This page lists packages that are affected by issues that are considered unimportant from a security perspective. These issues are thought to be unexploitable or uneffective in most situations (for example, browser denial-of-services).
| Package | Bug | Description | Releases |
|---|---|---|---|
| 389-ds-base | CVE-2016-5416 | 389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, ... | bookworm, bullseye, sid, trixie |
| 7zip | CVE-2022-47111 | 7-Zip 22.01 does not report an error for certain invalid xz files, inv ... | bookworm, sid, trixie |
| CVE-2022-47112 | 7-Zip 22.01 does not report an error for certain invalid xz files, inv ... | bookworm, sid, trixie | |
| CVE-2024-11612 | 7-Zip CopyCoder Infinite Loop Denial-of-Service Vulnerability. This vu ... | bookworm | |
| 9base | CVE-2014-1935 | 9base 1:6-6 and 1:6-7 insecurely creates temporary files which results ... | bookworm, bullseye, sid, trixie |
| abcm2ps | CVE-2021-32434 | abcm2ps v8.14.11 was discovered to contain an out-of-bounds read in th ... | bullseye |
| CVE-2021-32436 | An out-of-bounds read in the function write_title() in subs.c of abcm2 ... | bullseye | |
| abiword | CVE-2017-17529 | af/util/xp/ut_go_file.cpp in AbiWord 3.0.2-2 does not validate strings ... | bookworm, bullseye, sid, trixie |
| acpica-unix | CVE-2024-24856 | The memory allocation function ACPI_ALLOCATE_ZEROED does not guarantee ... | bookworm, bullseye, sid, trixie |
| advancecomp | CVE-2022-35014 | Advancecomp v2.3 contains a segmentation fault. | bullseye |
| CVE-2022-35015 | Advancecomp v2.3 was discovered to contain a heap buffer overflow via ... | bullseye | |
| CVE-2022-35016 | Advancecomp v2.3 was discovered to contain a heap buffer overflow. | bullseye | |
| CVE-2022-35017 | Advancecomp v2.3 was discovered to contain a heap buffer overflow. | bullseye | |
| CVE-2022-35018 | Advancecomp v2.3 was discovered to contain a segmentation fault. | bullseye | |
| CVE-2022-35020 | Advancecomp v2.3 was discovered to contain a heap buffer overflow via ... | bullseye | |
| CVE-2023-2961 | A segmentation fault flaw was found in the Advancecomp package. This m ... | bullseye | |
| amarok | CVE-2020-13152 | A remote user can create a specially crafted M3U file, media playlist ... | sid, trixie |
| android-framework-23 | CVE-2017-0752 | A elevation of privilege vulnerability in the Android framework (windo ... | bullseye, sid |
| CVE-2017-0822 | An elevation of privilege vulnerability in the Android system (camera) ... | bullseye, sid | |
| android-platform-frameworks-base | CVE-2021-39796 | In HarmfulAppWarningActivity of HarmfulAppWarningActivity.java, there ... | bookworm, bullseye, sid, trixie |
| CVE-2022-20011 | In getArray of NotificationManagerService.java , there is a possible l ... | bookworm, bullseye, sid, trixie | |
| android-platform-frameworks-native | CVE-2015-3875 | libutils in Android before 5.1.1 LMY48T allows remote attackers to exe ... | bookworm, bullseye, sid |
| CVE-2015-6602 | libutils in Android through 5.1.1 LMY48M allows remote attackers to ex ... | bookworm, bullseye, sid | |
| CVE-2015-6609 | libutils in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allo ... | bookworm, bullseye, sid | |
| android-platform-system-core | CVE-2012-5564 | android-tools 4.1.1 in Android Debug Bridge (ADB) allows local users t ... | bullseye |
| CVE-2017-0841 | A remote code execution vulnerability in the Android system (libutils) ... | bullseye | |
| anjuta | CVE-2021-42522 | There is a Information Disclosure vulnerability in anjuta/plugins/docu ... | bookworm, bullseye |
| ansible | CVE-2020-1734 | A flaw was found in the pipe lookup plugin of ansible. Arbitrary comma ... | bookworm, bullseye, sid, trixie |
| CVE-2020-1736 | A flaw was found in Ansible Engine when a file is moved using atomic_m ... | bookworm, bullseye, sid, trixie | |
| CVE-2020-1738 | A flaw was found in Ansible Engine when the module package or service ... | bookworm, bullseye, sid, trixie | |
| ant | CVE-2021-36373 | When reading a specially crafted TAR archive an Apache Ant build can b ... | bullseye |
| CVE-2021-36374 | When reading a specially crafted ZIP archive, or a derived formats, an ... | bullseye | |
| apache2 | CVE-2001-1534 | mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's u ... | bookworm, bullseye, sid, trixie |
| CVE-2003-1307 | The mod_php module for the Apache HTTP Server allows local users with ... | bookworm, bullseye, sid, trixie | |
| CVE-2003-1580 | The Apache HTTP Server 2.0.44, when DNS resolution is enabled for clie ... | bookworm, bullseye, sid, trixie | |
| CVE-2003-1581 | The Apache HTTP Server 2.0.44, when DNS resolution is enabled for clie ... | bookworm, bullseye, sid, trixie | |
| CVE-2007-0086 | The Apache HTTP Server, when accessed through a TCP connection with a ... | bookworm, bullseye, sid, trixie | |
| CVE-2007-1743 | suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combination ... | bookworm, bullseye, sid, trixie | |
| CVE-2007-3303 | Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows loc ... | bookworm, bullseye, sid, trixie | |
| CVE-2008-0456 | CRLF injection vulnerability in the mod_negotiation module in the Apac ... | bookworm, bullseye, sid, trixie | |
| apparmor | CVE-2016-1585 | In all versions of AppArmor mount rules are accidentally widened when ... | bookworm, bullseye |
| apt | CVE-2011-3374 | It was found that apt-key in apt, all versions, do not correctly valid ... | bookworm, bullseye, sid, trixie |
| apt-setup | CVE-2005-2214 | apt-setup in Debian GNU/Linux installs the apt.conf file with insecure ... | bookworm, bullseye, sid, trixie |
| arm-trusted-firmware | CVE-2022-47630 | Trusted Firmware-A through 2.8 has an out-of-bounds read in the X.509 ... | bookworm, bullseye |
| CVE-2024-6285 | Integer Underflow (Wrap or Wraparound) vulnerability in Renesas arm-tr ... | bookworm, bullseye, sid, trixie | |
| CVE-2024-6287 | Incorrect Calculation vulnerability in Renesas arm-trusted-firmware al ... | bookworm, bullseye, sid, trixie | |
| asn1c | CVE-2017-12966 | The asn1f_lookup_symbol_impl function in asn1fix_retrieve.c in libasn1 ... | bookworm, bullseye, sid, trixie |
| CVE-2020-23910 | Stack-based buffer overflow vulnerability in asn1c through v0.9.28 via ... | bookworm, bullseye, sid, trixie | |
| CVE-2020-23911 | An issue was discovered in asn1c through v0.9.28. A NULL pointer deref ... | bookworm, bullseye, sid, trixie | |
| asterisk | CVE-2024-57520 | Insecure Permissions vulnerability in asterisk v22 allows a remote att ... | bullseye |
| audiofile | CVE-2022-24599 | In autofile Audio File Library 0.3.6, there exists one memory leak vul ... | bullseye |
| awffull | CVE-2007-0510 | Multiple buffer overflows in (1) graphs.c, (2) output.c, and (3) prese ... | bookworm, bullseye, sid, trixie |
| awstats | CVE-2018-10245 | A Full Path Disclosure vulnerability in AWStats through 7.6 allows rem ... | bookworm, bullseye, sid, trixie |
| axis | CVE-2007-2353 | Apache Axis 1.0 allows remote attackers to obtain sensitive informatio ... | bookworm, bullseye, sid, trixie |
| CVE-2019-0227 | A Server Side Request Forgery (SSRF) vulnerability affected the Apache ... | bookworm, bullseye, sid, trixie | |
| bash | TEMP-0841856-B18BAF | Privilege escalation possible to other user than root | bookworm, bullseye, sid, trixie |
| bash-completion | CVE-2018-7738 | In util-linux before 2.32-rc1, bash-completion/umount allows local use ... | bookworm, bullseye, sid, trixie |
| beaker | CVE-2013-7489 | The Beaker library through 1.11.0 for Python is affected by deserializ ... | bookworm, bullseye, sid, trixie |
| binaryen | CVE-2021-45290 | A Denial of Service vulnerability exits in Binaryen 103 due to an asse ... | bullseye |
| CVE-2021-45293 | A Denial of Service vulnerability exists in Binaryen 103 due to an Inv ... | bullseye | |
| CVE-2021-46048 | A Denial of Service vulnerability exists in Binaryen 104 due to an ass ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-46050 | A Stack Overflow vulnerability exists in Binaryen 103 via the printf_c ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-46052 | A Denial of Service vulnerability exists in Binaryen 104 due to an ass ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-46053 | A Denial of Service vulnerability exists in Binaryen 103. The program ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-46054 | A Denial of Service vulnerability exists in Binaryen 104 due to an ass ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-46055 | A Denial of Service vulnerability exists in Binaryen 104 due to an ass ... | bookworm, bullseye, sid, trixie | |
| binutils | CVE-2017-13716 | The C++ symbol demangler routine in cplus-dem.c in libiberty, as distr ... | bookworm, bullseye, sid, trixie |
| CVE-2018-9996 | An issue was discovered in cplus-dem.c in GNU libiberty, as distribute ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-20673 | The demangle_template function in cplus-dem.c in GNU libiberty, as dis ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-20712 | A heap-based buffer over-read exists in the function d_expression_1 in ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-1010204 | GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is aff ... | bullseye | |
| CVE-2020-19726 | An issue was discovered in binutils libbfd.c 2.36 relating to the auxi ... | bullseye | |
| CVE-2020-35448 | An issue was discovered in the Binary File Descriptor (BFD) library (a ... | bullseye | |
| CVE-2021-3530 | A flaw was discovered in GNU libiberty within demangle_path() in rust- ... | bullseye | |
| CVE-2021-3549 | An out of bounds flaw was found in GNU binutils objdump utility versio ... | bullseye | |
| CVE-2021-3826 | Heap/stack buffer overflow in the dlang_lname function in d-demangle.c ... | bullseye | |
| CVE-2021-20197 | There is an open race window when writing output in the following util ... | bullseye | |
| CVE-2021-20284 | A flaw was found in GNU Binutils 2.35.1, where there is a heap-based b ... | bullseye | |
| CVE-2021-32256 | An issue was discovered in GNU libiberty, as distributed in GNU Binuti ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-45078 | stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows ... | bullseye | |
| CVE-2021-46174 | Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump ... | bullseye | |
| CVE-2021-46195 | GCC v12.0 was discovered to contain an uncontrolled recursion via the ... | bullseye | |
| CVE-2022-4285 | An illegal memory access flaw was found in the binutils package. Parsi ... | bullseye | |
| CVE-2022-35205 | An issue was discovered in Binutils readelf 2.38.50, reachable asserti ... | bullseye | |
| CVE-2022-35206 | Null pointer dereference vulnerability in Binutils readelf 2.38.50 via ... | bullseye | |
| CVE-2022-38533 | In GNU Binutils before 2.40, there is a heap-buffer-overflow in the er ... | bullseye | |
| CVE-2022-44840 | Heap buffer overflow vulnerability in binutils readelf before 2.40 via ... | bullseye | |
| CVE-2022-45703 | Heap buffer overflow vulnerability in binutils readelf before 2.40 via ... | bullseye | |
| CVE-2022-47007 | An issue was discovered function stab_demangle_v3_arg in stabs.c in Bi ... | bullseye | |
| CVE-2022-47008 | An issue was discovered function make_tempdir, and make_tempname in bu ... | bullseye | |
| CVE-2022-47010 | An issue was discovered function pr_function_type in prdbg.c in Binuti ... | bullseye | |
| CVE-2022-47011 | An issue was discovered function parse_stab_struct_fields in stabs.c i ... | bullseye | |
| CVE-2022-47673 | An issue was discovered in Binutils addr2line before 2.39.3, function ... | bullseye | |
| CVE-2022-47695 | An issue was discovered Binutils objdump before 2.39.3 allows attacker ... | bullseye | |
| CVE-2022-47696 | An issue was discovered Binutils objdump before 2.39.3 allows attacker ... | bullseye | |
| CVE-2022-48063 | GNU Binutils before 2.40 was discovered to contain an excessive memory ... | bullseye | |
| CVE-2022-48064 | GNU Binutils before 2.40 was discovered to contain an excessive memory ... | bullseye | |
| CVE-2022-48065 | GNU Binutils before 2.40 was discovered to contain a memory leak vulne ... | bullseye | |
| CVE-2023-1579 | Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64. | bullseye | |
| CVE-2023-1972 | A potential heap based buffer overflow was found in _bfd_elf_slurp_ver ... | bookworm, bullseye | |
| CVE-2023-25584 | An out-of-bounds read flaw was found in the parse_module function in b ... | bullseye | |
| CVE-2023-25585 | A flaw was found in Binutils. The use of an uninitialized field in the ... | bullseye | |
| CVE-2023-25586 | A flaw was found in Binutils. A logic fail in the bfd_init_section_dec ... | bullseye | |
| CVE-2023-25588 | A flaw was found in Binutils. The field `the_bfd` of `asymbol`struct i ... | bullseye | |
| CVE-2024-53589 | GNU objdump 2.43 is vulnerable to Buffer Overflow in the BFD (Binary F ... | bookworm, bullseye | |
| CVE-2024-57360 | https://www.gnu.org/software/binutils/ nm >=2.43 is affected by: Incor ... | bookworm, bullseye | |
| CVE-2025-0840 | A vulnerability, which was classified as problematic, was found in GNU ... | bookworm, bullseye | |
| CVE-2025-1147 | A vulnerability has been found in GNU Binutils 2.43 and classified as ... | bookworm, bullseye, sid, trixie | |
| CVE-2025-1148 | A vulnerability was found in GNU Binutils 2.43 and classified as probl ... | bookworm, bullseye, sid, trixie | |
| CVE-2025-1149 | A vulnerability was found in GNU Binutils 2.43. It has been classified ... | bookworm, bullseye, sid, trixie | |
| CVE-2025-1150 | A vulnerability was found in GNU Binutils 2.43. It has been declared a ... | bookworm, bullseye, sid, trixie | |
| CVE-2025-1151 | A vulnerability was found in GNU Binutils 2.43. It has been rated as p ... | bookworm, bullseye, sid, trixie | |
| CVE-2025-1152 | A vulnerability classified as problematic has been found in GNU Binuti ... | bookworm, bullseye, sid, trixie | |
| CVE-2025-1153 | A vulnerability classified as problematic was found in GNU Binutils 2. ... | bookworm, bullseye, sid, trixie | |
| CVE-2025-1176 | A vulnerability was found in GNU Binutils 2.43 and classified as criti ... | bookworm, bullseye, sid, trixie | |
| CVE-2025-1178 | A vulnerability was found in GNU Binutils 2.43. It has been declared a ... | bookworm, bullseye, sid, trixie | |
| CVE-2025-1179 | A vulnerability was found in GNU Binutils 2.43. It has been rated as c ... | bookworm, bullseye | |
| CVE-2025-1180 | A vulnerability classified as problematic has been found in GNU Binuti ... | bookworm, bullseye, sid, trixie | |
| CVE-2025-1181 | A vulnerability classified as critical was found in GNU Binutils 2.43. ... | bookworm, bullseye, sid, trixie | |
| CVE-2025-1182 | A vulnerability, which was classified as critical, was found in GNU Bi ... | bookworm, bullseye, sid, trixie | |
| CVE-2025-3198 | A vulnerability has been found in GNU Binutils 2.43/2.44 and classifie ... | bookworm, bullseye, sid, trixie | |
| binwalk | CVE-2021-4287 | A vulnerability, which was classified as problematic, was found in ReF ... | bullseye |
| blender | CVE-2005-3151 | Buffer overflow in blenderplay in Blender Player 2.37a allows attacker ... | bookworm, bullseye, sid, trixie |
| CVE-2009-3850 | Blender 2.34, 2.35a, 2.40, and 2.49b allows remote attackers to execut ... | bookworm, bullseye, sid, trixie | |
| CVE-2010-5105 | The undo save quit routine in the kernel in Blender 2.5, 2.63a, and ea ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-2832 | A flaw was found in Blender 3.3.0. A null pointer dereference exists i ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-2833 | Endless Infinite loop in Blender-thumnailing due to logical bugs. | bullseye | |
| bluez | CVE-2016-9797 | In BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" functio ... | bookworm, bullseye, sid, trixie |
| CVE-2016-9798 | In BlueZ 5.42, a use-after-free was identified in "conf_opt" function ... | bookworm, bullseye, sid, trixie | |
| CVE-2016-9799 | In BlueZ 5.42, a buffer overflow was observed in "pklg_read_hci" funct ... | bookworm, bullseye, sid, trixie | |
| CVE-2016-9800 | In BlueZ 5.42, a buffer overflow was observed in "pin_code_reply_dump" ... | bookworm, bullseye, sid, trixie | |
| CVE-2016-9801 | In BlueZ 5.42, a buffer overflow was observed in "set_ext_ctrl" functi ... | bookworm, bullseye, sid, trixie | |
| CVE-2016-9802 | In BlueZ 5.42, a buffer over-read was identified in "l2cap_packet" fun ... | bookworm, bullseye, sid, trixie | |
| CVE-2016-9803 | In BlueZ 5.42, an out-of-bounds read was observed in "le_meta_ev_dump" ... | bookworm, bullseye, sid, trixie | |
| CVE-2016-9804 | In BlueZ 5.42, a buffer overflow was observed in "commands_dump" funct ... | bookworm, bullseye, sid, trixie | |
| CVE-2016-9917 | In BlueZ 5.42, a buffer overflow was observed in "read_n" function in ... | bookworm, bullseye, sid, trixie | |
| CVE-2016-9918 | In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump ... | bookworm, bullseye, sid, trixie | |
| bochs | CVE-2007-2894 | The emulated floppy disk controller in Bochs 2.3 allows local users of ... | bookworm, bullseye, sid, trixie |
| botan | CVE-2024-50382 | Botan before 3.6.0, when certain LLVM versions are used, has compiler- ... | bookworm, bullseye |
| bpfcc | CVE-2024-2314 | If kernel headers need to be extracted, bcc will attempt to load them ... | bookworm, bullseye |
| bpftrace | CVE-2024-2313 | If kernel headers need to be extracted, bpftrace will attempt to load ... | bookworm, bullseye |
| brandy | CVE-2019-14662 | Brandy 1.20.1 has a stack-based buffer overflow in fileio_openout in f ... | bullseye |
| CVE-2019-14663 | Brandy 1.20.1 has a stack-based buffer overflow in fileio_openin in fi ... | bullseye | |
| CVE-2019-14665 | Brandy 1.20.1 has a heap-based buffer overflow in define_array in vari ... | bullseye | |
| CVE-2020-27372 | A buffer overflow vulnerability exists in Brandy Basic V Interpreter 1 ... | bookworm, bullseye, sid, trixie | |
| budgie-extras | CVE-2023-49347 | Temporary data passed between application components by Budgie Extras ... | bookworm, bullseye |
| busybox | CVE-2018-1000500 | Busybox contains a Missing SSL certificate validation vulnerability in ... | bookworm, bullseye, sid, trixie |
| CVE-2021-42373 | A NULL pointer dereference in Busybox's man applet leads to denial of ... | bullseye | |
| CVE-2021-42375 | An incorrect handling of a special element in Busybox's ash applet lea ... | bullseye | |
| CVE-2021-42376 | A NULL pointer dereference in Busybox's hush applet leads to denial of ... | bullseye | |
| CVE-2021-42377 | An attacker-controlled pointer free in Busybox's hush applet leads to ... | bullseye | |
| CVE-2022-30065 | A use-after-free in Busybox 1.35-x's awk applet leads to denial of ser ... | bookworm, bullseye | |
| bwa | CVE-2019-11371 | BWA (aka Burrow-Wheeler Aligner) 0.7.17 r1198 has a Buffer Overflow vi ... | bookworm, bullseye, sid, trixie |
| byobu | CVE-2019-7306 | Byobu Apport hook may disclose sensitive information since it automati ... | bookworm, bullseye, sid, trixie |
| byzanz | CVE-2015-2785 | The GIF encoder in Byzanz allows remote attackers to cause a denial of ... | bookworm, bullseye, sid, trixie |
| bzip3 | CVE-2023-29417 | An issue was discovered in libbzip3.a in bzip3 1.2.2. There is a bz3_d ... | bookworm, sid, trixie |
| c-ares | CVE-2023-31124 | c-ares is an asynchronous resolver library. When cross-compiling c-are ... | bookworm, bullseye |
| CVE-2023-31147 | c-ares is an asynchronous resolver library. When /dev/urandom or RtlGe ... | bookworm, bullseye | |
| cacti | CVE-2020-7058 | data_input.php in Cacti 1.2.8 allows remote code execution via a craft ... | bookworm, bullseye, sid, trixie |
| CVE-2022-48538 | In Cacti 1.2.19, there is an authentication bypass in the web login fu ... | bullseye | |
| cadaver | CVE-2009-3560 | The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, a ... | bookworm, bullseye, sid, trixie |
| CVE-2009-3720 | The updatePosition function in lib/xmltok_impl.c in libexpat in Expat ... | bookworm, bullseye, sid, trixie | |
| cairo | CVE-2018-18064 | cairo through 1.15.14 has an out-of-bounds stack-memory write during p ... | bookworm, bullseye, sid, trixie |
| catdoc | CVE-2018-20451 | The process_file function in reader.c in libdoc through 2017-10-23 has ... | bookworm, bullseye, sid, trixie |
| CVE-2018-20453 | The getlong function in numutils.c in libdoc through 2017-10-23 has a ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-7156 | In libdoc through 2019-01-28, calcFileBlockOffset in ole.c allows divi ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-7233 | In libdoc through 2019-01-28, doc2text in catdoc.c has a NULL pointer ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-31979 | Catdoc v0.95 was discovered to contain a global buffer overflow via th ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-41633 | Catdoc v0.95 was discovered to contain a NULL pointer dereference via ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-46345 | Catdoc v0.95 was discovered to contain a NULL pointer dereference via ... | bookworm, bullseye, sid, trixie | |
| cflow | CVE-2019-16165 | GNU cflow through 1.6 has a use-after-free in the reference function i ... | bullseye |
| CVE-2019-16166 | GNU cflow through 1.6 has a heap-based buffer over-read in the nexttok ... | bullseye | |
| CVE-2020-23856 | Use-after-Free vulnerability in cflow 1.6 in the void call(char *name, ... | bullseye | |
| CVE-2023-2789 | A vulnerability was found in GNU cflow 1.7. It has been rated as probl ... | bookworm, bullseye, sid, trixie | |
| chafa | CVE-2022-1507 | chafa: NULL Pointer Dereference in function gif_internal_decode_frame ... | bullseye |
| CVE-2022-2061 | Heap-based Buffer Overflow in GitHub repository hpjansson/chafa prior ... | bullseye | |
| CVE-2022-2301 | Buffer Over-read in GitHub repository hpjansson/chafa prior to 1.10.3. | bullseye | |
| checkinstall | CVE-2020-25031 | checkinstall 1.6.2, when used to create a package that contains a syml ... | bookworm, bullseye, sid, trixie |
| cifs-utils | CVE-2014-2830 | Stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils ... | bookworm, bullseye, sid, trixie |
| cimg | CVE-2018-7587 | An issue was discovered in CImg v.220. DoS occurs when loading a craft ... | bookworm, bullseye, sid, trixie |
| civetweb | CVE-2020-27304 | The CivetWeb web library does not validate uploaded filepaths when run ... | bullseye |
| ckeditor | CVE-2023-4771 | A Cross-Site scripting vulnerability has been found in CKSource CKEdit ... | bookworm, bullseye, sid, trixie |
| CVE-2024-43411 | CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. ... | sid, trixie | |
| ckeditor3 | CVE-2018-17960 | CKEditor 4.x before 4.11.0 allows user-assisted XSS involving a source ... | bookworm, bullseye |
| CVE-2024-24816 | CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. ... | bookworm, bullseye | |
| clementine | CVE-2018-14332 | An issue was discovered in Clementine Music Player 1.3.1. Clementine.e ... | bookworm, bullseye, sid, trixie |
| CVE-2021-40826 | Clementine Music Player through 1.3.1 is vulnerable to a User Mode Wri ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-40827 | Clementine Music Player through 1.3.1 (when a GLib 2.0.0 DLL is used) ... | bookworm, bullseye, sid, trixie | |
| coin3 | CVE-2009-3560 | The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, a ... | bookworm, bullseye, sid, trixie |
| CVE-2009-3720 | The updatePosition function in lib/xmltok_impl.c in libexpat in Expat ... | bookworm, bullseye, sid, trixie | |
| colord | CVE-2021-42523 | There are two Information Disclosure vulnerabilities in colord, and th ... | bullseye |
| colpack | CVE-2024-55566 | ColPack 1.0.10 through 9a7293a has a predictable temporary file (locat ... | bookworm, bullseye, sid, trixie |
| configobj | CVE-2023-26112 | All versions of the package configobj are vulnerable to Regular Expres ... | bookworm, bullseye |
| context | CVE-2017-17513 | TeX Live through 20170524 does not validate strings before launching t ... | bookworm, bullseye, sid, trixie |
| coreboot | CVE-2022-29264 | An issue was discovered in coreboot 4.13 through 4.16. On APs, arbitra ... | bookworm, sid, trixie |
| coreutils | CVE-2017-18018 | In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does no ... | bookworm, bullseye, sid, trixie |
| courier | CVE-2004-2313 | Inter7 SqWebMail 3.4.1 through 3.6.1 generates different error message ... | bookworm, bullseye, sid, trixie |
| CVE-2005-1308 | SqWebMail allows remote attackers to inject arbitrary web script or HT ... | bookworm, bullseye, sid, trixie | |
| cppcheck | CVE-2023-39070 | An issue in Cppcheck 2.12 dev allows a local attacker to execute arbit ... | bookworm, bullseye, sid, trixie |
| crasm | CVE-2023-23108 | In crasm 1.8-3, invalid input validation, specific files passed to the ... | bookworm, bullseye, sid, trixie |
| CVE-2023-23109 | In crasm 1.8-3, invalid input validation, specific files passed to the ... | bookworm, bullseye, sid, trixie | |
| ctn | CVE-2008-5146 | add-accession-numbers in ctn 3.0.6 allows local users to overwrite arb ... | bookworm, bullseye, sid, trixie |
| cups | CVE-2014-8166 | The browsing feature in the server in CUPS does not filter ANSI escape ... | bookworm, bullseye, sid, trixie |
| curl | CVE-2021-22922 | When curl is instructed to download content using the metalink feature ... | bullseye |
| CVE-2021-22923 | When curl is instructed to get content using the metalink feature, and ... | bullseye | |
