This page lists packages that may or may not be affected by known issues. This means that some additional work needs to be done to determined whether the package is actually vulnerable or not. This list is a good area for new contributors to make quick and meaningful contributions.
| Package | Bug | Description | Releases |
|---|---|---|---|
| angular.js | CVE-2026-27970 | Angular is a development platform for building mobile and desktop web ... | bookworm, bullseye, forky, sid, trixie |
| CVE-2026-32635 | Angular is a development platform for building mobile and desktop web ... | bookworm, bullseye, forky, sid, trixie | |
| apt-cacher-ng | CVE-2025-11147 | Reflected cross-site scripting (XSS) in Apt-Cacher-NG v3.2.1. The vuln ... | bookworm, bullseye, forky, sid, trixie |
| clamav | CVE-2020-37167 | ClamAV versions prior to 0.103.0-rc contain a vulnerability in functio ... | bookworm, bullseye, forky, sid, trixie |
| codeblocks | CVE-2020-37038 | Code Blocks 20.03 contains a denial of service vulnerability that allo ... | bookworm, bullseye, forky, sid, trixie |
| CVE-2020-37040 | Code Blocks 17.12 contains a local buffer overflow vulnerability that ... | bookworm, bullseye, forky, sid, trixie | |
| CVE-2020-37121 | CODE::BLOCKS 16.01 contains a buffer overflow vulnerability that allow ... | bookworm, bullseye, forky, sid, trixie | |
| dokuwiki | CVE-2019-25338 | DokuWiki 2018-04-22b contains a username enumeration vulnerability in ... | bookworm, bullseye, forky, sid, trixie |
| CVE-2026-26477 | An issue in Dokuwiki v.2025-05-14b 'Librarian' allows a remote attacke ... | bookworm, bullseye, forky, sid, trixie | |
| fastdds | CVE-2025-65865 | An integer overflow in eProsima Fast-DDS v3.3 allows attackers to caus ... | bookworm, bullseye, forky, sid, trixie |
| CVE-2025-67108 | eProsima Fast-DDS v3.3 was discovered to contain improper validation f ... | bookworm, bullseye, forky, sid, trixie | |
| gnome-font-viewer | CVE-2020-37011 | Gnome Fonts Viewer 3.34.0 contains a heap corruption vulnerability tha ... | bookworm, bullseye, forky, sid, trixie |
| gsoap | CVE-2019-25355 | gSOAP 2.8 contains a directory traversal vulnerability that allows una ... | bookworm, bullseye, forky, sid, trixie |
| hdf5 | CVE-2026-26200 | HDF5 is software for managing data. Prior to version 1.14.4-2, an atta ... | bookworm, bullseye, forky, sid, trixie |
| icingaweb2 | CVE-2022-50942 | Incinga Web 2.8.2 contains a client-side cross-site scripting vulnerab ... | bookworm, bullseye, forky, sid, trixie |
| kgb-bot | CVE-2015-1554 | kgb-bot 1.33-2 allows remote attackers to cause a denial of service (c ... | bookworm, bullseye, forky, sid, trixie |
| libskia | CVE-2025-32318 | In Skia, there is a possible out of bounds write due to a heap buffer ... | forky, sid |
| linux | CVE-2020-0347 | In iptables, there is a possible out of bounds write due to an incorre ... | bookworm, bullseye, forky, sid, trixie |
| monit | CVE-2020-36968 | M/Monit 3.7.4 contains an authentication vulnerability that allows aut ... | bookworm, bullseye, forky, sid, trixie |
| CVE-2020-36969 | M/Monit 3.7.4 contains a privilege escalation vulnerability that allow ... | bookworm, bullseye, forky, sid, trixie | |
| node-webfont | CVE-2023-26920 | fast-xml-parser before 4.1.2 allows __proto__ for Prototype Pollution. | bookworm, forky, sid, trixie |
| CVE-2026-25896 | fast-xml-parser allows users to validate XML, parse XML to JS object, ... | bookworm, forky, sid, trixie | |
| CVE-2026-26278 | fast-xml-parser allows users to validate XML, parse XML to JS object, ... | bookworm, forky, sid, trixie | |
| CVE-2026-27942 | fast-xml-parser allows users to validate XML, parse XML to JS object, ... | bookworm, forky, sid, trixie | |
| CVE-2026-33036 | fast-xml-parser allows users to process XML from JS object without C/C ... | bookworm, forky, sid, trixie | |
| CVE-2026-33349 | fast-xml-parser allows users to process XML from JS object without C/C ... | bookworm, forky, sid, trixie | |
| pam | CVE-2025-8941 | A flaw was found in linux-pam. The pam_namespace module may improperly ... | bookworm, bullseye, forky, sid, trixie |
| phppgadmin | CVE-2025-60796 | phpPgAdmin 7.13.0 and earlier contains multiple cross-site scripting ( ... | forky, sid, trixie |
| CVE-2025-60797 | phpPgAdmin 7.13.0 and earlier contains a SQL injection vulnerability i ... | forky, sid, trixie | |
| CVE-2025-60798 | phpPgAdmin 7.13.0 and earlier contains a SQL injection vulnerability i ... | forky, sid, trixie | |
| CVE-2025-60799 | phpPgAdmin 7.13.0 and earlier contains an incorrect access control vul ... | forky, sid, trixie | |
| redir | CVE-2020-37182 | Redir 3.3 contains a stack overflow vulnerability in the doproxyconnec ... | bookworm, bullseye, forky, sid, trixie |
| telegram-desktop | CVE-2021-47793 | Telegram Desktop 2.9.2 contains a denial of service vulnerability that ... | bookworm, bullseye, forky, sid |
| wordpress | CVE-2019-8943 | WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An a ... | bookworm, bullseye, forky, sid, trixie |
| xwpe | CVE-2016-20037 | xwpe 1.5.30a-2.1 and prior contains a stack-based buffer overflow vuln ... | bookworm, bullseye, sid, trixie |
| yasr | CVE-2016-20041 | Yasr 0.6.9-5 contains a buffer overflow vulnerability that allows loca ... | bookworm, bullseye, forky, sid, trixie |
| ytree | CVE-2016-20038 | yTree 1.94-1.1 contains a stack-based buffer overflow vulnerability th ... | bookworm, bullseye, sid, trixie |