This page lists packages that may or may not be affected by known issues. This means that some additional work needs to be done to determined whether the package is actually vulnerable or not. This list is a good area for new contributors to make quick and meaningful contributions.
| Package | Bug | Description | Releases |
|---|---|---|---|
| ceph | CVE-2022-3854 | possible DoS issue in ceph URL processing on RGW backends | bookworm, bullseye, buster, sid |
| consul | CVE-2022-3920 | HashiCorp Consul and Consul Enterprise 1.13.0 up to 1.13.3 do not filt ... | bullseye, buster, sid |
| dogtag-pki | CVE-2022-2393 | A flaw was found in pki-core, which could allow a user to get a certif ... | bullseye, sid |
| gpac | CVE-2022-4202 | A vulnerability, which was classified as problematic, was found in GPA ... | bookworm, bullseye, buster, sid |
| hdf5 | CVE-2018-11205 | A out of bounds read was discovered in H5VM_memcpyvv in H5VM.c in the ... | bookworm, bullseye, buster, sid |
| CVE-2019-8396 | A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF HDF5 ... | bookworm, bullseye, buster, sid | |
| CVE-2019-8398 | An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ... | bookworm, bullseye, buster, sid | |
| kfreebsd-10 | CVE-2014-7250 | The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly ... | buster, sid |
| kgb-bot | CVE-2015-1554 | kgb-bot 1.33-2 allows remote attackers to cause a denial of service (c ... | bookworm, bullseye, buster, sid |
| libpng1.6 | CVE-2022-3857 | Null pointer dereference leads to segmentation fault | bookworm, bullseye, buster, sid |
| libxstream-java | CVE-2022-40151 | Those using Xstream to seralize XML data may be vulnerable to Denial o ... | bookworm, bullseye, buster, sid |
| CVE-2022-40152 | Those using Woodstox to parse XML data may be vulnerable to Denial of ... | bookworm, bullseye, buster, sid | |
| linux | CVE-2020-0347 | In iptables, there is a possible out of bounds write due to an incorre ... | bookworm, bullseye, buster, sid |
| CVE-2020-26140 | An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for ... | bookworm, bullseye, buster, sid | |
| CVE-2020-26142 | An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WP ... | bookworm, bullseye, buster, sid | |
| CVE-2020-26143 | An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for ... | bookworm, bullseye, buster, sid | |
| CVE-2022-36402 | An integer overflow vulnerability was found in vmwgfx driver in driver ... | bookworm, bullseye, buster, sid | |
| pluxml | CVE-2007-3432 | Unrestricted file upload vulnerability in admin/images.php in Pluxml 0 ... | buster |
| CVE-2007-3542 | Cross-site scripting (XSS) vulnerability in admin/auth.php in Pluxml 0 ... | buster | |
| CVE-2012-4674 | PluXml before 5.1.6 allows remote attackers to obtain the installation ... | buster | |
| CVE-2012-4675 | Cross-site scripting (XSS) vulnerability in PluXml 5.1.6 allows remote ... | buster | |
| wordpress | CVE-2018-1000773 | WordPress version 4.9.8 and earlier contains a CWE-20 Input Validation ... | bookworm, bullseye, buster, sid |
| CVE-2019-8943 | WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An a ... | bookworm, bullseye, buster, sid | |
| zabbix | CVE-2021-46088 | Zabbix 4.0 LTS, 4.2, 4.4, and 5.0 LTS is vulnerable to Remote Code Exe ... | bookworm, bullseye, buster, sid |