| CVE-2023-28320 | A denial of service vulnerability exists in curl <v8.1.0 in the way li ... | bullseye | |
| CVE-2024-2379 | libcurl skips the certificate verification for a QUIC connection under ... | bookworm, bullseye | |
| CVE-2025-0725 | When libcurl is asked to perform automatic gzip decompression of conte ... | bookworm, bullseye | |
| db4o | CVE-2012-6550 | Cross-site scripting (XSS) vulnerability in ZeroClipboard before 1.1.4 ... | bookworm, bullseye |
| CVE-2013-1808 | Cross-site scripting (XSS) vulnerability in ZeroClipboard.swf and Zero ... | bookworm, bullseye | |
| CVE-2014-1869 | Multiple cross-site scripting (XSS) vulnerabilities in ZeroClipboard.s ... | bookworm, bullseye | |
| dcraw | CVE-2018-19565 | A buffer over-read in crop_masked_pixels in dcraw through 9.28 could b ... | bookworm, bullseye, sid, trixie |
| CVE-2018-19566 | A heap buffer over-read in parse_tiff_ifd in dcraw through 9.28 could ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-19567 | A floating point exception in parse_tiff_ifd in dcraw through 9.28 cou ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-19568 | A floating point exception in kodak_radc_load_raw in dcraw through 9.2 ... | bookworm, bullseye, sid, trixie | |
| dia | CVE-2019-19451 | When GNOME Dia before 2019-11-27 is launched with a filename argument ... | bullseye |
| dillo | TEMP-0560108-565B70 | browser-based css info disclosure | bookworm, bullseye, sid, trixie |
| dlt-daemon | CVE-2021-29507 | GENIVI Diagnostic Log and Trace (DLT) provides a log and trace interfa ... | bullseye |
| dmg2img | CVE-2021-3548 | A flaw was found in dmg2img through 20170502. dmg2img did not validate ... | bookworm, bullseye, sid, trixie |
| CVE-2021-32614 | A flaw was found in dmg2img through 20170502. fill_mishblk() does not ... | bookworm, bullseye, sid, trixie | |
| dmidecode | CVE-2023-30630 | Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This ... | bookworm, bullseye |
| dnsmasq | CVE-2021-45951 | Dnsmasq 2.86 has a heap-based buffer overflow in check_bad_address (ca ... | bookworm, bullseye, sid, trixie |
| CVE-2021-45952 | Dnsmasq 2.86 has a heap-based buffer overflow in dhcp_reply (called fr ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-45953 | Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-45954 | Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-45955 | Dnsmasq 2.86 has a heap-based buffer overflow in resize_packet (called ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-45956 | Dnsmasq 2.86 has a heap-based buffer overflow in print_mac (called fro ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-45957 | Dnsmasq 2.86 has a heap-based buffer overflow in answer_request (calle ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-49441 | dnsmasq 2.9 is vulnerable to Integer Overflow via forward_query. | bullseye | |
| dnstracer | CVE-2017-9430 | Stack-based buffer overflow in dnstracer through 1.9 allows attackers ... | bookworm, bullseye, sid, trixie |
| dogtag-pki | CVE-2015-0234 | Multiple temporary file creation vulnerabilities in pki-core 10.2.0. | bullseye |
| dokuwiki | CVE-2016-7964 | The sendRequest method in HTTPClient Class in file /inc/HTTPClient.php ... | bookworm, bullseye |
| CVE-2016-7965 | DokuWiki 2016-06-26a and older uses $_SERVER[HTTP_HOST] instead of the ... | bookworm, bullseye | |
| CVE-2024-33103 | An arbitrary file upload vulnerability in the Media Manager component ... | bookworm, bullseye, sid, trixie | |
| dovecot | CVE-2008-4870 | dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedor ... | bookworm, bullseye, sid, trixie |
| dpic | CVE-2021-32421 | dpic 2021.01.01 has a Heap Use-After-Free in thedeletestringbox() func ... | bullseye |
| CVE-2021-32422 | dpic 2021.01.01 has a Global buffer overflow in theyylex() function in ... | bullseye | |
| CVE-2021-33390 | dpic 2021.04.10 has a use-after-free in thedeletestringbox() function ... | bullseye | |
| dpkg-cross | CVE-2008-4950 | gccross in dpkg-cross 2.3.0 allows local users to overwrite arbitrary ... | bookworm, bullseye, sid, trixie |
| duo-unix | CVE-2020-12135 | bson before 0.8 incorrectly uses int rather than size_t for many varia ... | bookworm, bullseye, sid, trixie |
| elfutils | CVE-2021-33294 | In elfutils 0.183, an infinite loop was found in the function handle_s ... | bullseye |
| CVE-2024-25260 | elfutils v0.189 was discovered to contain a NULL pointer dereference v ... | bookworm, bullseye, sid, trixie | |
| CVE-2025-1352 | A vulnerability has been found in GNU elfutils 0.192 and classified as ... | bookworm, bullseye, sid, trixie | |
| CVE-2025-1365 | A vulnerability, which was classified as critical, was found in GNU el ... | bookworm, bullseye, sid, trixie | |
| CVE-2025-1371 | A vulnerability has been found in GNU elfutils 0.192 and classified as ... | bookworm, bullseye, sid, trixie | |
| CVE-2025-1372 | A vulnerability was found in GNU elfutils 0.192. It has been declared ... | bookworm, bullseye, sid, trixie | |
| CVE-2025-1376 | A vulnerability classified as problematic was found in GNU elfutils 0. ... | bookworm, bullseye, sid, trixie | |
| CVE-2025-1377 | A vulnerability, which was classified as problematic, has been found i ... | bookworm, bullseye, sid, trixie | |
| epiphany-browser | CVE-2007-1084 | Mozilla Firefox 2.0.0.1 and earlier does not prompt users before savin ... | bookworm, bullseye, sid, trixie |
| CVE-2014-3566 | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other prod ... | bookworm, bullseye, sid, trixie | |
| TEMP-0560108-565B70 | browser-based css info disclosure | bookworm, bullseye, sid, trixie | |
| erlang | CVE-2009-0130 | lib/crypto/c_src/crypto_drv.c in erlang does not properly check the re ... | bookworm, bullseye, sid, trixie |
| CVE-2016-1000107 | inets in Erlang possibly 22.1 and earlier follows RFC 3875 section 4.1 ... | bookworm, bullseye, sid, trixie | |
| etcd | CVE-2022-34038 | Etcd v3.5.4 allows remote attackers to cause a denial of service via f ... | bookworm, bullseye, sid, trixie |
| evolution | CVE-2007-1266 | Evolution 2.8.1 and earlier does not properly use the --status-fd argu ... | bookworm, bullseye, sid, trixie |
| CVE-2011-3201 | GNOME Evolution before 3.2.3 allows user-assisted remote attackers to ... | bookworm, bullseye, sid, trixie | |
| CVE-2013-4166 | The gpg_ctx_add_recipient function in camel/camel-gpg-context.c in GNO ... | bookworm, bullseye, sid, trixie | |
| CVE-2017-17689 | The S/MIME specification allows a Cipher Block Chaining (CBC) malleabi ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-3349 | GNOME Evolution through 3.38.3 produces a "Valid signature" message fo ... | bookworm, bullseye, sid, trixie | |
| exif | CVE-2021-27815 | NULL Pointer Deference in the exif command line tool, when printing ou ... | bullseye |
| exiftags | CVE-2024-42851 | Buffer Overflow vulnerability in open source exiftags v.1.01 allows a ... | bookworm, bullseye, sid, trixie |
| exiv2 | CVE-2018-14338 | samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realp ... | bookworm, bullseye, sid, trixie |
| CVE-2020-18773 | An invalid memory access in the decode function in iptc.cpp of Exiv2 0 ... | bookworm, bullseye, sid, trixie | |
| CVE-2020-18774 | A float point exception in the printLong function in tags_int.cpp of E ... | bookworm, bullseye, sid, trixie | |
| CVE-2020-18898 | A stack exhaustion issue in the printIFDStructure function of Exiv2 0. ... | bookworm, bullseye, sid, trixie | |
| expat | CVE-2013-0340 | expat 2.1.0 and earlier does not properly handle entities expansion un ... | bullseye |
| CVE-2023-52426 | libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DT ... | bookworm, bullseye | |
| CVE-2024-28757 | libexpat through 2.6.1 allows an XML Entity Expansion attack when ther ... | bookworm, bullseye | |
| faust | CVE-2021-32275 | An issue was discovered in faust through v2.30.5. A NULL pointer deref ... | bookworm, bullseye, sid, trixie |
| CVE-2021-41736 | Faust v2.35.0 was discovered to contain a heap-buffer overflow in the ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-41737 | In Faust 2.23.1, an input file with the lines "// r visualisation tCst ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-37770 | faust commit ee39a19 was discovered to contain a stack overflow via th ... | bookworm, bullseye, sid, trixie | |
| fdkaac | CVE-2022-36148 | fdkaac commit 53fe239 was discovered to contain a floating point excep ... | bookworm, bullseye |
| CVE-2022-37781 | fdkaac v1.0.3 was discovered to contain a heap buffer overflow via __i ... | bookworm, bullseye | |
| CVE-2023-34823 | fdkaac before 1.0.5 was discovered to contain a stack overflow in read ... | bookworm, bullseye | |
| CVE-2023-34824 | fdkaac before 1.0.5 was discovered to contain a heap buffer overflow i ... | bookworm, bullseye | |
| ffmpeg | CVE-2020-22038 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ... | bullseye |
| fig2dev | CVE-2025-46397 | In xfig diagramming tool, a stack-overflowwhile running fig2dev allows ... | bookworm |
| CVE-2025-46398 | In xfig diagramming tool, a stack-overflow while running fig2dev allow ... | bookworm | |
| CVE-2025-46399 | In xfig diagramming tool, a segmentation fault in fig2dev allows memor ... | bookworm | |
| CVE-2025-46400 | In xfig diagramming tool, a segmentation fault while running fig2dev a ... | bookworm | |
| firefox | CVE-2004-1639 | Mozilla Firefox before 0.10, Mozilla 5.0, and Gecko 20040913 allows re ... | sid |
| CVE-2005-2395 | Mozilla Firefox 1.0.4 and 1.0.5 does not choose the challenge with the ... | sid | |
| CVE-2005-4685 | Firefox and Mozilla can associate a cookie with multiple domains when ... | sid | |
| CVE-2019-12383 | Tor Browser before 8.0.1 has an information exposure vulnerability. It ... | sid | |
| CVE-2023-5217 | Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior ... | sid | |
| firefox-esr | CVE-2019-12383 | Tor Browser before 8.0.1 has an information exposure vulnerability. It ... | bookworm, bullseye, sid, trixie |
| CVE-2023-5217 | Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior ... | bookworm, sid, trixie | |
| firehol | CVE-2008-4953 | firehol in firehol 1.256 allows local users to overwrite arbitrary fil ... | bookworm, bullseye, sid, trixie |
| flask-caching | CVE-2021-33026 | The Flask-Caching extension through 1.10.1 for Flask relies on Pickle ... | bookworm, bullseye, sid, trixie |
| flex | CVE-2019-6293 | An issue was discovered in the function mark_beginning_as_normal in nf ... | bookworm, bullseye, sid, trixie |
| flintqs | CVE-2023-29465 | SageMath FlintQS 1.0 relies on pathnames under TMPDIR (typically world ... | bookworm, bullseye, sid, trixie |
| flvmeta | CVE-2023-36243 | FLVMeta v1.2.1 was discovered to contain a buffer overflow via the xml ... | bookworm, bullseye |
| fontforge | CVE-2017-11570 | FontForge 20161012 is vulnerable to a buffer over-read in umodenc (par ... | bookworm, bullseye, sid, trixie |
| CVE-2017-11573 | FontForge 20161012 is vulnerable to a buffer over-read in ValidatePost ... | bookworm, bullseye, sid, trixie | |
| CVE-2017-17521 | uiutil.c in FontForge through 20170731 does not validate strings befor ... | bookworm, bullseye, sid, trixie | |
| foomatic-filters | CVE-2011-2923 | foomatic-rip filter, all versions, used insecurely creates temporary f ... | bookworm, bullseye, sid, trixie |
| TEMP-0000000-ACBC4C | buffer overflows in init_cups | bookworm, bullseye, sid, trixie | |
| freeglut | CVE-2024-24258 | freeglut 3.4.0 was discovered to contain a memory leak via the menuEnt ... | bookworm, bullseye, sid, trixie |
| CVE-2024-24259 | freeglut through 3.4.0 was discovered to contain a memory leak via the ... | bookworm, bullseye, sid, trixie | |
| freeipa | CVE-2015-5179 | FreeIPA might display user data improperly via vectors involving non-p ... | bookworm, sid, trixie |
| CVE-2017-12169 | It was found that FreeIPA 4.2.0 and later could disclose password hash ... | bookworm, sid, trixie | |
| CVE-2019-14826 | A flaw was found in FreeIPA versions 4.5.0 and later. Session cookies ... | bookworm, sid, trixie | |
| CVE-2023-5455 | A Cross-site request forgery vulnerability exists in ipa/session/login ... | bookworm | |
| CVE-2024-2698 | A vulnerability was found in FreeIPA in how the initial implementation ... | bookworm | |
| CVE-2024-3183 | A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ ... | bookworm | |
| freeradius | CVE-2019-10143 | It was discovered freeradius up to and including version 3.0.19 does n ... | bookworm, bullseye |
| freetype | CVE-2022-31782 | ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based bu ... | bullseye |
| frr | CVE-2020-12831 | An issue was discovered in FRRouting FRR (aka Free Range Routing) thro ... | bookworm, bullseye, sid, trixie |
| ganglia-web | CVE-2019-20378 | ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via th ... | bookworm, bullseye, sid, trixie |
| CVE-2019-20379 | ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via th ... | bookworm, bullseye, sid, trixie | |
| gcc-10 | CVE-2023-4039 | **DISPUTED**A failure in the -fstack-protector feature in GCC-based to ... | bullseye, bookworm |
| gcc-12 | CVE-2022-27943 | libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in ... | bookworm, sid, trixie |
| gcc-9 | CVE-2023-4039 | **DISPUTED**A failure in the -fstack-protector feature in GCC-based to ... | bullseye |
| gcc-mingw-w64 | CVE-2016-4973 | Binaries compiled against targets that use the libssp library in GCC f ... | bookworm, bullseye, sid, trixie |
| gdal | CVE-2025-29480 | Buffer Overflow vulnerability in gdal 3.10.2 allows a local attacker t ... | bookworm, bullseye, sid, trixie |
| gdb | CVE-2014-8501 | The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU binutil ... | bookworm, bullseye, sid, trixie |
| CVE-2023-39128 | GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack o ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-39129 | GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap us ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-39130 | GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap bu ... | bookworm, bullseye, sid, trixie | |
| gedit | CVE-2017-14108 | libgedit.a in GNOME gedit through 3.22.1 allows remote attackers to ca ... | bookworm, bullseye, sid, trixie |
| gegl | CVE-2018-10111 | An issue was discovered in GEGL through 0.3.32. The render_rectangle f ... | bookworm, bullseye, sid, trixie |
| CVE-2018-10112 | An issue was discovered in GEGL through 0.3.32. The gegl_tile_backend_ ... | bookworm, bullseye, sid, trixie | |
| geomview | CVE-2017-17530 | common/help.c in Geomview 1.9.5 does not validate strings before launc ... | bookworm, bullseye, sid, trixie |
| gerbv | CVE-2021-40400 | An out-of-bounds read vulnerability exists in the RS-274X aperture mac ... | bullseye |
| CVE-2021-40402 | An out-of-bounds read vulnerability exists in the RS-274X aperture mac ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-4508 | A user able to control file input to Gerbv, between versions 2.4.0 and ... | bookworm, bullseye | |
| ghostscript | CVE-2022-1350 | A vulnerability classified as problematic was found in GhostPCL 9.55.0 ... | bullseye |
| CVE-2023-38560 | An integer overflow flaw was found in pcl/pl/plfont.c:418 in pl_glyph_ ... | bookworm, bullseye | |
| CVE-2024-29511 | Artifex Ghostscript before 10.03.1, when Tesseract is used for OCR, ha ... | bookworm, bullseye | |
| ghostwriter | CVE-2022-39209 | cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and renderin ... | bullseye |
| giac | CVE-2017-17526 | Input.cc in Bernard Parisse Giac 1.2.3.57 does not validate strings be ... | bookworm, bullseye, sid, trixie |
| gif2apng | CVE-2021-45907 | An issue was discovered in gif2apng 1.9. There is a stack-based buffer ... | bullseye |
| CVE-2021-45908 | An issue was discovered in gif2apng 1.9. There is a stack-based buffer ... | bullseye | |
| giflib | CVE-2020-23922 | An issue was discovered in giflib through 5.1.4. DumpScreen2RGB in gif ... | bookworm, bullseye |
| CVE-2021-40633 | A memory leak (out-of-memory) in gif2rgb in util/gif2rgb.c in giflib 5 ... | bookworm, bullseye | |
| CVE-2022-28506 | There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RG ... | bookworm, bullseye | |
| CVE-2023-39742 | giflib v5.2.1 was discovered to contain a segmentation fault via the c ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-48161 | Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows ... | bookworm, bullseye | |
| CVE-2024-45993 | Giflib Project v5.2.2 is vulnerable to a heap buffer overflow via gif2 ... | bookworm, bullseye, sid, trixie | |
| gifsicle | CVE-2020-19752 | The find_color_or_error function in gifsicle 1.92 contains a NULL poin ... | bullseye |
| CVE-2023-36193 | Gifsicle v1.9.3 was discovered to contain a heap buffer overflow via t ... | bookworm, bullseye | |
| CVE-2023-44821 | Gifsicle through 1.94, if deployed in a way that allows untrusted inpu ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-46009 | gifsicle-1.94 was found to have a floating point exception (FPE) vulne ... | bookworm, bullseye, sid, trixie | |
| giftrans | CVE-2021-45972 | The giftrans function in giftrans 1.12.2 contains a stack-based buffer ... | bookworm, bullseye, sid, trixie |
| gimp | CVE-2012-4245 | The scriptfu network server in GIMP 2.6 does not require authenticatio ... | bookworm, bullseye, sid, trixie |
| CVE-2018-12713 | GIMP through 2.10.2 makes g_get_tmp_dir calls to establish temporary f ... | bookworm, bullseye | |
| CVE-2022-30067 | GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a ... | bullseye | |
| CVE-2022-32990 | An issue in gimp_layer_invalidate_boundary of GNOME GIMP 2.10.30 allow ... | bullseye | |
| git | CVE-2018-1000021 | GIT version 2.15.1 and earlier contains a Input Validation Error vulne ... | bookworm, bullseye, sid, trixie |
| CVE-2022-24975 | The --mirror documentation for Git through 2.35.1 does not mention the ... | bookworm, bullseye, sid, trixie | |
| CVE-2024-52005 | Git is a source code management tool. When cloning from a server (or f ... | bookworm, bullseye, sid, trixie | |
| glance | CVE-2013-4354 | The API before 2.1 in OpenStack Image Registry and Delivery Service (G ... | bookworm, bullseye, sid, trixie |
| CVE-2015-8234 | The image signature algorithm in OpenStack Glance 11.0.0 allows remote ... | bookworm, bullseye, sid, trixie | |
| CVE-2016-4383 | The glance-manage db in all versions of HPE Helion Openstack Glance al ... | bookworm, bullseye, sid, trixie | |
| CVE-2016-8611 | A vulnerability was found in Openstack Glance. No limits are enforced ... | bookworm, bullseye, sid, trixie | |
| glib2.0 | CVE-2012-0039 | GLib 2.31.8 and earlier, when the g_str_hash function is used, compute ... | bookworm, bullseye, sid, trixie |
| glibc | CVE-2010-4756 | The glob implementation in the GNU C Library (aka glibc or libc6) allo ... | bookworm, bullseye, sid, trixie |
| CVE-2018-20796 | In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limi ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-9192 | In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limi ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-1010022 | GNU Libc current is affected by: Mitigation bypass. The impact is: Att ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-1010023 | GNU Libc current is affected by: Re-mapping current loaded library wit ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-1010024 | GNU Libc current is affected by: Mitigation bypass. The impact is: Att ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-1010025 | GNU Libc current is affected by: Mitigation bypass. The impact is: Att ... | bookworm, bullseye, sid, trixie | |
| glslang | CVE-2025-3010 | A vulnerability, which was classified as problematic, has been found i ... | bookworm, bullseye, sid, trixie |
| gnome-keyring | CVE-2018-19358 | GNOME Keyring through 3.28.2 allows local users to retrieve login cred ... | bookworm, bullseye, sid, trixie |
| gnome-remote-desktop | CVE-2022-1736 | Ubuntu's configuration of gnome-control-center allowed Remote Desktop ... | bullseye |
| gnome-settings-daemon | CVE-2024-38394 | Mismatches in interpreting USB authorization policy between GNOME Sett ... | bookworm, bullseye, sid, trixie |
| gnumail | CVE-2007-1269 | GNUMail 1.1.2 and earlier does not properly use the --status-fd argume ... | bookworm, bullseye, sid, trixie |
| gnupg1 | CVE-2018-6829 | cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt mess ... | bookworm, bullseye, sid, trixie |
| CVE-2019-14855 | A flaw was found in the way certificate signatures could be forged usi ... | bookworm, bullseye, sid, trixie | |
| gnupg2 | CVE-2022-3219 | GnuPG can be made to spin on a relatively small input by (for example) ... | bookworm, bullseye, sid, trixie |
| gnuplot | CVE-2018-19490 | An issue was discovered in datafile.c in Gnuplot 5.2.5. This issue all ... | bookworm, bullseye, sid, trixie |
| CVE-2018-19491 | An issue was discovered in post.trm in Gnuplot 5.2.5. This issue allow ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-19492 | An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issue allo ... | bookworm, bullseye, sid, trixie | |
| CVE-2020-25412 | com_line() in command.c in gnuplot 5.4 leads to an out-of-bounds-write ... | bookworm, bullseye, sid, trixie | |
| CVE-2020-25559 | gnuplot 5.5 is affected by double free when executing print_set_output ... | bookworm, bullseye, sid, trixie | |
| CVE-2020-25969 | gnuplot v5.5 was discovered to contain a buffer overflow via the funct ... | bookworm, bullseye, sid, trixie | |
| CVE-2025-3359 | A flaw was found in GNUPlot. A segmentation fault via IO_str_init_stat ... | bookworm, bullseye, sid, trixie | |
| CVE-2025-31176 | A flaw was found in gnuplot. The plot3d_points() function may lead to ... | bookworm, bullseye, sid, trixie | |
| CVE-2025-31177 | gnuplot is affected by a heap buffer overflow at function utf8_copy_on ... | bookworm, bullseye, sid, trixie | |
| CVE-2025-31178 | A flaw was found in gnuplot. The GetAnnotateString() function may lead ... | bookworm, bullseye, sid, trixie | |
| CVE-2025-31179 | A flaw was found in gnuplot. The xstrftime() function may lead to a se ... | bookworm, bullseye, sid, trixie | |
| CVE-2025-31180 | A flaw was found in gnuplot. The CANVAS_text() function may lead to a ... | bookworm, bullseye, sid, trixie | |
| CVE-2025-31181 | A flaw was found in gnuplot. The X11_graphics() function may lead to a ... | bookworm, bullseye, sid, trixie | |
| gnutls28 | CVE-2011-3389 | The SSL protocol, as used in certain configurations in Microsoft Windo ... | bookworm, bullseye, sid, trixie |
| gocr | CVE-2021-33479 | A stack-based buffer overflow vulnerability was discovered in gocr thr ... | bookworm, bullseye, sid, trixie |
| CVE-2021-33480 | An use-after-free vulnerability was discovered in gocr through 0.53-20 ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-33481 | A stack-based buffer overflow vulnerability was discovered in gocr thr ... | bookworm, bullseye, sid, trixie | |
| golang-1.15 | CVE-2020-29509 | The encoding/xml package in Go (all versions) does not correctly prese ... | bullseye |
| CVE-2020-29510 | The encoding/xml package in Go versions 1.15 and earlier does not corr ... | bullseye | |
| CVE-2020-29511 | The encoding/xml package in Go (all versions) does not correctly prese ... | bullseye | |
| CVE-2022-41716 | Due to unsanitized NUL values, attackers may be able to maliciously se ... | bullseye | |
| CVE-2022-41720 | On Windows, restricted files can be accessed via os.DirFS and http.Dir ... | bullseye | |
| CVE-2022-41722 | A path traversal vulnerability exists in filepath.Clean on Windows. On ... | bullseye | |
| CVE-2023-45283 | The filepath package does not recognize paths with a \??\ prefix as sp ... | bullseye | |
| CVE-2023-45284 | On Windows, The IsLocal function does not correctly detect reserved de ... | bullseye | |
| golang-1.19 | CVE-2023-45283 | The filepath package does not recognize paths with a \??\ prefix as sp ... | bookworm |
| CVE-2023-45284 | On Windows, The IsLocal function does not correctly detect reserved de ... | bookworm | |
| golang-github-blevesearch-bleve | CVE-2022-31022 | Bleve is a text indexing library for go. Bleve includes HTTP utilities ... | bullseye |
| golang-github-containers-buildah | CVE-2022-4122 | A vulnerability was found in buildah. Incorrect following of symlinks ... | bookworm, bullseye, sid, trixie |
| CVE-2022-4123 | A flaw was found in Buildah. The local path and the lowest subdirector ... | bookworm, bullseye, sid, trixie | |
| golang-github-lucas-clemente-quic-go | CVE-2022-30591 | quic-go through 0.27.0 allows remote attackers to cause a denial of se ... | bookworm, bullseye, sid, trixie |
| golang-go.crypto | CVE-2022-30636 | httpTokenCacheKey uses path.Base to extract the expected HTTP-01 token ... | bullseye |
| google-perftools | CVE-2018-13420 | Google gperftools 2.7 has a memory leak in malloc_extension.cc, relate ... | bookworm, bullseye, sid, trixie |
| gpac | CVE-2022-43254 | GPAC v2.1-DEV-rev368-gfd054169b-master was discovered to contain a mem ... | bullseye |
| gpw | CVE-2011-4931 | gpw generates shorter passwords than required | bookworm, bullseye, sid, trixie |
| graphicsmagick | CVE-2017-13736 | There are lots of memory leaks in the GMCommand function in magick/com ... | bookworm, bullseye, sid, trixie |
| graphviz | CVE-2019-11023 | The agroot() function in cgraph\obj.c in libcgraph.a in Graphviz 2.39. ... | bookworm, bullseye, sid, trixie |
