This page lists packages that may or may not be affected by known issues. This means that some additional work needs to be done to determined whether the package is actually vulnerable or not. This list is a good area for new contributors to make quick and meaningful contributions.
| Package | Bug | Description | Releases |
|---|---|---|---|
| apt-cacher-ng | CVE-2025-11147 | Reflected cross-site scripting (XSS) in Apt-Cacher-NG v3.2.1. The vuln ... | bookworm, bullseye, forky, sid, trixie |
| ffmpeg | CVE-2025-59729 | When parsing the header for a DHAV file, there's an integer underflow ... | bookworm, bullseye, forky, sid, trixie |
| CVE-2025-59730 | When decoding a frame for a SANM file (ANIM v0 variant), the decoded d ... | bookworm, bullseye, forky, sid, trixie | |
| CVE-2025-59731 | When decoding an OpenEXR file that uses DWAA or DWAB compression, the ... | bookworm, bullseye, forky, sid, trixie | |
| CVE-2025-59732 | When decoding an OpenEXR file that uses DWAA or DWAB compression, ther ... | bookworm, bullseye, forky, sid, trixie | |
| CVE-2025-59733 | When decoding an OpenEXR file that uses DWAA or DWAB compression, ther ... | bookworm, bullseye, forky, sid, trixie | |
| CVE-2025-59734 | It is possible to cause an use-after-free write in SANM decoding with ... | bookworm, bullseye, forky, sid, trixie | |
| jhead | CVE-2025-44906 | jhead v3.08 was discovered to contain a heap-use-after-free via the Pr ... | bookworm, bullseye, forky, sid, trixie |
| kgb-bot | CVE-2015-1554 | kgb-bot 1.33-2 allows remote attackers to cause a denial of service (c ... | bookworm, bullseye, forky, sid, trixie |
| libpodofo | CVE-2025-46205 | A heap-use-after free in the PdfTokenizer::ReadDictionary function of ... | bookworm, bullseye, forky, sid, trixie |
| linux | CVE-2020-0347 | In iptables, there is a possible out of bounds write due to an incorre ... | bookworm, bullseye, forky, sid, trixie |
| pam | CVE-2025-8941 | A flaw was found in linux-pam. The pam_namespace module may improperly ... | bookworm, bullseye, forky, sid, trixie |
| wordpress | CVE-2019-8943 | WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An a ... | bookworm, bullseye, forky, sid, trixie |