This page lists packages that may or may not be affected by known issues. This means that some additional work needs to be done to determined whether the package is actually vulnerable or not. This list is a good area for new contributors to make quick and meaningful contributions.
| Package | Bug | Description | Releases |
|---|---|---|---|
| apt-cacher-ng | CVE-2025-11147 | Reflected cross-site scripting (XSS) in Apt-Cacher-NG v3.2.1. The vuln ... | bookworm, bullseye, forky, sid, trixie |
| condor | CVE-2025-66433 | HTCondor Access Point before 25.3.1 allows an authenticated user to im ... | forky, sid, trixie |
| kgb-bot | CVE-2015-1554 | kgb-bot 1.33-2 allows remote attackers to cause a denial of service (c ... | bookworm, bullseye, forky, sid, trixie |
| linux | CVE-2020-0347 | In iptables, there is a possible out of bounds write due to an incorre ... | bookworm, bullseye, forky, sid, trixie |
| pam | CVE-2025-8941 | A flaw was found in linux-pam. The pam_namespace module may improperly ... | bookworm, bullseye, forky, sid, trixie |
| php-horde-groupware | CVE-2025-41066 | Horde Groupware v5.2.22 has a user enumeration vulnerability that allo ... | bookworm, bullseye, sid |
| phppgadmin | CVE-2025-60796 | phpPgAdmin 7.13.0 and earlier contains multiple cross-site scripting ( ... | forky, sid, trixie |
| CVE-2025-60797 | phpPgAdmin 7.13.0 and earlier contains a SQL injection vulnerability i ... | forky, sid, trixie | |
| CVE-2025-60798 | phpPgAdmin 7.13.0 and earlier contains a SQL injection vulnerability i ... | forky, sid, trixie | |
| CVE-2025-60799 | phpPgAdmin 7.13.0 and earlier contains an incorrect access control vul ... | forky, sid, trixie | |
| undertow | CVE-2024-3884 | A flaw was found in Undertow that can cause remote denial of service a ... | forky, sid |
| wordpress | CVE-2019-8943 | WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An a ... | bookworm, bullseye, forky, sid, trixie |