| CVE-2023-46045 | Graphviz 2.36.0 through 9.x before 10.0.1 has an out-of-bounds read vi ... | bookworm, bullseye | |
| grub | CVE-2008-3896 | Grub Legacy 0.97 and earlier stores pre-boot authentication passwords ... | bookworm, bullseye, sid, trixie |
| CVE-2023-4949 | An attacker with local access to a system (either through a disk or ex ... | bookworm, bullseye, sid, trixie | |
| gsoap | CVE-2021-21783 | A code execution vulnerability exists in the WS-Addressing plugin func ... | bookworm, bullseye, sid, trixie |
| gssproxy | CVE-2020-12658 | gssproxy (aka gss-proxy) before 0.8.3 does not unlock cond_mutex befor ... | bookworm, bullseye, sid, trixie |
| h2database | CVE-2022-45868 | The web-based admin console in H2 Database Engine before 2.2.220 can b ... | bookworm, bullseye, sid, trixie |
| hamster-time-tracker | CVE-2023-36250 | CSV Injection vulnerability in GNOME time tracker version 3.0.2, allow ... | bookworm, bullseye, sid, trixie |
| haskell-tls | CVE-2011-3389 | The SSL protocol, as used in certain configurations in Microsoft Windo ... | bookworm, bullseye, sid, trixie |
| hdf5 | CVE-2017-17507 | In HDF5 1.10.1, there is an out of bounds read vulnerability in the fu ... | bookworm, bullseye |
| CVE-2018-13869 | An issue was discovered in the HDF HDF5 1.8.20 library. There is a mem ... | bullseye | |
| CVE-2018-13870 | An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ... | bullseye | |
| CVE-2018-14031 | An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ... | bookworm, bullseye | |
| CVE-2018-14033 | An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ... | bookworm, bullseye | |
| CVE-2018-14034 | An issue was discovered in the HDF HDF5 1.8.20 library. There is an ou ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-14035 | An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-14460 | An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ... | bullseye | |
| CVE-2018-15671 | An issue was discovered in the HDF HDF5 1.10.2 library. Excessive stac ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-16438 | An issue was discovered in the HDF HDF5 1.8.20 library. There is an ou ... | bookworm, bullseye | |
| CVE-2018-17432 | A NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c in ... | bullseye | |
| CVE-2018-17433 | A heap-based buffer overflow in ReadGifImageDesc() in gifread.c in the ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-17435 | A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c in the ... | bullseye | |
| CVE-2018-17436 | ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library allo ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-17439 | An issue was discovered in the HDF HDF5 1.10.3 library. There is a sta ... | bookworm, bullseye | |
| CVE-2019-8397 | An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-9151 | An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-9152 | An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ... | bookworm, bullseye, sid, trixie | |
| CVE-2020-10809 | An issue was discovered in HDF5 through 1.12.0. A heap-based buffer ov ... | bookworm, bullseye, sid, trixie | |
| CVE-2020-10810 | An issue was discovered in HDF5 through 1.12.0. A NULL pointer derefer ... | bullseye | |
| CVE-2020-10811 | An issue was discovered in HDF5 through 1.12.0. A heap-based buffer ov ... | bullseye | |
| CVE-2020-10812 | An issue was discovered in HDF5 through 1.12.0. A NULL pointer derefer ... | bookworm, bullseye, sid, trixie | |
| CVE-2020-18232 | Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1 ... | bookworm, bullseye, sid, trixie | |
| CVE-2020-18494 | Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1 ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-37501 | Buffer Overflow vulnerability in HDFGroup hdf5-h5dump 1.12.0 through 1 ... | bookworm, bullseye | |
| CVE-2021-45829 | HDF5 1.13.1-1 is affected by: segmentation fault, which causes a Denia ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-45830 | A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via ... | bookworm, bullseye | |
| CVE-2021-45832 | A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 at ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-45833 | A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 vi ... | bookworm, bullseye | |
| CVE-2021-46242 | HDF5 v1.13.1-1 was discovered to contain a heap-use-after free via the ... | bookworm, bullseye | |
| CVE-2021-46243 | An untrusted pointer dereference vulnerability exists in HDF5 v1.13.1- ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-46244 | A Divide By Zero vulnerability exists in HDF5 v1.13.1-1 vis the functi ... | bookworm, bullseye | |
| heat | CVE-2024-7319 | An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensi ... | bookworm, sid, trixie |
| hex-a-hop | TEMP-0528250-2E3658 | hex-a-hop: buffer overflow in loading save games | bookworm, bullseye, sid, trixie |
| hiredis | CVE-2021-32765 | Hiredis is a minimalistic C client library for the Redis database. In ... | bullseye |
| horizon-eda | CVE-2021-21897 | A code execution vulnerability exists in the DL_Dxf::handleLWPolylineD ... | bookworm, bullseye, sid, trixie |
| hoteldruid | CVE-2024-23091 | Weak password hashing using MD5 in funzioni.php in HotelDruid before 1 ... | bookworm, bullseye, sid |
| htmldoc | CVE-2021-34119 | A flaw was discovered in htmodoc 1.9.12 in function parse_paragraph in ... | bullseye |
| CVE-2021-34121 | An Out of Bounds flaw was discovered in htmodoc 1.9.12 in function par ... | bullseye | |
| CVE-2022-0137 | A heap buffer overflow in image_set_mask function of HTMLDOC before 1. ... | bullseye | |
| CVE-2022-34033 | HTMLDoc v1.9.15 was discovered to contain a heap overflow via (write_h ... | bullseye | |
| CVE-2022-34035 | HTMLDoc v1.9.12 and below was discovered to contain a heap overflow vi ... | bullseye | |
| htslib | CVE-2018-14329 | In HTSlib 1.8, a race condition in cram/cram_io.c might allow local us ... | bookworm, bullseye, sid, trixie |
| httpie | CVE-2023-48052 | Missing SSL certificate validation in HTTPie v3.2.2 allows attackers t ... | bookworm, sid, trixie |
| hugin | CVE-2024-25442 | An issue in the HuginBase::PanoramaMemento::loadPTScript function of H ... | bookworm, bullseye |
| CVE-2024-25443 | An issue in the HuginBase::ImageVariable<double>::linkWith function of ... | bookworm, bullseye | |
| CVE-2024-25445 | Improper handling of values in HuginBase::PTools::Transform::transform ... | bookworm, bullseye | |
| CVE-2024-25446 | An issue in the HuginBase::PTools::setDestImage function of Hugin v202 ... | bookworm, bullseye | |
| icecast2 | CVE-2005-0837 | IceCast 2.20 allows remote attackers to bypass the XSL parser and obta ... | bookworm, bullseye, sid, trixie |
| CVE-2005-0838 | Multiple buffer overflows in the XSL parser for IceCast 2.20 may allow ... | bookworm, bullseye, sid, trixie | |
| icedtea-web | CVE-2015-5236 | It was discovered that the IcedTea-Web used codebase attribute of the ... | bookworm, bullseye, sid, trixie |
| imagemagick | CVE-2005-0406 | A design flaw in image processing software that modifies JPEG images m ... | bookworm, bullseye, sid, trixie |
| CVE-2008-3134 | Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 al ... | bookworm, bullseye, sid, trixie | |
| CVE-2016-8678 | The IsPixelMonochrome function in MagickCore/pixel-accessor.h in Image ... | bookworm, bullseye, sid, trixie | |
| CVE-2017-7275 | The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allow ... | bookworm, bullseye, sid, trixie | |
| CVE-2017-11754 | The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 al ... | bookworm, bullseye, sid, trixie | |
| CVE-2017-11755 | The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 al ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-15607 | In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x3 ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-20311 | A flaw was found in ImageMagick in versions before 7.0.11, where a div ... | bookworm, bullseye | |
| CVE-2023-34152 | A vulnerability was found in ImageMagick. This security flaw cause a r ... | bookworm, bullseye, sid, trixie | |
| in-toto | CVE-2023-32076 | in-toto is a framework to protect supply chain integrity. The in-toto ... | bookworm, bullseye |
| influxdb | CVE-2022-36640 | influxData influxDB before v1.8.10 contains no authentication mechanis ... | bookworm, bullseye, sid, trixie |
| iniparser | CVE-2023-33461 | iniparser v4.1 is vulnerable to NULL Pointer Dereference in function i ... | bookworm, bullseye |
| CVE-2025-0633 | Heap-based Buffer Overflow vulnerability ininiparser_dumpsection_ini() ... | bookworm, bullseye | |
| initramfs-tools | CVE-2008-4996 | init in initramfs-tools 0.92f allows local users to overwrite arbitrar ... | bookworm, bullseye, sid, trixie |
| ioquake3 | CVE-2019-1010043 | Quake3e < 5ed740d is affected by: Buffer Overflow. The impact is: Poss ... | bookworm, bullseye, sid, trixie |
| ippsample | CVE-2023-24808 | PDFio is a C library for reading and writing PDF files. In versions pr ... | bookworm, sid |
| CVE-2023-28428 | PDFio is a C library for reading and writing PDF files. In versions 1. ... | bookworm, sid | |
| CVE-2024-42358 | PDFio is a simple C library for reading and writing PDF files. There i ... | bookworm, sid | |
| iptables | CVE-2012-2663 | extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP S ... | bookworm, bullseye, sid, trixie |
| iptraf-ng | CVE-2024-52949 | iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, th ... | bookworm, bullseye, sid, trixie |
| iputils | CVE-2025-47268 | ping in iputils through 20240905 allows a denial of service (applicati ... | bookworm, bullseye, sid, trixie |
| jackrabbit | CVE-2023-37895 | Java object deserialization issue in Jackrabbit webapp/standalone on a ... | bookworm, bullseye |
| jakarta-el-api | CVE-2021-28170 | In the Jakarta Expression Language implementation 3.0.3 and earlier, a ... | bookworm, bullseye, sid, trixie |
| janino | CVE-2023-33546 | Janino 3.1.9 and earlier are subject to denial of service (DOS) attack ... | bookworm, bullseye, sid, trixie |
| jansson | CVE-2020-36325 | An issue was discovered in Jansson through 2.13.1. Due to a parsing er ... | bookworm, bullseye, sid, trixie |
| janus | CVE-2021-4124 | janus-gateway is vulnerable to Improper Neutralization of Input During ... | bookworm, sid |
| jbig2dec | CVE-2023-46361 | Artifex Software jbig2dec v0.20 was discovered to contain a SEGV vulne ... | bookworm, bullseye, sid, trixie |
| jbigkit | CVE-2017-9937 | In LibTIFF 4.0.8, there is a memory malloc failure in tif_jbig.c. A cr ... | bookworm, bullseye, sid, trixie |
| jetty9 | CVE-2024-6763 | Eclipse Jetty is a lightweight, highly scalable, Java-based web server ... | bookworm, bullseye, sid, trixie |
| jhead | CVE-2020-6624 | jhead through 3.04 has a heap-based buffer over-read in process_DQT in ... | bookworm, bullseye, sid, trixie |
| CVE-2020-6625 | jhead through 3.04 has a heap-based buffer over-read in Get32s when ca ... | bookworm, bullseye, sid, trixie | |
| CVE-2020-28840 | Buffer Overflow vulnerability in jpgfile.c in Matthias-Wandel jhead ve ... | bullseye | |
| CVE-2021-28275 | A Denial of Service vulnerability exists in jhead 3.04 and 3.05 due to ... | bullseye | |
| CVE-2021-28276 | A Denial of Service vulnerability exists in jhead 3.04 and 3.05 via a ... | bullseye | |
| CVE-2021-28277 | A Heap-based Buffer Overflow vulnerabilty exists in jhead 3.04 and 3.0 ... | bullseye | |
| CVE-2021-28278 | A Heap-based Buffer Overflow vulnerability exists in jhead 3.04 and 3. ... | bullseye | |
| CVE-2024-2824 | A vulnerability was found in Matthias-Wandel jhead 3.08 and classified ... | bookworm, bullseye, sid, trixie | |
| jinja2 | CVE-2019-8341 | An issue was discovered in Jinja2 2.10. The from_string function is pr ... | bookworm, bullseye, sid, trixie |
| joblib | CVE-2024-34997 | joblib v1.4.2 was discovered to contain a deserialization vulnerabilit ... | bookworm, bullseye, sid, trixie |
| jpeg-xl | CVE-2021-36691 | libjxl v0.5.0 is affected by a Assertion failed issue in lib/jxl/image ... | bookworm, sid, trixie |
| jpegoptim | CVE-2022-32325 | JPEGOPTIM v1.4.7 was discovered to contain a segmentation violation wh ... | bookworm, bullseye, sid, trixie |
| CVE-2023-27781 | jpegoptim v1.5.2 was discovered to contain a heap overflow in the opti ... | bookworm, bullseye, sid, trixie | |
| jquery-goodies | CVE-2022-23395 | jQuery Cookie 1.4.1 is affected by prototype pollution, which can lead ... | bookworm, bullseye, sid, trixie |
| json-glib | TEMP-0772585-D41D8C | bookworm, bullseye, sid, trixie | |
| jsonpickle | CVE-2020-22083 | jsonpickle through 1.4.1 allows remote code execution during deseriali ... | bookworm, bullseye, sid, trixie |
| jupyter-server | CVE-2023-49080 | The Jupyter Server provides the backend (i.e. the core services, APIs, ... | bookworm, bullseye |
| jython | CVE-2017-17522 | Lib/webbrowser.py in Python through 3.6.3 does not validate strings be ... | bookworm, bullseye, sid, trixie |
| keepalived | CVE-2024-41184 | In the vrrp_ipsets_handler handler (fglobal_parser.c) of keepalived th ... | bookworm, bullseye |
| keepass2 | CVE-2019-20184 | KeePass 2.4.1 allows CSV injection in the title field of a CSV export. | bookworm, bullseye, sid, trixie |
| CVE-2023-32784 | In KeePass 2.x before 2.54, it is possible to recover the cleartext ma ... | bookworm, bullseye, sid, trixie | |
| kiwi | CVE-2017-17532 | examples/framework/news/news3.py in Kiwi 1.9.22 does not validate stri ... | bookworm, sid |
| knot-resolver | CVE-2022-32983 | Knot Resolver through 5.5.1 may allow DNS cache poisoning when there i ... | bookworm, bullseye, sid, trixie |
| krb5 | CVE-2018-5709 | An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The ... | bookworm, bullseye, sid, trixie |
| CVE-2024-26458 | Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/r ... | bookworm, bullseye, sid, trixie | |
| CVE-2024-26461 | Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ... | bookworm, bullseye, sid, trixie | |
| lbreakout2 | TEMP-0608980-E8B8DF | Crash with long HOME environment variable | bookworm, bullseye |
| lcms2 | CVE-2025-29070 | A heap buffer overflow vulnerability has been identified in thesmooth2 ... | bookworm, bullseye, sid, trixie |
| leocad | CVE-2021-31804 | LeoCAD before 21.03 sometimes allows a use-after-free during the openi ... | bookworm, bullseye, sid, trixie |
| libao | CVE-2017-11548 | The _tokenize_matrix function in audio_out.c in Xiph.Org libao 1.2.0 a ... | bookworm, bullseye, sid, trixie |
| libapache-poi-java | CVE-2016-5000 | The XLSX2CSV example in Apache POI before 3.14 allows remote attackers ... | bookworm, bullseye, sid, trixie |
| CVE-2019-12415 | In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to conv ... | bookworm, bullseye, sid, trixie | |
| libarchive | CVE-2023-30571 | Libarchive through 3.6.2 can cause directories to have world-writable ... | bookworm, bullseye, sid, trixie |
| CVE-2025-1632 | A vulnerability was found in libarchive up to 3.7.7. It has been class ... | bookworm, bullseye | |
| CVE-2025-25724 | list_item_verbose in tar/util.c in libarchive through 3.7.7 does not c ... | bookworm, bullseye | |
| libbpf | CVE-2025-29481 | Buffer Overflow vulnerability in libbpf 1.5.0 allows a local attacker ... | bookworm, bullseye |
| libbson-xs-perl | CVE-2025-40906 | BSON::XS versions 0.8.4 and earlier for Perl includes a bundled libbso ... | bookworm, bullseye |
| libcaca | CVE-2022-0856 | libcaca is affected by a Divide By Zero issue via img2txt, which allow ... | bookworm, bullseye, sid, trixie |
| libcommons-collections4-java | CVE-2015-7501 | Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data G ... | bookworm, bullseye, sid, trixie |
| libcommons-fileupload-java | CVE-2016-1000031 | Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation ... | bookworm, bullseye, sid, trixie |
| libcrypt-cbc-perl | CVE-2025-2814 | Crypt::CBC versions between 1.21 and 3.04 for Perl may use the rand() ... | bookworm, bullseye, sid, trixie |
| libcrypto++ | CVE-2016-7420 | Crypto++ (aka cryptopp) through 5.6.4 does not document the requiremen ... | bookworm, bullseye, sid, trixie |
| libdata-uuid-perl | CVE-2013-4184 | Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink a ... | bookworm, bullseye |
| libesmtp | CVE-2019-19977 | libESMTP through 1.0.6 mishandles domain copying into a fixed-size buf ... | bookworm, bullseye, sid, trixie |
| libfwsi | CVE-2019-17263 | In libyal libfwsi before 20191006, libfwsi_extension_block_copy_from_b ... | bookworm, bullseye, sid, trixie |
| libgadu | CVE-2013-4488 | libgadu before 1.12.0 does not verify X.509 certificates from SSL serv ... | bookworm, bullseye, sid, trixie |
| libgcrypt20 | CVE-2018-6829 | cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt mess ... | bookworm, bullseye, sid, trixie |
| CVE-2024-2236 | A timing-based side-channel flaw was found in libgcrypt's RSA implemen ... | bookworm, bullseye, sid, trixie | |
| libgd2 | CVE-2021-40145 | gdImageGd2Ptr in gd_gd2.c in the GD Graphics Library (aka LibGD) throu ... | bullseye |
| libgda5 | CVE-2021-39359 | In GNOME libgda through 6.0.0, gda-web-provider.c does not enable TLS ... | bookworm, bullseye |
| libgig | CVE-2018-14449 | An issue was discovered in libgig 4.1.0. There is an out of bounds rea ... | bookworm, bullseye, sid, trixie |
| CVE-2018-14450 | An issue was discovered in libgig 4.1.0. There is an out-of-bounds rea ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-14451 | An issue was discovered in libgig 4.1.0. There is a heap-based buffer ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-14452 | An issue was discovered in libgig 4.1.0. There is an out-of-bounds rea ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-14453 | An issue was discovered in libgig 4.1.0. There is a heap-based buffer ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-14454 | An issue was discovered in libgig 4.1.0. There is an out-of-bounds rea ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-14455 | An issue was discovered in libgig 4.1.0. There is an out-of-bounds wri ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-14456 | An issue was discovered in libgig 4.1.0. There is an out-of-bounds wri ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-14457 | An issue was discovered in libgig 4.1.0. There is an out-of-bounds wri ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-14458 | An issue was discovered in libgig 4.1.0. There is a heap-based buffer ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-14459 | An issue was discovered in libgig 4.1.0. There is an out-of-bounds wri ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-18192 | An issue was discovered in libgig 4.1.0. There is a NULL pointer deref ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-18193 | An issue was discovered in libgig 4.1.0. There is operator new[] failu ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-18194 | An issue was discovered in libgig 4.1.0. There is a heap-based buffer ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-18195 | An issue was discovered in libgig 4.1.0. There is an FPE (divide-by-ze ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-18196 | An issue was discovered in libgig 4.1.0. There is a heap-based buffer ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-18197 | An issue was discovered in libgig 4.1.0. There is an operator new[] fa ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-32294 | An issue was discovered in libgig through 20200507. A heap-buffer-over ... | bookworm, bullseye, sid, trixie | |
| libglvnd | CVE-2023-45924 | libglxproto.c in OpenGL libglvnd bb06db5a was discovered to contain a ... | bookworm, bullseye, sid, trixie |
| libheif | CVE-2023-49463 | libheif v1.17.5 was discovered to contain a segmentation violation via ... | bookworm, bullseye |
| CVE-2024-25269 | libheif <= 1.17.6 contains a memory leak in the function JpegEncoder:: ... | bookworm, bullseye | |
| libhttp-tiny-perl | CVE-2023-31486 | HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available ... | bookworm |
| libjgroups-java | CVE-2016-2141 | It was found that JGroups did not require necessary headers for encryp ... | bookworm, bullseye, sid, trixie |
| libjpeg | CVE-2022-31620 | In libjpeg before 1.64, BitStream<false>::Get in bitstream.hpp has an ... | bullseye |
| CVE-2022-31796 | libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRe ... | bullseye | |
| CVE-2022-32201 | In libjpeg 1.63, there is a NULL pointer dereference in Component::Sub ... | bullseye | |
| CVE-2022-32202 | In libjpeg 1.63, there is a NULL pointer dereference in LineBuffer::Fe ... | bullseye | |
| CVE-2022-32978 | There is an assertion failure in SingleComponentLSScan::ParseMCU in si ... | bullseye | |
| CVE-2022-35166 | libjpeg commit 842c7ba was discovered to contain an infinite loop via ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-37768 | libjpeg commit 281daa9 was discovered to contain an infinite loop via ... | bullseye | |
| CVE-2022-37770 | libjpeg commit 281daa9 was discovered to contain a segmentation fault ... | bullseye | |
| CVE-2023-37836 | libjpeg commit db33a6e was discovered to contain a reachable assertion ... | bookworm, bullseye | |
| CVE-2023-37837 | libjpeg commit db33a6e was discovered to contain a heap buffer overflo ... | bookworm, bullseye | |
| libjpeg6b | CVE-2016-3616 | The cjpeg utility in libjpeg allows remote attackers to cause a denial ... | sid |
| liblnk | CVE-2019-17263 | In libyal libfwsi before 20191006, libfwsi_extension_block_copy_from_b ... | bookworm, bullseye, sid, trixie |
| CVE-2019-17264 | In libyal liblnk before 20191006, liblnk_location_information_read_dat ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-17401 | libyal liblnk 20191006 has a heap-based buffer over-read in the networ ... | bookworm, bullseye, sid, trixie | |
| liblouis | CVE-2023-26767 | Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remo ... | bookworm, bullseye |
| CVE-2023-26768 | Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remo ... | bookworm, bullseye | |
| CVE-2023-26769 | Buffer Overflow vulnerability found in Liblouis Lou_Trace v.3.24.0 all ... | bookworm, bullseye | |
| libmatio | CVE-2019-20019 | An attempted excessive memory allocation was discovered in Mat_VarRead ... | bookworm, bullseye, sid, trixie |
| libmetadata-extractor-java | CVE-2022-24613 | metadata-extractor up to 2.16.0 can throw various uncaught exceptions ... | bookworm, bullseye, sid, trixie |
| CVE-2022-24614 | When reading a specially crafted JPEG file, metadata-extractor up to 2 ... | bookworm, bullseye, sid, trixie | |
| libokhttp-java | CVE-2018-20200 | CertificatePinner.java in OkHttp 3.x through 3.12.0 allows man-in-the- ... | bookworm, bullseye, sid, trixie |
| libpam-krb5 | CVE-2023-3326 | pam_krb5 authenticates a user by essentially running kinit with the pa ... | bookworm, bullseye, sid, trixie |
| libpcap | CVE-2023-7256 | In affected libpcap versions during the setup of a remote packet captu ... | bookworm, bullseye |
| CVE-2024-8006 | Remote packet capture support is disabled by default in libpcap. When ... | bookworm, bullseye | |
| libphp-adodb | CVE-2006-4976 | The Date Library in John Lim ADOdb Library for PHP allows remote attac ... | bookworm, bullseye, sid, trixie |
| CVE-2011-3699 | John Lim ADOdb Library for PHP 5.11 allows remote attackers to obtain ... | bookworm, bullseye, sid, trixie | |
| libpng1.6 | CVE-2019-6129 | png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as ... | bullseye |
| CVE-2021-4214 | A heap overflow flaw was found in libpngs' pngimage.c program. This fl ... | bookworm, bullseye, sid, trixie | |
| libpodofo | CVE-2018-20797 | An issue was discovered in PoDoFo 0.9.6. There is an attempted excessi ... | bookworm, bullseye, sid, trixie |
| CVE-2020-18972 | Exposure of Sensitive Information to an Unauthorized Actor in PoDoFo v ... | bookworm, bullseye, sid, trixie | |
| libquicktime | CVE-2017-12143 | In libquicktime 1.2.4, an allocation failure was found in the function ... | bookworm, bullseye, sid, trixie |
| CVE-2017-12145 | In libquicktime 1.2.4, an allocation failure was found in the function ... | bookworm, bullseye, sid, trixie | |
| libraw | CVE-2020-24890 | libraw 20.0 has a null pointer dereference vulnerability in parse_tiff ... | bookworm, bullseye, sid, trixie |
| librecad | CVE-2021-21897 | A code execution vulnerability exists in the DL_Dxf::handleLWPolylineD ... | bookworm, bullseye, sid, trixie |
| CVE-2023-30259 | A Buffer Overflow vulnerability in importshp plugin in LibreCAD 2.2.0 ... | bookworm, bullseye | |
| libreoffice | CVE-2012-5639 | LibreOffice and OpenOffice automatically open embedded content | bookworm, bullseye, sid, trixie |
| CVE-2018-10583 | An information disclosure vulnerability occurs when LibreOffice 6.0.3 ... | bookworm, bullseye, sid, trixie | |
| libreswan | CVE-2018-5389 | The Internet Key Exchange v1 main mode is vulnerable to offline dictio ... | bookworm, bullseye, sid, trixie |
| libsass | CVE-2019-18797 | LibSass 3.6.1 has uncontrolled recursion in Sass::Eval::operator()(Sas ... | bookworm, bullseye, sid, trixie |
| libslirp | CVE-2020-7211 | tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\ ... | bookworm, bullseye, sid, trixie |
| libspring-java | CVE-2021-22060 | In Spring Framework versions 5.3.0 - 5.3.13, 5.2.0 - 5.2.18, and older ... | bookworm, bullseye, sid, trixie |
