craft an SVG file which, when processed by an application […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2006-3467 CVE-2006-3739 CVE-2006-3740 CVE-2007-1351 CVE-2007-1352 CVE-2007-5199 CVE-2008-0006 CVE-2011-2895  +10 more Upstream summary: Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2016-2312 CVE-2018-6790 CVE-2018-6791 CVE-2024-36041 Upstream summary: Turning all screens off in Plasma-workspace and kscreenlocker while the lock screen is shown can result in the screen being unlocked when […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 11 (bullseye) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2014-6393 CVE-2024-10491 CVE-2024-29041 CVE-2024-43796 Upstream summary: The Express web framework before 3.11 and 4.x before 4.5 for Node.js does not provide a charset field in HTTP Content-Type headers […]