This page lists packages that may or may not be affected by known issues. This means that some additional work needs to be done to determined whether the package is actually vulnerable or not. This list is a good area for new contributors to make quick and meaningful contributions.
| Package | Bug | Description | Releases |
|---|---|---|---|
| chromium-browser | CVE-2008-5749 | ** DISPUTED ** ... | jessie, sid, squeeze, wheezy |
| CVE-2009-3011 | Google Chrome 1.0.154.48 and earlier, 2.0.172.28, 2.0.172.37, and ... | jessie, sid, squeeze, wheezy | |
| CVE-2010-2120 | Google Chrome 1.0.154.48 allows remote attackers to cause a denial of ... | jessie, sid, squeeze, wheezy | |
| collabtive | CVE-2010-5285 | Cross-site request forgery (CSRF) vulnerability in admin.php in ... | jessie, sid, wheezy |
| cyassl | CVE-2014-6478 | Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, ... | sid |
| gksu | CVE-2014-2886 | GKSu 2.0.2, when sudo-mode is not enabled, uses " (double quote) ... | jessie, sid, squeeze, wheezy |
| glassfish | CVE-2012-3155 | Unspecified vulnerability in the CORBA ORB component in Sun GlassFish ... | jessie, sid, squeeze, wheezy |
| CVE-2013-3827 | Unspecified vulnerability in the Oracle GlassFish Server component in ... | jessie, sid, squeeze, wheezy | |
| CVE-2013-5816 | Unspecified vulnerability in the Oracle GlassFish Server component in ... | jessie, sid, squeeze, wheezy | |
| glusterfs | CVE-2012-5635 | The GlusterFS functionality in Red Hat Storage Management Console 2.0, ... | jessie, sid, squeeze, wheezy |
| gnome-online-accounts | CVE-2013-1799 | Gnome Online Accounts (GOA) 3.6.x before 3.6.3 and 3.7.x before ... | jessie, sid, wheezy |
| kfreebsd-10 | CVE-2014-7250 | The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly ... | jessie, sid, squeeze, wheezy, wheezy |
| libx11 | CVE-2006-0197 | The XClientMessageEvent struct used in certain components of X.Org ... | jessie, sid, squeeze, wheezy |
| mojarra | CVE-2011-4367 | Multiple directory traversal vulnerabilities in MyFaces JavaServer ... | jessie, sid, squeeze, wheezy |
| monitoring-plugins | CVE-2013-4215 | The IPXPING_COMMAND in contrib/check_ipxping.c in Nagios Plugins ... | jessie, sid |
| CVE-2014-4701 | The check_dhcp plugin in Nagios Plugins before 2.0.2 allows local ... | jessie, sid | |
| CVE-2014-4702 | The check_icmp plugin in Nagios Plugins before 2.0.2 allows local ... | jessie, sid | |
| CVE-2014-4703 | lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain ... | jessie, sid | |
| movabletype-opensource | CVE-2014-5313 | Cross-site scripting (XSS) vulnerability in the management page in Six ... | wheezy |
| openjdk-6 | CVE-2008-3112 | Directory traversal vulnerability in Sun Java Web Start in JDK and JRE ... | sid, squeeze, wheezy |
| CVE-2009-2675 | Integer overflow in the unpack200 utility in Sun Java Runtime ... | sid, squeeze, wheezy | |
| CVE-2009-2676 | Unspecified vulnerability in JNLPAppletlauncher in Sun Java SE, and SE ... | sid, squeeze, wheezy | |
| percona-xtradb-cluster-5.5 | CVE-2014-4274 | Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier ... | sid |
| CVE-2014-4287 | Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier ... | sid | |
| CVE-2014-6463 | Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier ... | sid | |
| CVE-2014-6464 | Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier ... | sid | |
| CVE-2014-6469 | Unspecified vulnerability in Oracle MySQL Server 5.5.39 and eariler ... | sid | |
| CVE-2014-6478 | Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, ... | sid | |
| CVE-2014-6484 | Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, ... | sid | |
| CVE-2014-6491 | Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier ... | sid | |
| CVE-2014-6494 | Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, ... | sid | |
| CVE-2014-6495 | Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, ... | sid | |
| CVE-2014-6496 | Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, ... | sid | |
| CVE-2014-6500 | Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, ... | sid | |
| CVE-2014-6505 | Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, ... | sid | |
| CVE-2014-6507 | Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, ... | sid | |
| CVE-2014-6520 | Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier ... | sid | |
| CVE-2014-6530 | Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, ... | sid | |
| CVE-2014-6551 | Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier ... | sid | |
| CVE-2014-6555 | Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier ... | sid | |
| CVE-2014-6559 | Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, ... | sid | |
| CVE-2014-6568 | Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, ... | sid | |
| CVE-2015-0374 | Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier ... | sid | |
| CVE-2015-0381 | Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier ... | sid | |
| CVE-2015-0382 | Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier ... | sid | |
| CVE-2015-0385 | Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier ... | sid | |
| CVE-2015-0391 | Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, ... | sid | |
| CVE-2015-0409 | Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier ... | sid | |
| CVE-2015-0411 | Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, ... | sid | |
| CVE-2015-0432 | Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier ... | sid | |
| sqlite3 | TEMP-0000000-881E20 | Crashes due to fuzzed input | jessie, sid, squeeze, wheezy |
| squid | CVE-2015-0881 | CRLF injection vulnerability in Squid before 3.1.10 allows remote ... | sid, squeeze, wheezy |
| TEMP-0776464-3CD5D8 | Digest authentification never replay Ldap requests | sid, squeeze, wheezy | |
| squid3 | CVE-2015-0881 | CRLF injection vulnerability in Squid before 3.1.10 allows remote ... | jessie, sid, squeeze, wheezy |
| xulrunner | CVE-2009-1597 | Mozilla Firefox executes DOM calls in response to a javascript: URI in ... | wheezy |
| CVE-2009-2065 | Mozilla Firefox 3.0.10, and possibly other versions, detects http ... | wheezy | |
| CVE-2009-4129 | Race condition in Mozilla Firefox allows remote attackers to produce a ... | wheezy | |
| CVE-2009-4130 | Visual truncation vulnerability in the MakeScriptDialogTitle function ... | wheezy | |
| CVE-2009-5017 | Mozilla Firefox before 3.6 Beta 3 does not properly handle overlong ... | wheezy | |
| xulrunner | CVE-2010-0648 | Mozilla Firefox, possibly before 3.6, allows remote attackers to ... | wheezy |