| CVE-2021-22096 | In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-22950 | n Spring Framework versions 5.3.0 - 5.3.16 and older unsupported versi ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-22965 | A Spring MVC or Spring WebFlux application running on JDK 9+ may be vu ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-22968 | In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-22970 | In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupp ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-22971 | In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupp ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-20860 | Spring Framework running version 6.0.0 - 6.0.6 or 5.3.0 - 5.3.25 using ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-20861 | In Spring Framework versions 6.0.0 - 6.0.6, 5.3.0 - 5.3.25, 5.2.0.RELE ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-20863 | In spring framework versions prior to 5.2.24 release+ ,5.3.27+ and 6.0 ... | bookworm, bullseye, sid, trixie | |
| CVE-2024-22243 | Applications that use UriComponentsBuilderto parse an externally provi ... | bookworm, bullseye, sid, trixie | |
| CVE-2024-22259 | Applications that use UriComponentsBuilder in Spring Frameworkto parse ... | bookworm, bullseye, sid, trixie | |
| CVE-2024-22262 | Applications that use UriComponentsBuilderto parse an externally provi ... | bookworm, bullseye, sid, trixie | |
| CVE-2024-38807 | Applications that use spring-boot-loaderor spring-boot-loader-classica ... | bookworm, bullseye, sid, trixie | |
| CVE-2024-38808 | In Spring Framework versions 5.3.0 - 5.3.38 and older unsupported vers ... | bookworm, bullseye, sid, trixie | |
| CVE-2024-38809 | Applications that parse ETags from "If-Match" or "If-None-Match" reque ... | bookworm, bullseye, sid, trixie | |
| CVE-2024-38816 | Applications serving static resources through the functional web frame ... | bookworm, bullseye, sid, trixie | |
| CVE-2024-38819 | Applications serving static resources through the functional web frame ... | bookworm, bullseye, sid, trixie | |
| CVE-2024-38820 | The fix for CVE-2022-22968 made disallowedFieldspatterns in DataBinder ... | bookworm, bullseye, sid, trixie | |
| CVE-2024-38828 | Spring MVC controller methods with an @RequestBody byte[]method parame ... | bookworm, bullseye, sid, trixie | |
| CVE-2024-38829 | A vulnerability in Spring LDAP allows data exposure for case sensitive ... | bookworm, bullseye, sid, trixie | |
| libstb | CVE-2022-27938 | stb_image.h (aka the stb image loader) 2.19, as used in libsixel and o ... | bookworm, bullseye, sid, trixie |
| CVE-2022-28048 | STB v2.27 was discovered to contain an integer shift of invalid size i ... | bookworm, bullseye | |
| libtheora | CVE-2024-56431 | oc_huff_tree_unpack in huffdec.c in libtheora in Theora through 1.0 71 ... | bookworm, bullseye |
| libvncserver | CVE-2019-15680 | TightVNC code version 1.3.10 contains null pointer dereference in Hand ... | bookworm, bullseye, sid, trixie |
| libvpx | CVE-2017-0641 | A remote denial of service vulnerability in libvpx in Mediaserver coul ... | bookworm, bullseye, sid, trixie |
| libvterm | CVE-2018-20786 | libvterm through 0+bzr726, as used in Vim and other products, mishandl ... | bookworm, bullseye, sid, trixie |
| libwmf | CVE-2007-3476 | Array index error in gd_gif_in.c in the GD Graphics Library (libgd) be ... | bookworm, bullseye, sid, trixie |
| CVE-2007-3477 | The (a) imagearc and (b) imagefilledarc functions in GD Graphics Libra ... | bookworm, bullseye, sid, trixie | |
| CVE-2007-3996 | Multiple integer overflows in libgd in PHP before 5.2.4 allow remote a ... | bookworm, bullseye, sid, trixie | |
| CVE-2009-3546 | The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5. ... | bookworm, bullseye, sid, trixie | |
| TEMP-0601525-BEBB65 | libgd2: gdImageColorTransparent can write outside buffer | bookworm, bullseye, sid, trixie | |
| libxerces2-java | CVE-2012-0881 | Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to ca ... | bookworm, bullseye, sid, trixie |
| libxml2 | CVE-2024-34459 | An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2. ... | bookworm, bullseye |
| libxslt | CVE-2015-9019 | In libxslt 1.1.29 and earlier, the EXSLT math.random function was not ... | bookworm, bullseye, sid, trixie |
| libxsmm | CVE-2018-20543 | There is an attempted excessive memory allocation at libxsmm_sparse_cs ... | bookworm, sid, trixie |
| libxstream-java | CVE-2022-40151 | Those using Xstream to seralize XML data may be vulnerable to Denial o ... | bookworm, bullseye, sid, trixie |
| linux | CVE-2004-0230 | TCP, when using a large Window Size, makes it easier for remote attack ... | bookworm, bullseye, sid, trixie |
| CVE-2005-3660 | Linux kernel 2.4 and 2.6 allows attackers to cause a denial of service ... | bookworm, bullseye, sid, trixie | |
| CVE-2007-3719 | The process scheduler in the Linux kernel 2.6.16 gives preference to " ... | bookworm, bullseye, sid, trixie | |
| CVE-2008-2544 | Mounting /proc filesystem via chroot command silently mounts it in rea ... | bookworm, bullseye, sid, trixie | |
| CVE-2008-4609 | The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, ... | bookworm, bullseye, sid, trixie | |
| CVE-2010-4563 | The Linux kernel, when using IPv6, allows remote attackers to determin ... | bookworm, bullseye, sid, trixie | |
| CVE-2010-5321 | Memory leak in drivers/media/video/videobuf-core.c in the videobuf sub ... | bookworm, bullseye, sid, trixie | |
| CVE-2011-4915 | fs/proc/base.c in the Linux kernel through 3.1 allows local users to o ... | bookworm, bullseye, sid, trixie | |
| CVE-2011-4916 | Linux kernel through 3.1 allows local users to obtain sensitive keystr ... | bookworm, bullseye, sid, trixie | |
| CVE-2011-4917 | In the Linux kernel through 3.1 there is an information disclosure iss ... | bookworm, bullseye, sid, trixie | |
| CVE-2012-4542 | block/scsi_ioctl.c in the Linux kernel through 3.8 does not properly c ... | bookworm, bullseye, sid, trixie | |
| CVE-2014-9892 | The snd_compr_tstamp function in sound/core/compress_offload.c in the ... | bookworm, bullseye, sid, trixie | |
| CVE-2014-9900 | The ethtool_get_wol function in net/core/ethtool.c in the Linux kernel ... | bookworm, bullseye, sid, trixie | |
| CVE-2015-2877 | Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 through 4.x d ... | bookworm, bullseye, sid, trixie | |
| CVE-2016-8660 | The XFS subsystem in the Linux kernel through 4.8.2 allows local users ... | bookworm, bullseye, sid, trixie | |
| CVE-2016-10723 | An issue was discovered in the Linux kernel through 4.17.2. Since the ... | bookworm, bullseye, sid, trixie | |
| CVE-2017-0630 | An information disclosure vulnerability in the kernel trace subsystem ... | bookworm, bullseye, sid, trixie | |
| CVE-2017-13693 | The acpi_ds_create_operands() function in drivers/acpi/acpica/dsutils. ... | bookworm, bullseye, sid, trixie | |
| CVE-2017-13694 | The acpi_ps_complete_final_op() function in drivers/acpi/acpica/psobje ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-1121 | procps-ng, procps is vulnerable to a process hiding through race condi ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-17977 | The Linux kernel 4.14.67 mishandles certain interaction among XFRM Net ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-11191 | The Linux kernel through 5.0.7, when CONFIG_IA32_AOUT is enabled and i ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-12378 | An issue was discovered in ip6_ra_control in net/ipv6/ipv6_sockglue.c ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-12379 | An issue was discovered in con_insert_unipair in drivers/tty/vt/consol ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-12380 | **DISPUTED** An issue was discovered in the efi subsystem in the Linux ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-12381 | An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-12382 | An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/d ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-12455 | An issue was discovered in sunxi_divs_clk_setup in drivers/clk/sunxi/c ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-12456 | An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-16229 | drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c in the Linux kernel 5.2.14 ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-16230 | drivers/gpu/drm/radeon/radeon_display.c in the Linux kernel 5.2.14 doe ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-16231 | drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-16232 | drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5. ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-16233 | drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not chec ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-16234 | drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5. ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-19070 | A memory leak in the spi_gpio_probe() function in drivers/spi/spi-gpio ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-19378 | In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image ... | bookworm, bullseye, sid, trixie | |
| CVE-2020-11725 | snd_ctl_elem_add in sound/core/control.c in the Linux kernel through 5 ... | bookworm, bullseye, sid, trixie | |
| CVE-2020-35501 | A flaw was found in the Linux kernels implementation of audit rules, w ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-3714 | A flaw was found in the Linux kernels memory deduplication mechanism. ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-26934 | An issue was discovered in the Linux kernel 4.18 through 5.10.16, as u ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-32078 | An Out-of-Bounds Read was discovered in arch/arm/mach-footbridge/perso ... | bullseye | |
| CVE-2022-0400 | An out-of-bounds read vulnerability was discovered in linux kernel in ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-1247 | An issue found in linux-kernel that leads to a race condition in rose_ ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-2961 | A use-after-free flaw was found in the Linux kernel\u2019s PLP Rose fu ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-3238 | A double-free flaw was found in the Linux kernel\u2019s NTFS3 subsyste ... | bookworm, sid, trixie | |
| CVE-2022-4543 | A flaw named "EntryBleed" was found in the Linux Kernel Page Table Iso ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-25265 | In the Linux kernel through 5.16.10, certain binary files may have the ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-41848 | drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-44032 | An issue was discovered in the Linux kernel through 6.0.6. drivers/cha ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-44033 | An issue was discovered in the Linux kernel through 6.0.6. drivers/cha ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-44034 | An issue was discovered in the Linux kernel through 6.0.6. drivers/cha ... | bookworm, bullseye | |
| CVE-2022-45884 | An issue was discovered in the Linux kernel through 6.0.9. drivers/med ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-45885 | An issue was discovered in the Linux kernel through 6.0.9. drivers/med ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-3640 | A possible unauthorized memory access flaw was found in the Linux kern ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-4134 | A use-after-free vulnerability was found in the cyttsp4_core driver in ... | bookworm, bullseye | |
| CVE-2023-6610 | An out-of-bounds read vulnerability was found in smb2_dump_detail in f ... | bullseye | |
| CVE-2023-22995 | In the Linux kernel before 5.17, an error path in dwc3_qcom_acpi_regis ... | bullseye | |
| CVE-2023-23000 | In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles t ... | bullseye | |
| CVE-2023-23003 | In the Linux kernel before 5.16, tools/perf/util/expr.c lacks a check ... | bullseye | |
| CVE-2023-23039 | An issue was discovered in the Linux kernel through 6.2.0-rc2. drivers ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-26242 | afu_mmio_region_get_by_offset in drivers/fpga/dfl-afu-region.c in the ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-31081 | An issue was discovered in drivers/media/test-drivers/vidtv/vidtv_brid ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-31085 | An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-39191 | An improper input validation flaw was found in the eBPF subsystem in t ... | bookworm | |
| CVE-2024-0564 | A flaw was found in the Linux kernel's memory deduplication mechanism. ... | bookworm, bullseye, sid, trixie | |
| CVE-2024-40918 | In the Linux kernel, the following vulnerability has been resolved: p ... | bookworm, bullseye | |
| TEMP-0000000-F7A20F | Kernel: Unprivileged user can freeze journald | bookworm, bullseye, sid, trixie | |
| linuxptp | CVE-2024-42861 | An issue in IEEE 802.1AS linuxptp v.4.2 and before allowing a remote a ... | bookworm, bullseye, sid, trixie |
| llvm-toolchain-13 | CVE-2023-29932 | llvm-project commit fdbc55a5 was discovered to contain a segmentation ... | bookworm, bullseye |
| CVE-2023-29933 | llvm-project commit bd456297 was discovered to contain a segmentation ... | bookworm, bullseye | |
| CVE-2023-29934 | llvm-project commit 6c01b5c was discovered to contain a segmentation f ... | bookworm, bullseye | |
| CVE-2023-29935 | llvm-project commit a0138390 was discovered to contain an assertion fa ... | bookworm, bullseye | |
| CVE-2023-29939 | llvm-project commit a0138390 was discovered to contain a segmentation ... | bookworm, bullseye | |
| CVE-2023-29941 | llvm-project commit a0138390 was discovered to contain a segmentation ... | bookworm, bullseye | |
| CVE-2023-29942 | llvm-project commit a0138390 was discovered to contain a segmentation ... | bookworm, bullseye | |
| llvm-toolchain-14 | CVE-2023-26924 | LLVM a0dab4950 has a segmentation fault in mlir::outlineSingleBlockReg ... | bookworm, sid |
| CVE-2023-29932 | llvm-project commit fdbc55a5 was discovered to contain a segmentation ... | bookworm | |
| CVE-2023-29933 | llvm-project commit bd456297 was discovered to contain a segmentation ... | bookworm, sid | |
| CVE-2023-29934 | llvm-project commit 6c01b5c was discovered to contain a segmentation f ... | bookworm | |
| CVE-2023-29935 | llvm-project commit a0138390 was discovered to contain an assertion fa ... | bookworm, sid | |
| CVE-2023-29939 | llvm-project commit a0138390 was discovered to contain a segmentation ... | bookworm | |
| CVE-2023-29941 | llvm-project commit a0138390 was discovered to contain a segmentation ... | bookworm, sid | |
| CVE-2023-29942 | llvm-project commit a0138390 was discovered to contain a segmentation ... | bookworm, sid | |
| CVE-2024-31852 | LLVM before 18.1.3 generates code in which the LR register can be over ... | bookworm, sid | |
| llvm-toolchain-15 | CVE-2023-26924 | LLVM a0dab4950 has a segmentation fault in mlir::outlineSingleBlockReg ... | bookworm |
| CVE-2023-29932 | llvm-project commit fdbc55a5 was discovered to contain a segmentation ... | bookworm | |
| CVE-2023-29933 | llvm-project commit bd456297 was discovered to contain a segmentation ... | bookworm | |
| CVE-2023-29934 | llvm-project commit 6c01b5c was discovered to contain a segmentation f ... | bookworm | |
| CVE-2023-29935 | llvm-project commit a0138390 was discovered to contain an assertion fa ... | bookworm | |
| CVE-2023-29939 | llvm-project commit a0138390 was discovered to contain a segmentation ... | bookworm | |
| CVE-2023-29941 | llvm-project commit a0138390 was discovered to contain a segmentation ... | bookworm | |
| CVE-2023-29942 | llvm-project commit a0138390 was discovered to contain a segmentation ... | bookworm | |
| CVE-2024-31852 | LLVM before 18.1.3 generates code in which the LR register can be over ... | bookworm, bookworm, bullseye, sid, trixie | |
| log4cxx | CVE-2023-31038 | SQL injection in Log4cxx when using the ODBC appender to send log mess ... | bookworm, bullseye |
| loguru | CVE-2022-0338 | Insertion of Sensitive Information into Log File in Conda loguru prior ... | bookworm, sid, trixie |
| lrzip | CVE-2019-10654 | The lzo1x_decompress function in liblzo2.so.2 in LZO 2.10, as used in ... | bookworm, bullseye, sid, trixie |
| CVE-2021-33451 | An issue was discovered in lrzip version 0.641. There are memory leaks ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-33453 | An issue was discovered in lrzip version 0.641. There is a use-after-f ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-33067 | Lrzip v0.651 was discovered to contain multiple invalid arithmetic shi ... | bookworm, bullseye, sid, trixie | |
| lua-cgi | CVE-2014-2875 | The session.lua library in CGILua 5.2 alpha 1 and 5.2 alpha 2 uses wea ... | bookworm, bullseye, sid, trixie |
| luajit | CVE-2019-19391 | In LuaJIT through 2.0.5, as used in Moonjit before 2.1.2 and other pro ... | bullseye |
| CVE-2020-15890 | LuaJit through 2.1.0-beta3 has an out-of-bounds read because __gc hand ... | bullseye | |
| CVE-2020-24372 | LuaJIT through 2.1.0-beta3 has an out-of-bounds read in lj_err_run in ... | bookworm, bullseye, sid, trixie | |
| lucene-solr | CVE-2017-3164 | Server Side Request Forgery in Apache Solr, versions 1.3 until 7.6 (in ... | bookworm, bullseye, sid, trixie |
| CVE-2019-17558 | Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code ... | bookworm, bullseye, sid, trixie | |
| lxc-templates | CVE-2017-18641 | In LXC 2.0, many template scripts download code over cleartext HTTP, a ... | bookworm, bullseye, sid, trixie |
| m2crypto | CVE-2009-0127 | M2Crypto does not properly check the return value from the OpenSSL EVP ... | bookworm, bullseye, sid, trixie |
| m4 | CVE-2008-1687 | The (1) maketemp and (2) mkstemp builtin functions in GNU m4 before 1. ... | bookworm, bullseye, sid, trixie |
| CVE-2008-1688 | Unspecified vulnerability in GNU m4 before 1.4.11 might allow context- ... | bookworm, bullseye, sid, trixie | |
| maildirsync | CVE-2008-5150 | sample.sh in maildirsync 1.1 allows local users to append data to arbi ... | bookworm, bullseye, sid, trixie |
| man2html | CVE-2021-40648 | In man2html 1.6g, a filename can be created to overwrite the previous ... | bookworm, bullseye, sid, trixie |
| mapcache | CVE-2019-20005 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ... | bookworm, bullseye, sid, trixie |
| CVE-2019-20006 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-20007 | An issue was discovered in ezXML 0.8.2 through 0.8.6. The function ezx ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-20198 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-20199 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-20200 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-20201 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The ezxml_parse_ ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-20202 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-26220 | The ezxml_toxml function in ezxml 0.8.6 and earlier is vulnerable to O ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-26221 | The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-26222 | The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-30485 | An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-31229 | An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-31347 | An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-31348 | An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-31598 | An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-30045 | An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ... | bookworm, bullseye, sid, trixie | |
| matanza | CVE-2009-3560 | The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, a ... | bookworm, bullseye, sid, trixie |
| CVE-2009-3720 | The updatePosition function in lib/xmltok_impl.c in libexpat in Expat ... | bookworm, bullseye, sid, trixie | |
| mathtex | CVE-2023-51890 | An infinite loop issue discovered in Mathtex 1.05 and before allows a ... | bookworm, bullseye |
| maxima | CVE-2024-34490 | In Maxima through 5.47.0 before 51704c, the plotting facilities make u ... | bookworm, bullseye |
| mbedtls | CVE-2018-1000520 | ARM mbedTLS version 2.7.0 and earlier contains a Ciphersuite Allows In ... | bookworm, bullseye, sid, trixie |
| CVE-2023-43615 | Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow. | bookworm, bullseye, sid, trixie | |
| CVE-2024-45157 | An issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1 ... | bookworm, bullseye, sid, trixie | |
| mc | CVE-2023-45925 | GNU Midnight Commander 4.8.29-146-g299d9a2fb was discovered to contain ... | bookworm, bullseye, sid, trixie |
| mcollective | CVE-2014-0175 | mcollective has a default password set at install | bookworm, bullseye |
| mdadm | CVE-2023-28938 | Uncontrolled resource consumption in some Intel(R) SSD Tools software ... | bullseye |
| mediaelement | CVE-2016-4567 | Cross-site scripting (XSS) vulnerability in flash/FlashMediaElement.as ... | bookworm, bullseye, sid, trixie |
| mesa | CVE-2023-45913 | Mesa v23.0.4 was discovered to contain a NULL pointer dereference via ... | bookworm, bullseye, sid, trixie |
| CVE-2023-45919 | Mesa 23.0.4 was discovered to contain a buffer over-read in glXQuerySe ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-45922 | glx_pbuffer.c in Mesa 23.0.4 was discovered to contain a segmentation ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-45931 | Mesa 23.0.4 was discovered to contain a NULL pointer dereference in ch ... | bookworm, bullseye, sid, trixie | |
| metview | CVE-2017-17515 | etc/ObjectList in Metview 4.7.3 does not validate strings before launc ... | bookworm, bullseye, sid, trixie |
| mh-book | CVE-2008-5152 | inmail-show in mh-book 200605 allows local users to overwrite arbitrar ... | bookworm, bullseye, sid, trixie |
| midori | CVE-2012-2132 | libsoup 2.32.2 and earlier does not validate certificates or clear the ... | bullseye |
| CVE-2014-3566 | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other prod ... | bullseye | |
| milkytracker | CVE-2022-34927 | MilkyTracker v1.03.00 was discovered to contain a stack overflow via t ... | bookworm, bullseye |
| mingw-w64 | CVE-2018-5392 | mingw-w64 version 5.0.4 by default produces executables that opt in to ... | bookworm, bullseye, sid, trixie |
| mini-httpd | CVE-2009-4490 | mini_httpd 1.19 writes data to a log file without sanitizing non-print ... | bookworm, bullseye, sid, trixie |
| CVE-2017-17663 | The htpasswd implementation of mini_httpd before v1.28 and of thttpd b ... | bookworm, bullseye, sid, trixie | |
| minidjvu | CVE-2017-12441 | The row_is_empty function in base/4bitmap.c:274 in minidjvu 0.8 can ca ... | bookworm, bullseye, sid, trixie |
| CVE-2017-12442 | The row_is_empty function in base/4bitmap.c:272 in minidjvu 0.8 can ca ... | bookworm, bullseye, sid, trixie | |
| CVE-2017-12443 | The mdjvu_bitmap_pack_row function in base/4bitmap.c in minidjvu 0.8 c ... | bookworm, bullseye, sid, trixie | |
| CVE-2017-12444 | The mdjvu_bitmap_get_bounding_box function in base/4bitmap.c in minidj ... | bookworm, bullseye, sid, trixie | |
| CVE-2017-12445 | The JB2BitmapCoder::code_row_by_refinement function in jb2/bmpcoder.cp ... | bookworm, bullseye, sid, trixie | |
| minidlna | CVE-2023-47430 | Stack-buffer-overflow vulnerability in ReadyMedia (MiniDLNA) v1.3.3 al ... | bookworm, bullseye, sid, trixie |
| CVE-2024-51442 | Command Injection in Minidlna version v1.3.3 and before allows an atta ... | bookworm, bullseye, sid, trixie | |
| minizinc | CVE-2023-46046 | An issue in MiniZinc before 2.8.0 allows a NULL pointer dereference vi ... | bookworm, bullseye |
| modsecurity-crs | CVE-2019-11388 | An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ... | bookworm, bullseye, sid, trixie |
| CVE-2019-11389 | An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-11390 | An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-11391 | An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ... | bookworm, bullseye, sid, trixie | |
| mojarra | CVE-2010-2087 | Oracle Mojarra 1.2_14 and 2.0.2, as used in IBM WebSphere Application ... | bookworm, bullseye, sid, trixie |
| monitoring-plugins | CVE-2023-37154 | check_by_ssh in Nagios nagios-plugins 2.4.5 allows arbitrary command e ... | bookworm, bullseye, sid, trixie |
| monopd | CVE-2015-0841 | Off-by-one error in the readBuf function in listener.cpp in libcapsine ... | bookworm, bullseye, sid, trixie |
| mootools | CVE-2021-32821 | MooTools is a collection of JavaScript utilities for JavaScript develo ... | bookworm, bullseye, sid, trixie |
| mp3splt | CVE-2017-5665 | The splt_cue_export_to_file function in cue.c in libmp3splt 0.9.2 allo ... | bookworm, bullseye, sid, trixie |
| CVE-2017-5666 | The free_options function in options_manager.c in mp3splt 2.6.2 allows ... | bookworm, bullseye, sid, trixie | |
| CVE-2017-5851 | The free_options function in options_manager.c in mp3splt 2.6.2 allows ... | bookworm, bullseye, sid, trixie | |
| mplayer | CVE-2022-38600 | Mplayer SVN-r38374-13.0.1 is vulnerable to Memory Leak via vf.c and vf ... | bullseye |
| CVE-2022-38853 | Certain The MPlayer Project products are vulnerable to Buffer Overflow ... | bullseye | |
| CVE-2022-38856 | Certain The MPlayer Project products are vulnerable to Buffer Overflow ... | bullseye | |
| mupdf | CVE-2020-26683 | A memory leak issue discovered in /pdf/pdf-font-add.c in Artifex Softw ... | bullseye |
| CVE-2021-4216 | A Floating point exception (division-by-zero) flaw was found in Mupdf ... | bullseye | |
| CVE-2023-31794 | MuPDF v1.21.1 was discovered to contain an infinite recursion in the c ... | bookworm, bullseye | |
| CVE-2023-51103 | A floating point exception (divide-by-zero) vulnerability was discover ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-51104 | A floating point exception (divide-by-zero) vulnerability was discover ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-51105 | A floating point exception (divide-by-zero) vulnerability was discover ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-51106 | A floating point exception (divide-by-zero) vulnerability was discover ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-51107 | A floating point exception (divide-by-zero) vulnerability was discover ... | bookworm, bullseye, sid, trixie | |
| CVE-2024-46657 | Artifex Software mupdf v1.24.9 was discovered to contain a segmentatio ... | bookworm, bullseye | |
| musescore2 | CVE-2023-44428 | MuseScore CAP File Parsing Heap-based Buffer Overflow Remote Code Exec ... | bookworm, bullseye |
| CVE-2024-44866 | A buffer overflow in the GuitarPro1::read function of MuseScore Studio ... | bookworm, bullseye | |
| musescore3 | CVE-2023-26923 | Musescore 3.0 to 4.0.1 has a stack buffer overflow vulnerability that ... | bookworm, bullseye |
| CVE-2023-44428 | MuseScore CAP File Parsing Heap-based Buffer Overflow Remote Code Exec ... | bookworm, bullseye | |
| CVE-2024-44866 | A buffer overflow in the GuitarPro1::read function of MuseScore Studio ... | bookworm, bullseye | |
| mustache.js | CVE-2015-8861 | The handlebars package before 4.0.0 for Node.js allows remote attacker ... | bookworm, bullseye, sid, trixie |
| CVE-2015-8862 | mustache package before 2.2.1 for Node.js allows remote attackers to c ... | bookworm, bullseye, sid, trixie | |
| TEMP-0000000-137F0A | quoteless attributes in templates can lead to content injection | bookworm, bullseye, sid, trixie | |
| mutt | CVE-2007-1268 | Mutt 1.5.13 and earlier does not properly use the --status-fd argument ... | bookworm, bullseye, sid, trixie |
| CVE-2024-49393 | In neomutt and mutt, the To and Cc email headers are not validated by ... | bookworm, bullseye, sid, trixie | |
| CVE-2024-49394 | In mutt and neomutt the In-Reply-To email header field is not protecte ... | bookworm, bullseye, sid, trixie | |
| CVE-2024-49395 | In mutt and neomutt, PGP encryption does not use the --hidden-recipien ... | bookworm, bullseye, sid, trixie | |
| mxml | CVE-2018-20005 | An issue has been found in Mini-XML (aka mxml) 2.12. It is a use-after ... | bookworm, bullseye, sid, trixie |
| mycli | CVE-2023-44690 | Inadequate encryption strength in mycli 1.27.0 allows attackers to vie ... | bookworm, bullseye, sid, trixie |
| nacl | CVE-2015-0565 | NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks ... | bookworm, bullseye, sid, trixie |
| nagios4 | CVE-2020-35269 | Nagios Core application version 4.2.4 is vulnerable to Site-Wide Cross ... | bookworm, bullseye, sid, trixie |
| nasm | CVE-2018-19213 | Netwide Assembler (NASM) through 2.14rc16 has memory leaks that may le ... | bookworm, bullseye, sid, trixie |
| CVE-2018-20538 | There is a use-after-free at asm/preproc.c (function pp_getline) in Ne ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-1000886 | nasm version 2.14.01rc5, 2.15 contains a Buffer Overflow vulnerability ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-6290 | An infinite recursion issue was discovered in eval.c in Netwide Assemb ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-6291 | An issue was discovered in the function expr6 in eval.c in Netwide Ass ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-8343 | In Netwide Assembler (NASM) 2.14.02, there is a use-after-free in past ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-20334 | In Netwide Assembler (NASM) 2.14.02, stack consumption occurs in expr# ... | bookworm, bullseye, sid, trixie | |
| CVE-2020-18974 | Buffer Overflow in Netwide Assembler (NASM) v2.15.xx allows attackers ... | bookworm, bullseye, sid, trixie | |
| CVE-2020-21528 | A Segmentation Fault issue discovered in in ieee_segment function in o ... | bullseye | |
| CVE-2021-33450 | An issue was discovered in NASM version 2.16rc0. There are memory leak ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-33452 | An issue was discovered in NASM version 2.16rc0. There are memory leak ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-45256 | A Null Pointer Dereference vulnerability existfs in nasm 2.16rc0 via a ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-45257 | An infinite loop vulnerability exists in nasm 2.16rc0 via the gpaste_t ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-29654 | Buffer overflow vulnerability in quote_for_pmake in asm/nasm.c in nasm ... | bullseye | |
| CVE-2022-41420 | nasm v2.16 was discovered to contain a stack overflow in the Ndisasm c ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-44368 | NASM v2.16 was discovered to contain a null pointer deference in the N ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-44369 | NASM 2.16 (development) is vulnerable to 476: Null Pointer Dereference ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-44370 | NASM v2.16 was discovered to contain a heap buffer overflow in the com ... | bullseye | |
| CVE-2022-46456 | NASM v2.16 was discovered to contain a global buffer overflow in the c ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-46457 | NASM v2.16 was discovered to contain a segmentation violation in the c ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-31722 | There exists a heap buffer overflow in nasm 2.16.02rc1 (GitHub commit: ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-38665 | Null pointer dereference in ieee_write_file in nasm 2.16rc0 allows att ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-38667 | Stack-based buffer over-read in function disasm in nasm 2.16 allows at ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-38668 | Stack-based buffer over-read in disasm in nasm 2.16 allows attackers t ... | bookworm, bullseye, sid, trixie | |
| nautilus | CVE-2022-37290 | GNOME Nautilus 42.2 allows a NULL pointer dereference and get_basename ... | bullseye |
| neomutt | CVE-2024-49393 | In neomutt and mutt, the To and Cc email headers are not validated by ... | bookworm, bullseye |
| CVE-2024-49394 | In mutt and neomutt the In-Reply-To email header field is not protecte ... | bookworm, bullseye | |
| CVE-2024-49395 | In mutt and neomutt, PGP encryption does not use the --hidden-recipien ... | bookworm, bullseye, sid, trixie | |
| net-tools | CVE-2002-1976 | ifconfig, when used on the Linux kernel 2.2 and later, does not report ... | bookworm, bullseye, sid, trixie |
| netdata | CVE-2019-9834 | The Netdata web application through 1.13.0 allows remote attackers to ... | bookworm, bullseye, sid |
| netty | CVE-2022-24823 | Netty is an open-source, asynchronous event-driven network application ... | bookworm, bullseye, sid, trixie |
| network-manager-applet | CVE-2017-6590 | An issue was discovered in network-manager-applet (aka network-manager ... | bookworm, bullseye, sid, trixie |
| networkd-dispatcher | CVE-2022-29799 | A vulnerability was found in networkd-dispatcher. This flaw exists bec ... | bullseye |
| CVE-2022-29800 | A time-of-check-time-of-use (TOCTOU) race condition vulnerability was ... | bullseye | |
| newlib | CVE-2024-30949 | An issue in newlib v.4.3.0 allows an attacker to execute arbitrary cod ... | bookworm, bullseye |
| nginx | CVE-2009-4487 | nginx 0.7.64 writes data to a log file without sanitizing non-printabl ... | bookworm, bullseye, sid, trixie |
| CVE-2023-44487 | The HTTP/2 protocol allows a denial of service (server resource consum ... | bookworm, bullseye | |
| nip2 | CVE-2017-17514 | boxes.c in nip2 8.4.0 does not validate strings before launching the p ... | bookworm, bullseye, sid, trixie |
| nmap | CVE-2018-15173 | Nmap through 7.70, when the -sV option is used, allows remote attacker ... | bookworm, bullseye, sid, trixie |
| nodau | CVE-2022-4399 | A vulnerability was found in TicklishHoneyBee nodau. It has been rated ... | bullseye |
| node-dompurify | CVE-2025-48050 | In DOMPurify through 3.2.5 before 6bc6d60, scripts/server.js does not ... | bookworm, sid, trixie |
| node-ejs | CVE-2023-29827 | ejs v3.1.9 is vulnerable to server-side template injection. If the ejs ... | bookworm, bullseye, sid, trixie |
| node-formidable | CVE-2022-29622 | An arbitrary file upload vulnerability in formidable v3.1.4 allows att ... | bullseye |
| nova | CVE-2013-0326 | OpenStack nova base images permissions are world readable | bookworm, bullseye, sid, trixie |
| nss | CVE-2017-11695 | Heap-based buffer overflow in the alloc_segs function in lib/dbm/src/h ... | bookworm, bullseye, sid, trixie |
| CVE-2017-11696 | Heap-based buffer overflow in the __hash_open function in lib/dbm/src/ ... | bookworm, bullseye, sid, trixie | |
| CVE-2017-11697 | The __hash_open function in hash.c:229 in Mozilla Network Security Ser ... | bookworm, bullseye, sid, trixie | |
| CVE-2017-11698 | Heap-based buffer overflow in the __get_page function in lib/dbm/src/h ... | bookworm, bullseye, sid, trixie | |
| ntopng | CVE-2024-53426 | A heap-buffer-overflow vulnerability has been identified in ntopng 6.2 ... | sid |
| ntp | CVE-2018-12327 | Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 ... | bullseye |
| CVE-2023-26551 | mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write ... | bullseye | |
| CVE-2023-26552 | mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write ... | bullseye | |
| CVE-2023-26553 | mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write ... | bullseye | |
| CVE-2023-26554 | mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write ... | bullseye | |
| numpy | CVE-2021-34141 | An incomplete string comparison in the numpy.core component in NumPy b ... | bookworm, bullseye, sid, trixie |
| CVE-2021-41495 | Null Pointer Dereference vulnerability exists in numpy.sort in NumPy & ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-41496 | Buffer overflow in the array_from_pyobj function of fortranobject.c in ... | bookworm, bullseye, sid, trixie | |
| nvidia-cg-toolkit | CVE-2008-5144 | nvidia-cg-toolkit-installer in nvidia-cg-toolkit 2.0.0015 allows local ... | bookworm, bullseye, sid, trixie |
| nvidia-cuda-toolkit | CVE-2023-0193 | NVIDIA CUDA Toolkit SDK contains a vulnerability in cuobjdump, where a ... | bookworm, bullseye |
| CVE-2023-0196 | NVIDIA CUDA Toolkit SDK contains a bug in cuobjdump, where a local use ... | bookworm, bullseye | |
| CVE-2023-25510 | NVIDIA CUDA Toolkit SDK for Linux and Windows contains a NULL pointer ... | bookworm, bullseye | |
| CVE-2023-25511 | NVIDIA CUDA Toolkit for Linux and Windows contains a vulnerability in ... | bookworm, bullseye | |
| CVE-2023-25512 | NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in ... | bookworm, bullseye | |
| CVE-2023-25513 | NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in ... | bookworm, bullseye | |
| CVE-2023-25514 | NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in ... | bookworm, bullseye | |
| CVE-2023-25523 | NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in ... | bookworm, bullseye | |
| CVE-2024-0125 | NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in ... | bookworm, bullseye, sid, trixie | |
| CVE-2024-53870 | NVIDIA CUDA toolkit for all platforms contains a vulnerability in the ... | bookworm, bullseye, sid, trixie | |
| CVE-2024-53871 | NVIDIA CUDA toolkit for all platforms contains a vulnerability in the ... | bookworm, bullseye, sid, trixie | |
| CVE-2024-53872 | NVIDIA CUDA toolkit for all platforms contains a vulnerability in the ... | bookworm, bullseye, sid, trixie | |
| CVE-2024-53874 | NVIDIA CUDA toolkit for all platforms contains a vulnerability in the ... | bookworm, bullseye, sid, trixie | |
| CVE-2024-53875 | NVIDIA CUDA toolkit for all platforms contains a vulnerability in the ... | bookworm, bullseye, sid, trixie | |
| CVE-2024-53876 | NVIDIA CUDA toolkit for all platforms contains a vulnerability in the ... | bookworm, bullseye, sid, trixie | |
| CVE-2024-53877 | NVIDIA CUDA toolkit for all platforms contains a vulnerability in the ... | bookworm, bullseye, sid, trixie | |
| CVE-2024-53878 | NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in ... | bookworm, bullseye, sid, trixie | |
| CVE-2024-53879 | NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in ... | bookworm, bullseye, sid, trixie | |
| ocaml-batteries | CVE-2017-17519 | batteriesConfig.mlp in OCaml Batteries Included (aka ocaml-batteries) ... | bookworm, bullseye, sid, trixie |
| ocsinventory-server | CVE-2014-4722 | Multiple cross-site scripting (XSS) vulnerabilities in the OCS Reports ... | bookworm, bullseye, sid |
| CVE-2018-15537 | Unrestricted file upload (with remote code execution) in OCS Inventory ... | bullseye | |
| CVE-2023-3726 | OCSInventory allow stored email template with special characters that ... | bookworm, bullseye, sid | |
| oggvideotools | CVE-2020-21723 | A Segmentation Fault issue discovered StreamSerializer::extractStreams ... | bookworm, bullseye, sid, trixie |
| ompl | CVE-2021-41490 | Memory leaks in LazyPRM.cpp of OMPL v1.5.0 can cause unexpected behavi ... | bookworm, bullseye, sid, trixie |
| CVE-2021-42218 | OMPL v1.5.2 contains a memory leak in VFRRT.cpp | bookworm, bullseye, sid, trixie | |
| onionshare | CVE-2022-21694 | OnionShare is an open source tool that lets you securely and anonymous ... | bullseye |
| openconnect | CVE-2020-12105 | OpenConnect through 8.08 mishandles negative return values from X509_c ... | bookworm, bullseye, sid, trixie |
| opendkim | CVE-2020-35766 | The test suite in libopendkim in OpenDKIM through 2.10.3 allows local ... | bookworm, bullseye, sid, trixie |
| openexr | CVE-2017-14988 | Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remot ... | bookworm, bullseye, sid, trixie |
| CVE-2021-26945 | An integer overflow leading to a heap-buffer overflow was found in Ope ... | bullseye | |
| openjpeg2 | CVE-2016-9113 | There is a NULL pointer dereference in function imagetobmp of convertb ... | bookworm, bullseye, sid, trixie |
| CVE-2016-9114 | There is a NULL Pointer Access in function imagetopnm of convert.c:194 ... | bookworm, bullseye, sid, trixie | |
| CVE-2016-9115 | Heap Buffer Over-read in function imagetotga of convert.c(jp2):942 in ... | bookworm, bullseye, sid, trixie | |
| CVE-2016-9116 | NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in O ... | bookworm, bullseye, sid, trixie | |
| CVE-2016-9117 | NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in O ... | bookworm, bullseye, sid, trixie | |
| CVE-2016-9580 | An integer overflow vulnerability was found in tiftoimage function in ... | bookworm, bullseye, sid, trixie | |
| CVE-2016-9581 | An infinite loop vulnerability in tiftoimage that results in heap buff ... | bookworm, bullseye, sid, trixie | |
| CVE-2016-10505 | NULL pointer dereference vulnerabilities in the imagetopnm function in ... | bookworm, bullseye, sid, trixie | |
| CVE-2017-17479 | In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-16375 | An issue was discovered in OpenJPEG 2.3.0. Missing checks for header_i ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-16376 | An issue was discovered in OpenJPEG 2.3.0. A heap-based buffer overflo ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-20846 | Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi ... | bookworm, bullseye, sid, trixie | |
| openldap | CVE-2015-3276 | The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDA ... | bookworm, bullseye, sid, trixie |
| CVE-2017-14159 | slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping ... | bookworm, bullseye, sid, trixie | |
| CVE-2017-17740 | contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when bot ... | bookworm, bullseye, sid, trixie | |
| CVE-2020-15719 | libldap in certain third-party OpenLDAP packages has a certificate-val ... | bookworm, bullseye, sid, trixie | |
| openscad | CVE-2022-0496 | A vulnerbiility was found in Openscad, where a DXF-format drawing with ... | bullseye |
| CVE-2022-0497 | A vulnerbiility was found in Openscad, where a .scad file with no trai ... | bullseye | |
| openssh | CVE-2007-2243 | OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabl ... | bookworm, bullseye, sid, trixie |
| CVE-2007-2768 | OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, a ... | bookworm, bullseye, sid, trixie | |
| CVE-2008-3234 | sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapsh ... | bookworm, bullseye, sid, trixie | |
| CVE-2016-20012 | OpenSSH through 8.7 allows remote attackers, who have a suspicion that ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-15919 | Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 co ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-6110 | In OpenSSH 7.9, due to accepting and displaying arbitrary stderr outpu ... | bookworm, bullseye, sid, trixie | |
| CVE-2020-14145 | The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepan ... | bookworm, bullseye, sid, trixie | |
| CVE-2020-15778 | scp in OpenSSH through 8.3p1 allows command injection in the scp.c tor ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-36368 | An issue was discovered in OpenSSH before 8.9. If a client is using pu ... | bullseye | |
| CVE-2023-51767 | OpenSSH through 9.6, when common types of DRAM are used, might allow r ... | bookworm, bullseye, sid, trixie | |
| openstack-trove | CVE-2015-3156 | The _write_config function in trove/guestagent/datastore/experimental/ ... | bookworm, sid, trixie |
| openvpn | CVE-2006-2229 | OpenVPN 2.0.7 and earlier, when configured to use the --management opt ... | bookworm, bullseye, sid, trixie |
| CVE-2016-6329 | OpenVPN, when using a 64-bit block cipher, makes it easier for remote ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-7544 | A cross-protocol scripting issue was discovered in the management inte ... | bookworm, bullseye, sid, trixie | |
| optee-os | CVE-2021-36133 | The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access ... | sid, trixie |
| optipng | CVE-2023-43907 | OptiPNG v0.7.7 was discovered to contain a global buffer overflow via ... | bookworm, bullseye |
| os-prober | CVE-2008-5135 | os-prober in os-prober 1.17 allows local users to overwrite arbitrary ... | bookworm, bullseye, sid, trixie |
| otrs2 | CVE-2018-7567 | In the Admin Package Manager in Open Ticket Request System (OTRS) 5.0. ... | bullseye |
| p7zip | CVE-2022-47069 | p7zip 16.02 was discovered to contain a heap-buffer-overflow vulnerabi ... | bookworm, bullseye, sid, trixie |
| CVE-2022-47111 | 7-Zip 22.01 does not report an error for certain invalid xz files, inv ... | bookworm, bullseye | |
| CVE-2022-47112 | 7-Zip 22.01 does not report an error for certain invalid xz files, inv ... | bookworm, bullseye | |
| CVE-2023-52169 | The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) conta ... | bookworm, bullseye | |
| CVE-2024-11612 | 7-Zip CopyCoder Infinite Loop Denial-of-Service Vulnerability. This vu ... | bookworm, bullseye | |
| packagekit | CVE-2022-0987 | A flaw was found in PackageKit in the way some of the methods exposed ... | bookworm, bullseye, sid, trixie |
| pam-pkcs11 | CVE-2025-24031 | PAM-PKCS#11 is a Linux-PAM login module that allows a X.509 certificat ... | bookworm, bullseye, sid, trixie |
| pandas | CVE-2020-13091 | pandas through 1.0.3 can unserialize and execute commands from an untr ... | bookworm, bullseye, sid, trixie |
| passenger | CVE-2016-10345 | In Phusion Passenger before 5.1.0, a known /tmp filename was used duri ... | bullseye |
| password-store | CVE-2020-28086 | pass through 1.7.3 has a possibility of using a password for an uninte ... | bookworm, bullseye, sid, trixie |
| patch | CVE-2010-4651 | Directory traversal vulnerability in util.c in GNU patch 2.6.1 and ear ... | bookworm, bullseye, sid, trixie |
| CVE-2018-6951 | An issue was discovered in GNU patch through 2.7.6. There is a segment ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-6952 | A double free exists in the another_hunk function in pch.c in GNU patc ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-45261 | An Invalid Pointer vulnerability exists in GNU patch 2.7 via the anoth ... | bookworm, bullseye, sid, trixie | |
| patchelf | CVE-2022-44940 | Patchelf v0.9 was discovered to contain an out-of-bounds read via the ... | bookworm, bullseye, sid, trixie |
| pcf2bdf | CVE-2022-23318 | A heap-buffer-overflow in pcf2bdf, versions >= 1.05 allows an attacker ... | bullseye |
| CVE-2022-23319 | A segmentation fault during PCF file parsing in pcf2bdf versions >=1.0 ... | bullseye | |
| pcre2 | CVE-2022-41409 | Integer overflow vulnerability in pcre2test before 10.41 allows attack ... | bullseye |
| pcre3 | CVE-2017-7245 | Stack-based buffer overflow in the pcre32_copy_substring function in p ... | bookworm, bullseye |
| CVE-2017-7246 | Stack-based buffer overflow in the pcre32_copy_substring function in p ... | bookworm, bullseye | |
| CVE-2017-11164 | In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exe ... | bookworm, bullseye | |
| CVE-2017-16231 | In PCRE 8.41, after compiling, a pcretest load test PoC produces a cra ... | bookworm, bullseye | |
| CVE-2019-20838 | libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT w ... | bookworm, bullseye | |
| pdfresurrect | CVE-2021-3508 | A flaw was found in PDFResurrect in version 0.22b. There is an infinit ... | bullseye |
| percona-toolkit | CVE-2024-7701 | Use of Password Hash With Insufficient Computational Effort vulnerabil ... | bookworm, bullseye, sid, trixie |
| perl | CVE-2011-4116 | _is_safe in the File::Temp module for Perl does not properly handle sy ... | bookworm, bullseye, sid, trixie |
| CVE-2023-31486 | HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available ... | bookworm, bullseye | |
| phabricator | CVE-2017-17536 | Phabricator before 2017-11-10 does not block the --config and --debugg ... | bookworm, bullseye, sid |
| php-getid3 | CVE-2021-40926 | Cross-site scripting (XSS) vulnerability in demos/demo.mysqli.php in g ... | bullseye |
| php-gettext | TEMP-0000000-07A77D | php-gettext XSS | bookworm, bullseye, sid |
| php-horde | CVE-2019-12094 | Horde Groupware Webmail Edition through 5.2.22 allows XSS via an admin ... | bookworm, bullseye, sid |
| php-horde-trean | CVE-2019-12095 | Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 ... | bookworm, bullseye, sid |
| php-pear | CVE-2017-5630 | PECL in the download utility class in the Installer in PEAR Base Syste ... | bookworm, bullseye, sid, trixie |
| phpldapadmin | CVE-2018-12689 | phpLDAPadmin 1.2.2 allows LDAP injection via a crafted server_id param ... | bookworm, sid, trixie |
| CVE-2024-9102 | phpLDAPadmin since at least version 1.2.0 through the latest version 1 ... | bookworm, sid, trixie | |
| phpmyadmin | CVE-2005-3622 | phpMyAdmin 2.7.0-beta1 and earlier allows remote attackers to obtain t ... | bookworm, bullseye, sid, trixie |
| CVE-2007-4306 | Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.10 ... | bookworm, bullseye, sid, trixie | |
| CVE-2020-11441 | phpMyAdmin 5.0.2 allows CRLF injection, as demonstrated by %0D%0Astrin ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-0813 | PhpMyAdmin 5.1.1 and before allows an attacker to retrieve potentially ... | bullseye | |
| CVE-2022-23807 | An issue was discovered in phpMyAdmin 4.9 before 4.9.8 and 5.1 before ... | bullseye | |
| CVE-2022-23808 | An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker ca ... | bullseye | |
| picolibc | CVE-2019-14876 | In the __lshift function of the newlib libc library, all versions prio ... | bookworm, bullseye, sid, trixie |
| pidgin | CVE-2008-2956 | Memory leak in Pidgin 2.0.0, and possibly other versions, allows remot ... | bookworm, bullseye, sid, trixie |
| CVE-2012-1257 | Pidgin 2.10.0 uses DBUS for certain cleartext communication, which all ... | bookworm, bullseye, sid, trixie | |
| pipewire | CVE-2022-4964 | Ubuntu's pipewire-pulse in snap grants microphone access even when the ... | bookworm, bullseye |
| pixman | CVE-2023-37769 | stress-test master commit e4c878 was discovered to contain a FPE vulne ... | bookworm, bullseye, sid, trixie |
| poppler | CVE-2013-4472 | The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 a ... | bookworm, bullseye, sid, trixie |
| CVE-2017-2814 | An exploitable heap overflow vulnerability exists in the image renderi ... | bookworm, bullseye, sid, trixie | |
| CVE-2017-2818 | An exploitable heap overflow vulnerability exists in the image renderi ... | bookworm, bullseye, sid, trixie | |
| CVE-2017-2820 | An exploitable integer overflow vulnerability exists in the JPEG 2000 ... | bookworm, bullseye, sid, trixie | |
| CVE-2017-9083 | poppler 0.54.0, as used in Evince and other products, has a NULL point ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-24106 | In Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly allowing ... | bookworm, bullseye, sid, trixie | |
| CVE-2024-6239 | A flaw was found in the Poppler's Pdfinfo utility. This issue occurs w ... | bookworm, bullseye | |
| ppp | CVE-2008-5366 | The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local u ... | bookworm, bullseye, sid, trixie |
| CVE-2008-5367 | ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to o ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-4603 | A vulnerability classified as problematic has been found in ppp. Affec ... | bookworm, bullseye | |
| proftpd-dfsg | CVE-2024-57392 | Buffer Overflow vulnerability in Proftpd commit 4017eff8 allows a remo ... | bookworm |
| prometheus-alertmanager | CVE-2023-40577 | Alertmanager handles alerts sent by client applications such as the Pr ... | bookworm, bullseye |
| prometheus-blackbox-exporter | CVE-2020-16248 | Prometheus Blackbox Exporter through 0.17.0 allows /probe?target= SSRF ... | bookworm, bullseye, sid, trixie |
| CVE-2023-26735 | blackbox_exporter v0.23.0 was discovered to contain an access control ... | bookworm, bullseye, sid, trixie | |
| protobuf | CVE-2015-5237 | protobuf allows remote authenticated attackers to cause a heap-based b ... | bookworm, bullseye, sid, trixie |
| pspp | CVE-2025-47229 | libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a d ... | bookworm, bullseye, sid, trixie |
| CVE-2025-47816 | libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause an ... | bookworm, bullseye, sid, trixie | |
| puppet | CVE-2020-7942 | Previously, Puppet operated on a model that a node with a valid certif ... | bullseye |
| pure-ftpd | CVE-2024-48208 | pure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an ... | bookworm, bullseye, sid, trixie |
| pwgen | CVE-2013-4441 | The Phonemes mode in Pwgen 2.06 generates predictable passwords, which ... | bookworm, bullseye, sid, trixie |
| py-lmdb | CVE-2019-16224 | An issue was discovered in py-lmdb 0.97. For certain values of md_flag ... | bookworm, bullseye, sid, trixie |
| CVE-2019-16225 | An issue was discovered in py-lmdb 0.97. For certain values of mp_flag ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-16226 | An issue was discovered in py-lmdb 0.97. mdb_node_del does not validat ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-16227 | An issue was discovered in py-lmdb 0.97. For certain values of mn_flag ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-16228 | An issue was discovered in py-lmdb 0.97. There is a divide-by-zero err ... | bookworm, bullseye, sid, trixie | |
| pyrad | CVE-2013-0342 | The CreateID function in packet.py in pyrad before 2.1 uses sequential ... | bookworm, bullseye, sid, trixie |
| python-certifi | CVE-2022-23491 | Certifi is a curated collection of Root Certificates for validating th ... | bookworm, bullseye |
| CVE-2023-37920 | Certifi is a curated collection of Root Certificates for validating th ... | bookworm, bullseye | |
| CVE-2024-39689 | Certifi is a curated collection of Root Certificates for validating th ... | bookworm, bullseye | |
| python-defaults | CVE-2008-4108 | Tools/faqwiz/move-faqwiz.sh (aka the generic FAQ wizard moving tool) i ... | bullseye |
| python-django-celery-results | CVE-2020-17495 | django-celery-results through 1.2.1 stores task results in the databas ... | bookworm, bullseye, sid, trixie |
| python-djangorestframework-simplejwt | CVE-2024-22513 | djangorestframework-simplejwt version 5.3.1 and before is vulnerable t ... | bookworm, sid, trixie |
| python-ecdsa | CVE-2024-23342 | The `ecdsa` PyPI package is a pure Python implementation of ECC (Ellip ... | bookworm, bullseye, sid, trixie |
| python-mkdocs | CVE-2021-40978 | The mkdocs 1.2.2 built-in dev-server allows directory traversal using ... | bookworm, bullseye, sid, trixie |
| python-oslo.privsep | CVE-2022-38065 | A privilege escalation vulnerability exists in the oslo.privsep functi ... | bookworm, bullseye, sid, trixie |
| python-pip | CVE-2018-20225 | An issue was discovered in pip (all versions) because it installs the ... | bookworm, bullseye, sid, trixie |
| python-py | CVE-2022-42969 | The py library through 1.11.0 for Python allows remote attackers to co ... | bookworm, bullseye, sid, trixie |
| python-pysaml2 | CVE-2016-10127 | PySAML2 allows remote attackers to conduct XML external entity (XXE) a ... | bookworm, bullseye, sid, trixie |
| python-rsa | CVE-2020-25658 | It was found that python-rsa is vulnerable to Bleichenbacher timing at ... | bookworm, bullseye, sid, trixie |
| python-scrapy | CVE-2017-14158 | Scrapy 1.4 allows remote attackers to cause a denial of service (memor ... | bookworm, bullseye, sid, trixie |
| python2.7 | CVE-2013-7040 | Python 2.7 before 3.4 only uses the last eight bits of the prefix to r ... | bullseye |
| CVE-2017-17522 | Lib/webbrowser.py in Python through 3.6.3 does not validate strings be ... | bullseye | |
| CVE-2019-9674 | Lib/zipfile.py in Python through 3.7.2 allows remote attackers to caus ... | bullseye | |
| CVE-2020-27619 | In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK ... | bullseye | |
| CVE-2021-28861 | Python 3.x through 3.10 has an open redirection vulnerability in lib/h ... | bullseye | |
| python3.9 | CVE-2022-37454 | The Keccak XKCP SHA-3 reference implementation before fdc6fef has an i ... | bullseye |
| pytorch | CVE-2024-48063 | In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. NOTE: th ... | bookworm, bullseye, sid, trixie |
| qbittorrent | CVE-2023-30801 | All versions of the qBittorrent client through 4.5.5 use default crede ... | bookworm, bullseye, sid, trixie |
| qemu | CVE-2019-12247 | QEMU 3.0.0 has an Integer Overflow because the qga/commands*.c files d ... | bookworm, bullseye, sid, trixie |
| CVE-2019-12928 | The QMP migrate command in QEMU version 4.0.0 and earlier is vulnerabl ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-12929 | The QMP guest_exec command in QEMU 4.0.0 and earlier is prone to OS co ... | bookworm, bullseye, sid, trixie | |
| CVE-2020-24352 | An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-35414 | softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized r ... | bullseye | |
| CVE-2022-36648 | The hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device ... | bookworm, bullseye, sid, trixie | |
| qt6-base | CVE-2023-45935 | Qt 6 through 6.6 was discovered to contain a NULL pointer dereference ... | bookworm, sid, trixie, bookworm, bullseye, sid, trixie, bookworm, bullseye, sid, trixie |
| qtbase-opensource-src-gles | CVE-2024-39936 | An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2. ... | bookworm, bullseye, sid, trixie |
| qtdeclarative-opensource-src | CVE-2022-40983 | An integer overflow vulnerability exists in the QML QtScript Reflect A ... | bookworm, bullseye, sid, trixie |
| CVE-2022-43591 | A buffer overflow vulnerability exists in the QML QtScript Reflect API ... | bookworm, bullseye, sid, trixie | |
| qtdeclarative-opensource-src-gles | CVE-2022-40983 | An integer overflow vulnerability exists in the QML QtScript Reflect A ... | bookworm, bullseye, sid, trixie |
| CVE-2022-43591 | A buffer overflow vulnerability exists in the QML QtScript Reflect API ... | bookworm, bullseye, sid, trixie | |
| r-base | CVE-2024-27322 | Deserialization of untrusted data can occur in the R statistical progr ... | bookworm, bullseye |
| r-cran-readxl | CVE-2021-27836 | An issue was discoverered in in function xls_getWorkSheet in xls.c in ... | bookworm, bullseye, sid, trixie |
| CVE-2023-38851 | Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacke ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-38852 | Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacke ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-38853 | Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacke ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-38854 | Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacke ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-38855 | Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacke ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-38856 | Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacke ... | bookworm, bullseye, sid, trixie | |
| rails | CVE-2010-3299 | The encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to p ... | bookworm, bullseye, sid, trixie |
| CVE-2011-3187 | The to_s method in actionpack/lib/action_dispatch/middleware/remote_ip ... | bookworm, bullseye, sid, trixie | |
| CVE-2017-17916 | SQL injection vulnerability in the 'find_by' method in Ruby on Rails 5 ... | bookworm, bullseye, sid, trixie | |
| CVE-2017-17917 | SQL injection vulnerability in the 'where' method in Ruby on Rails 5.1 ... | bookworm, bullseye, sid, trixie | |
| CVE-2017-17919 | SQL injection vulnerability in the 'order' method in Ruby on Rails 5.1 ... | bookworm, bullseye, sid, trixie | |
| CVE-2017-17920 | SQL injection vulnerability in the 'reorder' method in Ruby on Rails 5 ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-3704 | A vulnerability classified as problematic has been found in Ruby on Ra ... | bookworm, bullseye, sid, trixie | |
| rbdoom3bfg | CVE-2020-15007 | A buffer overflow in the M_LoadDefaults function in m_misc.c in id Tec ... | bookworm, bullseye, sid, trixie |
| re2c | CVE-2018-21232 | re2c before 2.0 has uncontrolled recursion that causes stack consumpti ... | bookworm, bullseye, sid, trixie |
| CVE-2022-23901 | A stack overflow re2c 2.2 exists due to infinite recursion issues in s ... | bullseye | |
| recutils | CVE-2019-6455 | An issue was discovered in GNU Recutils 1.8. There is a double-free pr ... | bookworm, bullseye, sid |
| CVE-2019-6456 | An issue was discovered in GNU Recutils 1.8. There is a NULL pointer d ... | bookworm, bullseye, sid | |
| CVE-2019-6457 | An issue was discovered in GNU Recutils 1.8. There is a memory leak in ... | bookworm, bullseye, sid | |
| CVE-2019-6458 | An issue was discovered in GNU Recutils 1.8. There is a memory leak in ... | bookworm, bullseye, sid | |
| CVE-2019-6459 | An issue was discovered in GNU Recutils 1.8. There is a memory leak in ... | bookworm, bullseye, sid | |
| CVE-2019-6460 | An issue was discovered in GNU Recutils 1.8. There is a NULL pointer d ... | bookworm, bullseye, sid | |
| CVE-2019-11637 | An issue was discovered in GNU recutils 1.8. There is a NULL pointer d ... | bookworm, bullseye, sid | |
| CVE-2019-11638 | An issue was discovered in GNU recutils 1.8. There is a NULL pointer d ... | bookworm, bullseye, sid | |
| CVE-2019-11639 | An issue was discovered in GNU recutils 1.8. There is a stack-based bu ... | bookworm, bullseye, sid | |
| CVE-2019-11640 | An issue was discovered in GNU recutils 1.8. There is a heap-based buf ... | bookworm, bullseye, sid | |
| CVE-2021-46019 | An untrusted pointer dereference in rec_db_destroy() at rec-db.c of GN ... | bookworm, bullseye, sid | |
| CVE-2021-46021 | An Use-After-Free vulnerability in rec_record_destroy() at rec-record. ... | bookworm, bullseye, sid | |
| CVE-2021-46022 | An Use-After-Free vulnerability in rec_mset_elem_destroy() at rec-mset ... | bookworm, bullseye, sid | |
| redis | CVE-2020-21468 | A segmentation fault in the redis-server component of Redis 5.0.7 lead ... | bookworm, bullseye, sid, trixie |
| CVE-2022-3647 | ** DISPUTED ** A vulnerability, which was classified as problematic, w ... | bookworm, bullseye, sid, trixie | |
| retroarch | CVE-2020-23914 | An issue was discovered in cpp-peglib through v0.1.12. A NULL pointer ... | bookworm, bullseye, sid, trixie |
| CVE-2020-23915 | An issue was discovered in cpp-peglib through v0.1.12. peg::resolve_es ... | bookworm, bullseye, sid, trixie | |
| rhythmbox | CVE-2008-7185 | GNOME Rhythmbox 0.11.5 allows remote attackers to cause a denial of se ... | bookworm, bullseye, sid, trixie |
| ring | CVE-2022-24786 | PJSIP is a free and open source multimedia communication library writt ... | bullseye |
| CVE-2022-24792 | PJSIP is a free and open source multimedia communication library writt ... | bullseye | |
| CVE-2023-38703 | PJSIP is a free and open source multimedia communication library writt ... | bookworm, bullseye | |
| roundcube | CVE-2024-57004 | Cross-Site Scripting (XSS) vulnerability in Roundcube Webmail 1.6.9 al ... | bookworm, bullseye, sid, trixie |
| rpm | CVE-2010-2198 | lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadat ... | bookworm, bullseye, sid, trixie |
| CVE-2010-2199 | lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadat ... | bookworm, bullseye, sid, trixie | |
| CVE-2017-7500 | It was found that rpm did not properly handle RPM installations when a ... | bookworm, bullseye, sid, trixie | |
| CVE-2017-7501 | It was found that versions of rpm before 4.13.0.2 use temporary files ... | bookworm, bullseye, sid, trixie | |
| rsyslog | CVE-2015-3243 | rsyslog uses weak permissions for generating log files, which allows l ... | bookworm, bullseye, sid, trixie |
| rtv | CVE-2017-17516 | scripts/inspect_webbrowser.py in Reddit Terminal Viewer (RTV) 1.19.0 d ... | bookworm, bullseye |
| ruamel.yaml | CVE-2019-20478 | In ruamel.yaml through 0.16.7, the load method allows remote code exec ... | bookworm, bullseye, sid, trixie |
| ruby-handlebars-assets | TEMP-0000000-345A3B | handlebars: quoteless attributes in templates can lead to content injection | bookworm, bullseye |
| ruby-nokogiri | CVE-2022-29181 | Nokogiri is an open source XML and HTML library for Ruby. Nokogiri pri ... | bullseye |
| ruby-oauth | CVE-2016-11086 | lib/oauth/consumer.rb in the oauth-ruby gem through 0.5.4 for Ruby doe ... | bookworm, bullseye, sid, trixie |
| rust-failure | CVE-2020-25575 | An issue was discovered in the failure crate through 0.1.5 for Rust. I ... | bookworm, bullseye |
| rustc | CVE-2021-42574 | An issue was discovered in the Bidirectional Algorithm in the Unicode ... | bullseye |
| samba | CVE-2020-27840 | A flaw was found in samba. Spaces used in a string around a domain nam ... | bullseye |
| CVE-2021-20277 | A flaw was found in Samba's libldb. Multiple, consecutive leading spac ... | bullseye | |
| sane-backends | CVE-2023-46047 | An issue in Sane 1.2.1 allows a local attacker to execute arbitrary co ... | bookworm, bullseye, sid, trixie |
| CVE-2023-46052 | Sane 1.2.1 heap bounds overwrite in init_options() from backend/test.c ... | bookworm, bullseye, sid, trixie | |
| schism | CVE-2021-32419 | An issue in Schism Tracker v20200412 fixed in v.20200412 allows attack ... | bullseye |
| scikit-learn | CVE-2020-13092 | scikit-learn (aka sklearn) through 0.23.0 can unserialize and execute ... | bookworm, bullseye, sid, trixie |
| CVE-2024-5206 | A sensitive data leakage vulnerability was identified in scikit-learn' ... | bookworm, bullseye, sid, trixie | |
| scilab | CVE-2019-20005 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ... | bookworm, bullseye, sid, trixie |
| CVE-2019-20006 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-20007 | An issue was discovered in ezXML 0.8.2 through 0.8.6. The function ezx ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-20198 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-20199 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-20200 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-20201 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The ezxml_parse_ ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-20202 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-26220 | The ezxml_toxml function in ezxml 0.8.6 and earlier is vulnerable to O ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-26221 | The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-26222 | The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-30485 | An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-31229 | An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-31347 | An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-31348 | An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-31598 | An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-30045 | An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ... | bookworm, bullseye, sid, trixie | |
| screen | CVE-2023-24626 | socket.c in GNU Screen through 4.9.0, when installed setuid or setgid ... | bookworm, bullseye |
| CVE-2025-46802 | bookworm, bullseye, sid, trixie | ||
| CVE-2025-46804 | bookworm, bullseye, sid, trixie | ||
| CVE-2025-46805 | bookworm, bullseye, sid, trixie | ||
| scummvm | CVE-2017-17528 | backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not valida ... | bookworm, bullseye, sid, trixie |
| sdop | CVE-2024-41881 | SDoP versions prior to 1.11 fails to handle appropriately some paramet ... | bookworm, bullseye, sid, trixie |
| seahorse | CVE-2008-7320 | GNOME Seahorse through 3.30 allows physically proximate attackers to r ... | bookworm, bullseye, sid, trixie |
| shadow | CVE-2007-5686 | initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ... | bookworm, bullseye, sid, trixie |
| CVE-2013-4235 | shadow: TOCTOU (time-of-check time-of-use) race condition when copying ... | bullseye | |
| TEMP-0628843-DBAD28 | more related to CVE-2005-4890 | bookworm, bullseye, sid, trixie | |
| shadowsocks-libev | CVE-2019-5152 | An exploitable information disclosure vulnerability exists in the netw ... | bookworm, bullseye, sid, trixie |
| sharutils | TEMP-0000000-95CBBF | uudecode: stack out of bounds read access | bookworm, bullseye, sid, trixie |
| shibboleth-sp | CVE-2019-19191 | Shibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file ... | bookworm, bullseye, sid, trixie |
| singular | CVE-2022-40299 | In Singular before 4.3.1, a predictable /tmp pathname is used (e.g., b ... | bookworm, bullseye, sid, trixie |
| sipcrack | CVE-2017-11654 | An out-of-bounds read and write flaw was found in the way SIPcrack 0.2 ... | bookworm, bullseye, sid, trixie |
| CVE-2017-11655 | A memory leak was found in the way SIPcrack 0.2 handled processing of ... | bookworm, bullseye, sid, trixie | |
| slang2 | CVE-2023-45927 | S-Lang 2.3.2 was discovered to contain an arithmetic exception via the ... | bookworm, bullseye, sid, trixie |
| CVE-2023-45929 | S-Lang 2.3.2 was discovered to contain a segmentation fault via the fu ... | bookworm, bullseye, sid, trixie | |
| sleuthkit | CVE-2018-11737 | An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from rel ... | bookworm, bullseye, sid, trixie |
| CVE-2018-11738 | An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from rel ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-11739 | An issue was discovered in libtskimg.a in The Sleuth Kit (TSK) from re ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-11740 | An issue was discovered in libtskbase.a in The Sleuth Kit (TSK) from r ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-14531 | An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an out ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-14532 | An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an off ... | bookworm, bullseye, sid, trixie | |
| CVE-2020-10233 | In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a heap- ... | bookworm, bullseye, sid, trixie | |
| slic3r | CVE-2020-28590 | An out-of-bounds read vulnerability exists in the Obj File TriangleMes ... | bookworm, bullseye, sid |
| CVE-2021-44961 | A memory leakage flaw exists in the class PerimeterGenerator of Slic3r ... | bookworm, bullseye, sid | |
| CVE-2021-44962 | An out-of-bounds read vulnerability exists in the GCode::extrude() fun ... | bookworm, bullseye, sid | |
| CVE-2021-45846 | A flaw in the AMF parser of Slic3r libslic3r 1.3.0 allows an attacker ... | bookworm, bullseye, sid | |
| CVE-2021-45847 | Several missing input validations in the 3MF parser component of Slic3 ... | bookworm, bullseye, sid | |
| slim | TEMP-0537604-F35BD7 | insecure tmp file vulnerability in slim | bookworm, bullseye, sid, trixie |
| snakeyaml | CVE-2022-1471 | SnakeYaml's Constructor() class does not restrict types which can be i ... | bookworm, bullseye, sid, trixie |
| CVE-2022-38752 | Using snakeYAML to parse untrusted YAML files may be vulnerable to Den ... | bullseye | |
| CVE-2022-41854 | Those using Snakeyaml to parse untrusted YAML files may be vulnerable ... | bullseye | |
| sngrep | CVE-2023-31981 | Sngrep v1.6.0 was discovered to contain a stack buffer overflow via th ... | bookworm, bullseye |
| CVE-2023-31982 | Sngrep v1.6.0 was discovered to contain a heap buffer overflow via the ... | bookworm, bullseye | |
| CVE-2023-36192 | Sngrep v1.6.0 was discovered to contain a heap buffer overflow via the ... | bookworm, bullseye | |
| CVE-2024-35434 | Irontec Sngrep v1.8.1 was discovered to contain a heap buffer overflow ... | bookworm, bullseye, sid, trixie | |
| socat | CVE-2024-54661 | readline.sh in socat before1.8.0.2 relies on the /tmp/$USER/stderr2 fi ... | bookworm, bullseye |
| software-properties | CVE-2020-15709 | Versions of add-apt-repository before 0.98.9.2, 0.96.24.32.14, 0.96.20 ... | bookworm, bullseye, sid |
| sosreport | CVE-2014-0246 | SOSreport stores the md5 hash of the GRUB bootloader password in an ar ... | bookworm, bullseye |
| spice-gtk | CVE-2016-3066 | The spice-gtk widget allows remote authenticated users to obtain infor ... | bookworm, bullseye, sid, trixie |
| sql-ledger | CVE-2007-0667 | The redirect function in Form.pm for (1) LedgerSMB before 1.1.5 and (2 ... | bookworm, bullseye, sid, trixie |
| CVE-2007-1329 | Directory traversal vulnerability in SQL-Ledger, and LedgerSMB before ... | bookworm, bullseye, sid, trixie | |
| CVE-2007-1923 | (1) LedgerSMB and (2) DWS Systems SQL-Ledger implement access control ... | bookworm, bullseye, sid, trixie | |
| CVE-2007-5372 | Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 through ... | bookworm, bullseye, sid, trixie | |
| CVE-2008-4077 | The CGI scripts in (1) LedgerSMB (LSMB) before 1.2.15 and (2) SQL-Ledg ... | bookworm, bullseye, sid, trixie | |
| CVE-2008-4078 | SQL injection vulnerability in the AR/AP transaction report in (1) Led ... | bookworm, bullseye, sid, trixie | |
| CVE-2009-3580 | Cross-site request forgery (CSRF) vulnerability in am.pl in SQL-Ledger ... | bookworm, bullseye, sid, trixie | |
| CVE-2009-3581 | Multiple cross-site scripting (XSS) vulnerabilities in SQL-Ledger 2.8. ... | bookworm, bullseye, sid, trixie | |
| CVE-2009-3582 | Multiple SQL injection vulnerabilities in the delete subroutine in SQL ... | bookworm, bullseye, sid, trixie | |
| CVE-2009-3583 | Directory traversal vulnerability in the Preferences menu item in SQL- ... | bookworm, bullseye, sid, trixie | |
| CVE-2009-3584 | SQL-Ledger 2.8.24 does not set the secure flag for the session cookie ... | bookworm, bullseye, sid, trixie | |
| CVE-2009-4402 | The default configuration of SQL-Ledger 2.8.24 allows remote attackers ... | bookworm, bullseye, sid, trixie | |
| sqlite3 | CVE-2021-45346 | A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 an ... | bookworm, bullseye, sid, trixie |
| CVE-2022-35737 | SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-b ... | bullseye | |
| sqlitedict | CVE-2024-35515 | Insecure deserialization in sqlitedict up to v2.1.0 allows attackers t ... | bookworm, sid, trixie |
| sqliteodbc | CVE-2020-12050 | SQLiteODBC 0.9996, as packaged for certain Linux distributions as 0.99 ... | bookworm, bullseye, sid, trixie |
| squid | CVE-2019-12522 | An issue was discovered in Squid through 4.7. When Squid is run as roo ... | bookworm, bullseye, sid, trixie |
| ssmtp | CVE-2004-0423 | The log_event function in ssmtp 2.50.6 and earlier allows local users ... | bookworm, bullseye, sid, trixie |
| CVE-2008-7258 | The standardise function in Anibal Monsalve Salazar sSMTP 2.61 and 2.6 ... | bookworm, bullseye, sid, trixie | |
| stalin | CVE-2015-8697 | stalin 0.11-5 allows local users to write to arbitrary files. | bookworm, bullseye, sid, trixie |
| strongswan | CVE-2018-5389 | The Internet Key Exchange v1 main mode is vulnerable to offline dictio ... | bookworm, bullseye, sid, trixie |
| sudo | CVE-2005-1119 | Sudo VISudo 1.6.8 and earlier allows local users to corrupt arbitrary ... | bookworm, bullseye, sid, trixie |
| CVE-2022-43995 | Sudo 1.8.0 through 1.9.12, with the crypt() password backend, contains ... | bullseye | |
| supervisor | CVE-2019-12105 | In Supervisor through 4.0.2, an unauthenticated user can read log file ... | bookworm, bullseye, sid, trixie |
| surf | CVE-2014-3566 | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other prod ... | bookworm, bullseye, sid, trixie |
| svgpp | CVE-2019-6245 | An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SV ... | bookworm, bullseye, sid, trixie |
| CVE-2019-6247 | An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SV ... | bookworm, bullseye, sid, trixie | |
| swfmill | CVE-2022-36140 | SWFMill commit 53d7690 was discovered to contain a segmentation violat ... | bullseye |
| CVE-2022-36141 | SWFMill commit 53d7690 was discovered to contain a segmentation violat ... | bullseye | |
| CVE-2022-36142 | SWFMill commit 53d7690 was discovered to contain a heap-buffer overflo ... | bullseye | |
| CVE-2022-36143 | SWFMill commit 53d7690 was discovered to contain a heap-buffer overflo ... | bullseye | |
| CVE-2022-36145 | SWFMill commit 53d7690 was discovered to contain a segmentation violat ... | bullseye | |
| CVE-2022-36146 | SWFMill commit 53d7690 was discovered to contain a memory allocation i ... | bullseye | |
| swi-prolog | CVE-2017-17524 | library/www_browser.pl in SWI-Prolog 7.2.3 does not validate strings b ... | bookworm, bullseye, sid, trixie |
| sylpheed | CVE-2007-1267 | Sylpheed 2.2.7 and earlier does not properly use the --status-fd argum ... | bookworm, bullseye, sid, trixie |
| CVE-2017-17517 | libsylph/utils.c in Sylpheed through 3.6 does not validate strings bef ... | bookworm, bullseye, sid, trixie | |
| symfony | CVE-2024-36611 | In Symfony v7.07, a security vulnerability was identified in the FormL ... | bookworm, bullseye, sid, trixie |
| systemd | CVE-2013-4392 | systemd, when updating file permissions, allows local users to change ... | bookworm, bullseye, sid, trixie |
| CVE-2020-13529 | An exploitable denial-of-service vulnerability exists in Systemd 245. ... | bullseye | |
| CVE-2023-31437 | An issue was discovered in systemd 253. An attacker can modify a seale ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-31438 | An issue was discovered in systemd 253. An attacker can truncate a sea ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-31439 | An issue was discovered in systemd 253. An attacker can modify the con ... | bookworm, bullseye, sid, trixie | |
| sysvinit | TEMP-0517018-A83CE6 | sysvinit: no-root option in expert installer exposes locally exploitable security flaw | bookworm, bullseye, sid, trixie |
| tar | CVE-2005-2541 | Tar 1.15.1 does not properly warn the user when extracting setuid or s ... | bookworm, bullseye, sid, trixie |
| TEMP-0290435-0B57B5 | tar's rmt command may have undesired side effects | bookworm, bullseye, sid, trixie | |
| tcc | CVE-2018-20374 | An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. ... | bookworm, bullseye, sid, trixie |
| CVE-2018-20375 | An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-20376 | An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. ... | bookworm, bullseye, sid, trixie | |
| tcl8.6 | CVE-2021-35331 | In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow ... | bookworm, bullseye, sid, trixie |
| tcpdump | CVE-2018-19519 | In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_p ... | bookworm, bullseye, sid, trixie |
| CVE-2019-1010220 | tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. T ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-1801 | The SMB protocol decoder in tcpdump version 4.99.3 can perform an out- ... | bookworm, bullseye | |
| tcpreplay | CVE-2020-24265 | An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap b ... | bullseye |
| CVE-2020-24266 | An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap b ... | bullseye | |
| CVE-2021-45386 | tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c | bullseye | |
| CVE-2021-45387 | tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c ... | bullseye | |
| CVE-2022-25484 | tcpprep v4.4.1 has a reachable assertion (assert(l2len > 0)) in packet ... | bullseye | |
| CVE-2022-27416 | Tcpreplay v4.4.1 was discovered to contain a double-free via __interce ... | bullseye | |
| CVE-2022-27418 | Tcpreplay v4.4.1 has a heap-based buffer overflow in do_checksum_math ... | bullseye | |
| CVE-2022-27939 | tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_ ... | bullseye | |
| CVE-2022-27940 | tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get ... | bullseye | |
| CVE-2022-27941 | tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get ... | bullseye | |
| CVE-2022-27942 | tcpprep in Tcpreplay 4.4.1 has a heap-based buffer over-read in parse_ ... | bullseye | |
| CVE-2022-28487 | Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_che ... | bullseye | |
| CVE-2022-37047 | The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain ... | bullseye | |
| CVE-2022-37048 | The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain ... | bullseye | |
| CVE-2022-37049 | The component tcpprep in Tcpreplay v4.4.1 was discovered to contain a ... | bullseye | |
| CVE-2023-4256 | Within tcpreplay's tcprewrite, a double free vulnerability has been id ... | bookworm, bullseye | |
| CVE-2023-27783 | An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacke ... | bookworm, bullseye | |
| CVE-2023-27784 | An issue found in TCPReplay v.4.4.3 allows a remote attacker to cause ... | bookworm, bullseye | |
| CVE-2023-27785 | An issue found in TCPreplay TCPprep v.4.4.3 allows a remote attacker t ... | bookworm, bullseye | |
| CVE-2023-27786 | An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a ... | bookworm, bullseye | |
| CVE-2023-27787 | An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a ... | bookworm, bullseye | |
| CVE-2023-27788 | An issue found in TCPrewrite v.4.4.3 allows a remote attacker to cause ... | bookworm, bullseye | |
| CVE-2023-27789 | An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a ... | bookworm, bullseye | |
| CVE-2023-43279 | Null Pointer Dereference in mask_cidr6 component at cidr.c in Tcprepla ... | bookworm, bullseye, sid, trixie | |
| CVE-2024-3024 | A vulnerability was found in appneta tcpreplay up to 4.4.4. It has bee ... | bookworm, bullseye, sid, trixie | |
| telegram-desktop | CVE-2018-17231 | Telegram Desktop (aka tdesktop) 1.3.14 might allow attackers to cause ... | bookworm, bullseye, sid |
| CVE-2018-17613 | Telegram Desktop (aka tdesktop) 1.3.16 alpha, when "Use proxy" is enab ... | bookworm, bullseye, sid | |
| texlive-base | CVE-2017-17513 | TeX Live through 20170524 does not validate strings before launching t ... | bookworm, bullseye, sid, trixie, bookworm, bullseye, sid, trixie |
| texlive-bin | CVE-2019-19601 | OpenDetex 2.8.5 has a Buffer Overflow in TexOpen in detex.l because of ... | bookworm, bullseye, sid, trixie |
| CVE-2022-33047 | OTFCC v0.10.4 was discovered to contain a heap buffer overflow after f ... | bookworm, sid, trixie | |
| CVE-2022-35021 | OTFCC commit 617837b was discovered to contain a global buffer overflo ... | bookworm, sid, trixie | |
| CVE-2022-35022 | OTFCC commit 617837b was discovered to contain a segmentation violatio ... | bookworm, sid, trixie | |
| CVE-2022-35023 | OTFCC commit 617837b was discovered to contain a segmentation violatio ... | bookworm, sid, trixie | |
| CVE-2022-35024 | OTFCC commit 617837b was discovered to contain a segmentation violatio ... | bookworm, sid, trixie | |
| CVE-2022-35025 | OTFCC commit 617837b was discovered to contain a segmentation violatio ... | bookworm, sid, trixie | |
| CVE-2022-35026 | OTFCC commit 617837b was discovered to contain a segmentation violatio ... | bookworm, sid, trixie | |
| CVE-2022-35027 | OTFCC commit 617837b was discovered to contain a segmentation violatio ... | bookworm, sid, trixie | |
| CVE-2022-35028 | OTFCC commit 617837b was discovered to contain a segmentation violatio ... | bookworm, sid, trixie | |
| CVE-2022-35029 | OTFCC commit 617837b was discovered to contain a segmentation violatio ... | bookworm, sid, trixie | |
| CVE-2022-35030 | OTFCC commit 617837b was discovered to contain a segmentation violatio ... | bookworm, sid, trixie | |
| CVE-2022-35031 | OTFCC commit 617837b was discovered to contain a segmentation violatio ... | bookworm, sid, trixie | |
| CVE-2022-35032 | OTFCC commit 617837b was discovered to contain a segmentation violatio ... | bookworm, sid, trixie | |
| CVE-2022-35034 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35035 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35036 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35037 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35038 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35039 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35040 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35041 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35042 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35043 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35044 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35045 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35046 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35047 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35048 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35049 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35050 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35051 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35052 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35053 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35054 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35055 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35056 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35058 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35059 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35060 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35061 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35062 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35063 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35064 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35065 | OTFCC commit 617837b was discovered to contain a segmentation violatio ... | bookworm, sid, trixie | |
| CVE-2022-35066 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35067 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35068 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35069 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35070 | OTFCC commit 617837b was discovered to contain a heap buffer overflow ... | bookworm, sid, trixie | |
| CVE-2022-35447 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35448 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35449 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35450 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35451 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35452 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35453 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35454 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35455 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35456 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35458 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35459 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35460 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35461 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35462 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35463 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35464 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35465 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35466 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35467 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35468 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35469 | OTFCC v0.10.4 was discovered to contain a segmentation violation via / ... | bookworm, sid, trixie | |
| CVE-2022-35470 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35471 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35472 | OTFCC v0.10.4 was discovered to contain a global overflow via /release ... | bookworm, sid, trixie | |
| CVE-2022-35473 | OTFCC v0.10.4 was discovered to contain a segmentation violation via / ... | bookworm, sid, trixie | |
| CVE-2022-35474 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35475 | OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ... | bookworm, sid, trixie | |
| CVE-2022-35476 | OTFCC v0.10.4 was discovered to contain a segmentation violation via / ... | bookworm, sid, trixie | |
| CVE-2022-35477 | OTFCC v0.10.4 was discovered to contain a segmentation violation via / ... | bookworm, sid, trixie | |
| CVE-2022-35478 | OTFCC v0.10.4 was discovered to contain a segmentation violation via / ... | bookworm, sid, trixie | |
| CVE-2022-35479 | OTFCC v0.10.4 was discovered to contain a segmentation violation via / ... | bookworm, sid, trixie | |
| CVE-2022-35481 | OTFCC v0.10.4 was discovered to contain a segmentation violation via / ... | bookworm, sid, trixie | |
| CVE-2022-35482 | OTFCC v0.10.4 was discovered to contain a segmentation violation via / ... | bookworm, sid, trixie | |
| CVE-2022-35483 | OTFCC v0.10.4 was discovered to contain a segmentation violation via / ... | bookworm, sid, trixie | |
| CVE-2022-35484 | OTFCC v0.10.4 was discovered to contain a segmentation violation via / ... | bookworm, sid, trixie | |
| CVE-2022-35485 | OTFCC v0.10.4 was discovered to contain a segmentation violation via / ... | bookworm, sid, trixie | |
| CVE-2022-35486 | OTFCC v0.10.4 was discovered to contain a segmentation violation via / ... | bookworm, sid, trixie | |
| CVE-2023-46048 | Tex Live 944e257 has a NULL pointer dereference in texk/web2c/pdftexdi ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-46051 | TeX Live 944e257 allows a NULL pointer dereference in texk/web2c/pdfte ... | bookworm, bullseye, sid, trixie | |
| thunar | CVE-2018-18398 | Xfce Thunar 1.6.15, when Xfce 4.12 is used, mishandles the IBus-Unikey ... | bookworm, bullseye, sid, trixie |
| TEMP-0517020-915121 | thunar: potential exploits via application launchers | bookworm, bullseye, sid, trixie | |
| tiff | CVE-2017-5563 | LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read i ... | bookworm, bullseye, sid, trixie |
| CVE-2017-9117 | In LibTIFF 4.0.6 and possibly other versions, the program processes BM ... | bookworm, bullseye, sid, trixie | |
| CVE-2017-16232 | LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow at ... | bookworm, bullseye, sid, trixie | |
| CVE-2017-17973 | In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writ ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-10126 | ijg-libjpeg before 9d, as used in tiff2pdf (from LibTIFF) and other pr ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-1056 | Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers ... | bullseye | |
| CVE-2022-1210 | A vulnerability classified as problematic was found in LibTIFF 4.3.0. ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-1916 | A flaw was found in tiffcrop, a program distributed by the libtiff pac ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-3164 | A heap-buffer-overflow vulnerability was found in LibTIFF, in extractI ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-6228 | An issue was found in the tiffcp utility distributed by the libtiff pa ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-30775 | A vulnerability was found in the libtiff library. This security flaw c ... | bullseye | |
| tiles | CVE-2023-49735 | ** UNSUPPORTED WHEN ASSIGNED ** The value set as the DefaultLocaleRes ... | bookworm, bullseye, sid, trixie |
| timidity | CVE-2017-11549 | The play_midi function in playmidi.c in TiMidity++ 2.14.0 allows remot ... | bookworm, bullseye, sid, trixie |
| tin | CVE-2017-17520 | tools/url_handler.pl in TIN 2.4.1 does not validate strings before lau ... | bookworm, bullseye, sid, trixie |
| tinyexr | CVE-2018-12687 | tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h ... | bookworm, bullseye, sid, trixie |
| tinymux | CVE-2007-1959 | Unspecified vulnerability in the process_cmdent function in command.cp ... | bookworm, bullseye, sid, trixie |
| tinyssh | CVE-2023-48795 | The SSH transport protocol with certain OpenSSH extensions, found in O ... | bookworm, bullseye |
| tinyxml2 | CVE-2018-11210 | TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::P ... | bookworm, bullseye, sid, trixie |
| tomcat9 | CVE-2022-34305 | In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 ... | bullseye |
| tor | CVE-2006-6893 | Tor allows remote attackers to discover the IP address of a hidden ser ... | bookworm, bullseye, sid, trixie |
| CVE-2007-1103 | Tor does not verify a node's uptime and bandwidth advertisements, whic ... | bookworm, bullseye, sid, trixie | |
| CVE-2009-0654 | Tor 0.2.0.28, and probably 0.2.0.34 and earlier, allows remote attacke ... | bookworm, bullseye, sid, trixie | |
| CVE-2020-8516 | The daemon in Tor through 0.4.1.8 and 0.4.2.x through 0.4.2.6 does not ... | bookworm, bullseye, sid, trixie | |
| triplea | CVE-2018-1000546 | Triplea version <= 1.9.0.0.10291 contains a XML External Entity (XXE) ... | bookworm, bullseye, sid, trixie |
| trousers | CVE-2020-24330 | An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon ... | bullseye |
| CVE-2020-24331 | An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon ... | bullseye | |
| CVE-2020-24332 | An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon ... | bullseye | |
| u-boot | CVE-2017-3225 | Das U-Boot is a device bootloader that can read its configuration from ... | bookworm, bullseye, sid, trixie |
| CVE-2017-3226 | Das U-Boot is a device bootloader that can read its configuration from ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-18439 | DENX U-Boot through 2018.09-rc1 has a remotely exploitable buffer over ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-18440 | DENX U-Boot through 2018.09-rc1 has a locally exploitable buffer overf ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-1000205 | U-Boot contains a CWE-20: Improper Input Validation vulnerability in V ... | bookworm, bullseye, sid, trixie | |
| uclibc | CVE-2017-9728 | In uClibc 0.9.33.2, there is an out-of-bounds read in the get_subexp f ... | bookworm, bullseye, sid, trixie |
| CVE-2017-9729 | In uClibc 0.9.33.2, there is stack exhaustion (uncontrolled recursion) ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-27419 | uClibc-ng versions prior to 1.0.37 are vulnerable to integer wrap-arou ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-43523 | In uClibc and uClibc-ng before 1.0.39, incorrect handling of special c ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-29503 | A memory corruption vulnerability exists in the libpthread linuxthread ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-30295 | uClibc-ng through 1.0.40 and uClibc through 0.9.33.2 use predictable D ... | bookworm, bullseye, sid, trixie | |
| uglify-js | CVE-2022-37598 | Prototype pollution vulnerability in function DEFNODE in ast.js in mis ... | bookworm, bullseye, sid, trixie, bullseye, sid, trixie |
| unbound | CVE-2024-43167 | DISPUTE NOTE: this issue does not pose a security risk as it (accordin ... | bookworm |
| CVE-2024-43168 | DISPUTE NOTE: this issue does not pose a security risk as it (accordin ... | bookworm | |
| unixodbc | CVE-2024-1013 | An out-of-bounds stack write flaw was found in unixODBC on 64-bit arch ... | bookworm, bullseye, sid, trixie |
| unrar-free | CVE-2017-11190 | unrarlib.c in unrar-free 0.0.1, when _DEBUG_LOG mode is enabled, might ... | bullseye |
| unzip | CVE-2021-4217 | A flaw was found in unzip. The vulnerability occurs due to improper ha ... | bookworm, bullseye, sid, trixie |
| upx-ucl | CVE-2020-24119 | A heap buffer overflow read was discovered in upx 4.0.0, because the c ... | bullseye |
| CVE-2020-27796 | A heap-based buffer over-read was discovered in the invert_pt_dynamic ... | bullseye | |
| CVE-2020-27797 | An invalid memory address reference was discovered in the elf_lookup f ... | bullseye | |
| CVE-2020-27798 | An invalid memory address reference was discovered in the adjABS funct ... | bullseye | |
| CVE-2020-27799 | A heap-based buffer over-read was discovered in the acc_ua_get_be32 fu ... | bullseye | |
| CVE-2020-27800 | A heap-based buffer over-read was discovered in the get_le32 function ... | bullseye | |
| CVE-2020-27801 | A heap-based buffer over-read was discovered in the get_le64 function ... | bullseye | |
| CVE-2020-27802 | An floating point exception was discovered in the elf_lookup function ... | bullseye | |
| CVE-2021-20285 | A flaw was found in upx canPack in p_lx_elf.cpp in UPX 3.96. This flaw ... | bullseye | |
| CVE-2021-30500 | Null pointer dereference was found in upx PackLinuxElf::canUnpack() in ... | bullseye | |
| CVE-2021-30501 | An assertion abort was found in upx MemBuffer::alloc() in mem.cpp, in ... | bullseye | |
| CVE-2021-43311 | A heap-based buffer overflow was discovered in upx, during the generic ... | bullseye | |
| CVE-2021-43312 | A heap-based buffer overflow was discovered in upx, during the variabl ... | bullseye | |
| CVE-2021-43313 | A heap-based buffer overflow was discovered in upx, during the variabl ... | bullseye | |
| CVE-2021-43314 | A heap-based buffer overflows was discovered in upx, during the generi ... | bullseye | |
| CVE-2021-43315 | A heap-based buffer overflows was discovered in upx, during the generi ... | bullseye | |
| CVE-2021-43316 | A heap-based buffer overflow was discovered in upx, during the generic ... | bullseye | |
| CVE-2021-43317 | A heap-based buffer overflows was discovered in upx, during the generi ... | bullseye | |
| CVE-2021-46179 | Reachable Assertion vulnerability in upx before 4.0.0 allows attackers ... | bullseye | |
| CVE-2023-23457 | A Segmentation fault was found in UPX in PackLinuxElf64::invert_pt_dyn ... | bullseye | |
| CVE-2024-3209 | A vulnerability was found in UPX up to 4.2.2. It has been rated as cri ... | bullseye | |
| util-linux | CVE-2022-0563 | A flaw was found in the util-linux chfn and chsh utilities when compil ... | bookworm, bullseye, sid, trixie |
| uwsgi | CVE-2020-11984 | Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure an ... | bookworm, bullseye, sid, trixie |
| CVE-2021-36160 | A carefully crafted request uri-path can cause mod_proxy_uwsgi to read ... | bookworm, bullseye, sid, trixie | |
| CVE-2024-24795 | HTTP Response splitting in multiple modules in Apache HTTP Server allo ... | bookworm, bullseye, sid, trixie | |
| v4l2loopback | CVE-2022-2652 | Depending on the way the format strings in the card label are crafted ... | bullseye |
| varnish | CVE-2009-4488 | Varnish 2.0.6 writes data to a log file without sanitizing non-printab ... | bookworm, bullseye, sid, trixie |
| vim | CVE-2008-4677 | autoload/netrw.vim (aka the Netrw Plugin) 109, 131, and other versions ... | bookworm, bullseye, sid, trixie |
| CVE-2017-1000382 | VIM version 8.0.1187 (and other versions most likely) ignores umask wh ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-3903 | vim is vulnerable to Heap-based Buffer Overflow | bullseye | |
| CVE-2021-3927 | vim is vulnerable to Heap-based Buffer Overflow | bullseye | |
| CVE-2021-3928 | vim is vulnerable to Use of Uninitialized Variable | bullseye | |
| CVE-2021-3968 | vim is vulnerable to Heap-based Buffer Overflow | bullseye | |
| CVE-2021-3973 | vim is vulnerable to Heap-based Buffer Overflow | bullseye | |
| CVE-2021-3974 | vim is vulnerable to Use After Free | bullseye | |
| CVE-2021-3984 | vim is vulnerable to Heap-based Buffer Overflow | bullseye | |
| CVE-2021-4069 | vim is vulnerable to Use After Free | bullseye | |
| CVE-2021-4136 | vim is vulnerable to Heap-based Buffer Overflow | bullseye | |
| CVE-2021-4166 | vim is vulnerable to Out-of-bounds Read | bullseye | |
| CVE-2021-4192 | vim is vulnerable to Use After Free | bullseye | |
| CVE-2021-4193 | vim is vulnerable to Out-of-bounds Read | bullseye | |
| CVE-2022-0156 | vim is vulnerable to Use After Free | bullseye | |
| CVE-2022-0158 | vim is vulnerable to Heap-based Buffer Overflow | bullseye | |
| CVE-2022-0213 | vim is vulnerable to Heap-based Buffer Overflow | bullseye | |
| CVE-2022-0318 | Heap-based Buffer Overflow in vim/vim prior to 8.2. | bullseye | |
| CVE-2022-0319 | Out-of-bounds Read in vim/vim prior to 8.2. | bullseye | |
| CVE-2022-0368 | Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-0393 | Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-0407 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-0408 | Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-0413 | Use After Free in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-0443 | Use After Free in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-0554 | Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior ... | bullseye | |
| CVE-2022-0629 | Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-0685 | Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior ... | bullseye | |
| CVE-2022-0696 | NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.442 ... | bullseye | |
| CVE-2022-0714 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4 ... | bullseye | |
| CVE-2022-0729 | Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior ... | bullseye | |
| CVE-2022-0943 | Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim ... | bullseye | |
| CVE-2022-1154 | Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8 ... | bullseye | |
| CVE-2022-1420 | Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior ... | bullseye | |
| CVE-2022-1619 | Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub r ... | bullseye | |
| CVE-2022-1620 | NULL Pointer Dereference in function vim_regexec_string at regexp.c:27 ... | bullseye | |
| CVE-2022-1621 | Heap buffer overflow in vim_strncpy find_word in GitHub repository vim ... | bullseye | |
| CVE-2022-1629 | Buffer Over-read in function find_next_quote in GitHub repository vim/ ... | bullseye | |
| CVE-2022-1674 | NULL Pointer Dereference in function vim_regexec_string at regexp.c:27 ... | bullseye | |
| CVE-2022-1720 | Buffer Over-read in function grab_file_name in GitHub repository vim/v ... | bullseye | |
| CVE-2022-1725 | NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.495 ... | bullseye | |
| CVE-2022-1733 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4 ... | bullseye | |
| CVE-2022-1735 | Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969 ... | bullseye | |
| CVE-2022-1769 | Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974. | bullseye | |
| CVE-2022-1771 | Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975. | bullseye | |
| CVE-2022-1796 | Use After Free in GitHub repository vim/vim prior to 8.2.4979. | bullseye | |
| CVE-2022-1851 | Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-1886 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-1898 | Use After Free in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-1927 | Buffer Over-read in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-1968 | Use After Free in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-2042 | Use After Free in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-2124 | Buffer Over-read in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-2125 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-2126 | Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-2175 | Buffer Over-read in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-2182 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-2183 | Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-2206 | Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-2207 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-2208 | NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.516 ... | bullseye | |
| CVE-2022-2210 | Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-2231 | NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2. | bullseye | |
| CVE-2022-2257 | Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. | bullseye | |
| CVE-2022-2264 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. | bullseye | |
| CVE-2022-2284 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. | bullseye | |
| CVE-2022-2285 | Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9 ... | bullseye | |
| CVE-2022-2286 | Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. | bullseye | |
| CVE-2022-2287 | Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. | bullseye | |
| CVE-2022-2289 | Use After Free in GitHub repository vim/vim prior to 9.0. | bullseye | |
| CVE-2022-2343 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ... | bullseye | |
| CVE-2022-2344 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ... | bullseye | |
| CVE-2022-2345 | Use After Free in GitHub repository vim/vim prior to 9.0.0046. | bullseye | |
| CVE-2022-2522 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ... | bullseye | |
| CVE-2022-2571 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ... | bullseye | |
| CVE-2022-2581 | Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0104. | bullseye | |
| CVE-2022-2598 | Out-of-bounds Write to API in GitHub repository vim/vim prior to 9.0.0 ... | bullseye | |
| CVE-2022-2816 | Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0212. | bullseye | |
| CVE-2022-2817 | Use After Free in GitHub repository vim/vim prior to 9.0.0213. | bullseye | |
| CVE-2022-2819 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ... | bullseye | |
| CVE-2022-2845 | Improper Validation of Specified Quantity in Input in GitHub repositor ... | bullseye | |
| CVE-2022-2849 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ... | bullseye | |
| CVE-2022-2862 | Use After Free in GitHub repository vim/vim prior to 9.0.0221. | bullseye | |
| CVE-2022-2874 | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.022 ... | bullseye | |
| CVE-2022-2889 | Use After Free in GitHub repository vim/vim prior to 9.0.0225. | bullseye | |
| CVE-2022-2923 | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.024 ... | bullseye | |
| CVE-2022-2946 | Use After Free in GitHub repository vim/vim prior to 9.0.0246. | bullseye | |
| CVE-2022-2980 | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.025 ... | bullseye | |
| CVE-2022-2982 | Use After Free in GitHub repository vim/vim prior to 9.0.0260. | bullseye | |
| CVE-2022-3016 | Use After Free in GitHub repository vim/vim prior to 9.0.0286. | bullseye | |
| CVE-2022-3037 | Use After Free in GitHub repository vim/vim prior to 9.0.0322. | bullseye | |
| CVE-2022-3153 | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.040 ... | bullseye | |
| CVE-2022-3234 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ... | bullseye | |
| CVE-2022-3235 | Use After Free in GitHub repository vim/vim prior to 9.0.0490. | bullseye | |
| CVE-2022-3256 | Use After Free in GitHub repository vim/vim prior to 9.0.0530. | bullseye | |
| CVE-2022-3278 | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.055 ... | bullseye | |
| CVE-2022-3296 | Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. ... | bullseye | |
| CVE-2022-3297 | Use After Free in GitHub repository vim/vim prior to 9.0.0579. | bullseye | |
| CVE-2022-3352 | Use After Free in GitHub repository vim/vim prior to 9.0.0614. | bullseye | |
| CVE-2022-3491 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ... | bullseye | |
| CVE-2022-3520 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ... | bullseye | |
| CVE-2022-3591 | Use After Free in GitHub repository vim/vim prior to 9.0.0789. | bullseye | |
| CVE-2022-3705 | A vulnerability was found in vim and classified as problematic. Affect ... | bullseye | |
| CVE-2022-4292 | Use After Free in GitHub repository vim/vim prior to 9.0.0882. | bullseye | |
| CVE-2022-4293 | Floating Point Comparison with Incorrect Operator in GitHub repository ... | bullseye | |
| CVE-2022-47024 | A null pointer dereference issue was discovered in function gui_x11_cr ... | bullseye | |
| CVE-2023-0049 | Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143. | bullseye | |
| CVE-2023-0051 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1 ... | bullseye | |
| CVE-2023-0288 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1 ... | bullseye | |
| CVE-2023-0433 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1 ... | bullseye | |
| CVE-2023-0512 | Divide By Zero in GitHub repository vim/vim prior to 9.0.1247. | bullseye | |
| CVE-2023-1170 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1 ... | bullseye | |
| CVE-2023-1264 | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.139 ... | bookworm, bullseye | |
| CVE-2023-1355 | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.140 ... | bookworm, bullseye | |
| CVE-2023-2609 | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.153 ... | bookworm, bullseye | |
| CVE-2023-3896 | Divide By Zero in vim/vim from9.0.1367-1 to9.0.1367-3 | bookworm, bullseye | |
| CVE-2023-4733 | Use After Free in GitHub repository vim/vim prior to 9.0.1840. | bookworm, bullseye | |
| CVE-2023-4734 | Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9 ... | bookworm, bullseye | |
| CVE-2023-4735 | Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847. | bookworm, bullseye | |
| CVE-2023-4750 | Use After Free in GitHub repository vim/vim prior to 9.0.1857. | bookworm, bullseye | |
| CVE-2023-4751 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1 ... | bookworm, bullseye | |
| CVE-2023-5441 | NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161a ... | bookworm, bullseye | |
| CVE-2023-5535 | Use After Free in GitHub repository vim/vim prior to v9.0.2010. | bookworm, bullseye | |
| CVE-2023-46246 | Vim is an improved version of the good old UNIX editor Vi. Heap-use-af ... | bookworm, bullseye | |
| CVE-2023-48231 | Vim is an open source command line text editor. When closing a window, ... | bookworm, bullseye | |
| CVE-2023-48232 | Vim is an open source command line text editor. A floating point excep ... | bookworm, bullseye | |
| CVE-2023-48233 | Vim is an open source command line text editor. If the count after the ... | bookworm, bullseye | |
| CVE-2023-48234 | Vim is an open source command line text editor. When getting the count ... | bookworm, bullseye | |
| CVE-2023-48235 | Vim is an open source command line text editor. When parsing relative ... | bookworm, bullseye | |
| CVE-2023-48236 | Vim is an open source command line text editor. When using the z= comm ... | bookworm, bullseye | |
| CVE-2023-48237 | Vim is an open source command line text editor. In affected versions w ... | bookworm, bullseye | |
| CVE-2023-48706 | Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-a ... | bookworm, bullseye | |
| CVE-2024-41957 | Vim is an open source command line text editor. Vim < v9.1.0647 has do ... | bookworm, bullseye | |
| CVE-2024-41965 | Vim is an open source command line text editor. double-free in dialog_ ... | bookworm, bullseye | |
| CVE-2024-43374 | The UNIX editor Vim prior to version 9.1.0678 has a use-after-free err ... | bookworm, bullseye | |
| CVE-2024-43790 | Vim is an open source command line text editor. When performing a sear ... | bookworm, bullseye | |
| CVE-2025-1215 | A vulnerability classified as problematic was found in vim up to 9.1.1 ... | bookworm, bullseye | |
| CVE-2025-22134 | When switching to other buffers using the :all command and visual mode ... | bookworm, bullseye | |
| CVE-2025-24014 | Vim is an open source, command line text editor. A segmentation fault ... | bookworm, bullseye | |
| CVE-2025-26603 | Vim is a greatly improved version of the good old UNIX editor Vi. Vim ... | bookworm, bullseye | |
| vino | CVE-2011-1164 | Vino before 2.99.4 can connect external networks contrary to the state ... | bookworm, bullseye |
| CVE-2011-1165 | Vino, possibly before 3.2, does not properly document that it opens po ... | bookworm, bullseye | |
| vorbis-tools | CVE-2017-11331 | The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 ... | bookworm, bullseye |
| CVE-2023-43361 | Buffer Overflow vulnerability in Vorbis-tools v.1.4.2 allows a local a ... | bookworm, bullseye | |
| vte | CVE-2005-0023 | gnome-pty-helper in GNOME libzvt2 and libvte4 allows local users to sp ... | bookworm, bullseye, sid, trixie |
| CVE-2024-37535 | GNOME VTE before 0.76.3 allows an attacker to cause a denial of servic ... | bookworm, bullseye, sid, trixie | |
| w3m | CVE-2023-38252 | An out-of-bounds read flaw was found in w3m, in the Strnew_size functi ... | bookworm, bullseye, sid, trixie |
| CVE-2023-38253 | An out-of-bounds read flaw was found in w3m, in the growbuf_to_Str fun ... | bookworm, bullseye, sid, trixie | |
| TEMP-0532514-9137E0 | predictable random number generator used in web browsers | bookworm, bullseye, sid, trixie | |
| wabt | CVE-2022-43280 | wasm-interp v1.0.29 was discovered to contain an out-of-bounds read vi ... | bullseye |
| CVE-2022-43281 | wasm-interp v1.0.29 was discovered to contain a heap overflow via the ... | bullseye | |
| CVE-2022-43282 | wasm-interp v1.0.29 was discovered to contain an out-of-bounds read vi ... | bullseye | |
| CVE-2022-43283 | wasm2c v1.0.29 was discovered to contain an abort in CWriter::Write. | bullseye | |
| CVE-2023-27115 | WebAssembly v1.0.29 was discovered to contain a segmentation fault via ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-27116 | WebAssembly v1.0.29 discovered to contain an abort in CWriter::MangleT ... | bookworm, bullseye | |
| CVE-2023-27117 | WebAssembly v1.0.29 was discovered to contain a heap overflow via the ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-27119 | WebAssembly v1.0.29 was discovered to contain a segmentation fault via ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-30300 | An issue in the component hang.wasm of WebAssembly 1.0 causes an infin ... | bookworm, bullseye | |
| CVE-2023-31669 | WebAssembly wat2wasm v1.0.32 allows attackers to cause a libc++abi.dyl ... | bookworm, bullseye | |
| CVE-2023-31670 | An issue in wasm2c 1.0.32, wasm2wat 1.0.32, wasm-decompile 1.0.32, and ... | bookworm, bullseye | |
| CVE-2023-46331 | WebAssembly wabt 1.0.33 has an Out-of-Bound Memory Read in in DataSegm ... | bookworm, bullseye, sid, trixie | |
| CVE-2025-2368 | A vulnerability was found in WebAssembly wabt 1.0.36 and classified as ... | bookworm, bullseye, sid, trixie | |
| CVE-2025-2584 | A vulnerability was found in WebAssembly wabt 1.0.36. It has been decl ... | bookworm, bullseye, sid, trixie | |
| CVE-2025-3122 | A vulnerability classified as problematic was found in WebAssembly wab ... | bookworm, bullseye, sid, trixie | |
| wavpack | CVE-2021-44269 | An out of bounds read was found in Wavpack 5.4.0 in processing *.WAV f ... | bullseye |
| wheel | CVE-2022-40898 | An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 ... | bullseye |
| whitedune | CVE-2017-17518 | swt/motif/browser.c in White_dune (aka whitedune) 0.30.10 does not val ... | bookworm, bullseye, sid |
| whohas | CVE-2021-4258 | A vulnerability was found in whohas. It has been rated as problematic. ... | bookworm, bullseye, sid, trixie |
| wireshark | CVE-2024-4855 | Use after free issue in editcap could cause denial of service via craf ... | bullseye |
| CVE-2024-9780 | ITS dissector crash in Wireshark 4.4.0 allows denial of service via pa ... | bookworm, bullseye | |
| CVE-2024-9781 | AppleTalk and RELOAD Framing dissector crash in Wireshark 4.4.0 and 4. ... | bookworm, bullseye | |
| CVE-2025-1492 | Bundle Protocol and CBOR dissector crashes in Wireshark 4.4.0 to 4.4.3 ... | bookworm | |
| wkhtmltopdf | CVE-2022-35583 | wkhtmlTOpdf 0.12.6 is vulnerable to SSRF which allows an attacker to g ... | bookworm, bullseye |
| wolfssl | CVE-2023-6935 | wolfSSL SP Math All RSA implementation is vulnerable to the Marvin Att ... | bookworm, bullseye |
| wordpress | CVE-2006-0733 | Cross-site scripting (XSS) vulnerability in WordPress 2.0.0 allows rem ... | bookworm, bullseye, sid, trixie |
| CVE-2008-0191 | WordPress 2.2.x and 2.3.x allows remote attackers to obtain sensitive ... | bookworm, bullseye, sid, trixie | |
| CVE-2011-4898 | wp-admin/setup-config.php in the installation component in WordPress 3 ... | bookworm, bullseye, sid, trixie | |
| CVE-2011-4899 | wp-admin/setup-config.php in the installation component in WordPress 3 ... | bookworm, bullseye, sid, trixie | |
| CVE-2012-0782 | Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/setup- ... | bookworm, bullseye, sid, trixie | |
| CVE-2012-0937 | wp-admin/setup-config.php in the installation component in WordPress 3 ... | bookworm, bullseye, sid, trixie | |
| CVE-2012-5868 | WordPress 3.4.2 does not invalidate a wordpress_sec session cookie upo ... | bookworm, bullseye, sid, trixie | |
| CVE-2013-7233 | Cross-site request forgery (CSRF) vulnerability in the retrospam compo ... | bookworm, bullseye, sid, trixie | |
| CVE-2017-6514 | WordPress 4.7.2 mishandles listings of post authors, which allows remo ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-6389 | In WordPress through 4.9.2, unauthenticated attackers can cause a deni ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-14028 | In WordPress 4.9.7, plugins uploaded via the admin area are not verifi ... | bookworm, bullseye, sid, trixie | |
| wpa | CVE-2017-13084 | Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Sta ... | bookworm, bullseye, sid, trixie |
| CVE-2019-5062 | An exploitable denial-of-service vulnerability exists in the 802.11w s ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-30004 | In wpa_supplicant and hostapd 2.9, forging attacks may occur because A ... | bookworm, bullseye, sid, trixie | |
| wpewebkit | CVE-2023-32409 | The issue was addressed with improved bounds checks. This issue is fix ... | bookworm, bullseye |
| x264 | CVE-2025-25467 | Insufficient tracking and releasing of allocated used memory in libx26 ... | bookworm, bullseye, sid, trixie |
| xbindkeys-config | CVE-2014-9513 | Insecure use of temporary files in xbindkeys-config 0.1.3-2 allows rem ... | bookworm, bullseye |
| xdg-user-dirs | CVE-2017-15131 | It was found that system umask policy is not being honored when creati ... | bookworm, bullseye, sid, trixie |
| xen | CVE-2014-9066 | Xen 4.4.x and earlier, when using a large number of VCPUs, does not pr ... | bookworm, bullseye, sid, trixie |
| CVE-2021-28689 | x86: Speculative vulnerabilities with bare (non-shim) 32-bit PV guests ... | bookworm, bullseye, sid, trixie | |
| xerces-c | CVE-2012-0880 | Apache Xerces-C++ allows remote attackers to cause a denial of service ... | bookworm, bullseye, sid, trixie |
| xfig | CVE-2009-4228 | Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and earlie ... | bookworm, bullseye, sid, trixie |
| CVE-2023-45920 | Xfig v3.2.8 was discovered to contain a NULL pointer dereference when ... | bookworm, bullseye | |
| xloadimage | CVE-2006-4484 | Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in ... | bookworm, bullseye, sid, trixie |
| xorg-server | CVE-2022-3553 | A vulnerability, which was classified as problematic, was found in X.o ... | bullseye |
| xpdf | CVE-2010-0206 | xpdf allows remote attackers to cause a denial of service (NULL pointe ... | bookworm, bullseye, sid, trixie |
| CVE-2010-0207 | In xpdf, the xref table contains an infinite loop which allows remote ... | bookworm, bullseye, sid, trixie | |
| CVE-2013-4472 | The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 a ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-7173 | A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-7174 | An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref a ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-7175 | An issue was discovered in xpdf 4.00. A NULL pointer dereference in re ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-7452 | A NULL pointer dereference in JPXStream::fillReadBuf in JPXStream.cc i ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-7453 | Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-7454 | A NULL pointer dereference in XFAForm::scanFields in XFAForm.cc in xpd ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-7455 | An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xp ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-8100 | The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allo ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-8101 | The JPXStream::inverseTransformLevel function in JPXStream.cc in xpdf ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-8102 | The JBIG2MMRDecoder::getBlackCode function in JBIG2Stream.cc in xpdf 4 ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-8103 | The JBIG2Stream::readGenericBitmap function in JBIG2Stream.cc in xpdf ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-8104 | The BufStream::lookChar function in Stream.cc in xpdf 4.00 allows atta ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-8105 | The JPXStream::fillReadBuf function in JPXStream.cc in xpdf 4.00 allow ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-8106 | The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00 ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-8107 | The JPXStream::close function in JPXStream.cc in xpdf 4.00 allows atta ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-11033 | The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-16368 | SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-16369 | XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-18454 | CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote atta ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-18455 | The GfxImageColorMap class in GfxState.cc in Xpdf 4.00 allows remote a ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-18456 | The function Object::isName() in Object.h (called from Gfx::opSetFillC ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-18457 | The function DCTStream::readScan in Stream.cc in Xpdf 4.00 allows remo ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-18458 | The function DCTStream::decodeImage in Stream.cc in Xpdf 4.00 allows r ... | bookworm, bullseye, sid, trixie | |
| CVE-2018-18459 | The function DCTStream::getBlock in Stream.cc in Xpdf 4.00 allows remo ... | bookworm, bullseye, sid, trixie | |
| xserver-xorg-video-nouveau | CVE-2018-3979 | A remote denial-of-service vulnerability exists in the way the Nouveau ... | bookworm, bullseye, sid, trixie |
| xterm | CVE-2006-4447 | X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtran ... | bookworm, bullseye, sid, trixie |
| CVE-2023-40359 | xterm before 380 supports ReGIS reporting for character-set names even ... | bookworm, bullseye | |
| yabasic | CVE-2019-19720 | Yabasic 2.86.1 has a heap-based buffer overflow in the yylex() functio ... | bookworm, bullseye, sid, trixie |
| CVE-2019-19796 | Yabasic 2.86.2 has a heap-based buffer overflow in myformat in functio ... | bookworm, bullseye, sid, trixie | |
| yara | CVE-2019-19648 | In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, ... | bookworm, bullseye, sid, trixie |
| yasm | CVE-2021-33454 | An issue was discovered in yasm version 1.3.0. There is a NULL pointer ... | bookworm, bullseye, sid, trixie |
| CVE-2021-33455 | An issue was discovered in yasm version 1.3.0. There is a NULL pointer ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-33456 | An issue was discovered in yasm version 1.3.0. There is a NULL pointer ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-33457 | An issue was discovered in yasm version 1.3.0. There is a NULL pointer ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-33458 | An issue was discovered in yasm version 1.3.0. There is a NULL pointer ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-33459 | An issue was discovered in yasm version 1.3.0. There is a NULL pointer ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-33460 | An issue was discovered in yasm version 1.3.0. There is a NULL pointer ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-33461 | An issue was discovered in yasm version 1.3.0. There is a use-after-fr ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-33462 | An issue was discovered in yasm version 1.3.0. There is a use-after-fr ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-33463 | An issue was discovered in yasm version 1.3.0. There is a NULL pointer ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-33465 | An issue was discovered in yasm version 1.3.0. There is a NULL pointer ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-33466 | An issue was discovered in yasm version 1.3.0. There is a NULL pointer ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-33467 | An issue was discovered in yasm version 1.3.0. There is a use-after-fr ... | bookworm, bullseye, sid, trixie | |
| CVE-2021-33468 | An issue was discovered in yasm version 1.3.0. There is a use-after-fr ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-29580 | yasm 1.3.0.55.g101bc was discovered to contain a segmentation violatio ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-29581 | yasm 1.3.0.55.g101bc has a segmentation violation in the function dele ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-29582 | yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via th ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-29583 | yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via th ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-30402 | YASM v1.3.0 was discovered to contain a heap overflow via the function ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-31723 | yasm 1.3.0.55.g101bc was discovered to contain a segmentation violatio ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-31724 | yasm 1.3.0.55.g101bc was discovered to contain a segmentation violatio ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-31725 | yasm 1.3.0.55.g101bc was discovered to contain a heap-use-after-free v ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-31972 | yasm v1.3.0 was discovered to contain a use after free via the functio ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-31973 | yasm v1.3.0 was discovered to contain a use after free via the functio ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-31974 | yasm v1.3.0 was discovered to contain a use after free via the functio ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-31975 | yasm v1.3.0 was discovered to contain a memory leak via the function y ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-37732 | Yasm v1.3.0.78 was found prone to NULL Pointer Dereference in /libyasm ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-49554 | Use After Free vulnerability in YASM 1.3.0.86.g9def allows a remote at ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-49555 | An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a de ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-49556 | Buffer Overflow vulnerability in YASM 1.3.0.86.g9def allows a remote a ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-49557 | An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a de ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-49558 | An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a de ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-51258 | A memory leak issue discovered in YASM v.1.3.0 allows a local attacker ... | bookworm, bullseye, sid, trixie | |
| yaws | CVE-2009-4495 | Yaws 1.85 writes data to a log file without sanitizing non-printable c ... | bookworm, bullseye, sid, trixie |
| youtube-dl | CVE-2024-38519 | `yt-dlp` and `youtube-dl` are command-line audio/video downloaders. Pr ... | bookworm, bullseye, bookworm |
| zabbix | CVE-2023-29453 | Templates do not properly consider backticks (`) as Javascript string ... | bookworm, bullseye |
| zangband | CVE-2021-40589 | ZAngband zangband-data 2.7.5 is affected by an integer underflow vulne ... | bookworm, bullseye, sid, trixie |
| zip | CVE-2018-13410 | Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, a ... | bookworm, bullseye |
| zoneminder | CVE-2019-7350 | Session fixation exists in ZoneMinder through 1.32.3, as an attacker c ... | bookworm, bullseye, sid, trixie |
| CVE-2019-7351 | Log Injection exists in ZoneMinder through 1.32.3, as an attacker can ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-8423 | ZoneMinder through 1.32.3 has SQL Injection via the skins/classic/view ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-8425 | includes/database.php in ZoneMinder before 1.32.3 has XSS in the const ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-8427 | daemonControl in includes/functions.php in ZoneMinder before 1.32.3 al ... | bookworm, bullseye, sid, trixie | |
| CVE-2019-8429 | ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php fil ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-1726 | Bootstrap Tables XSS vulnerability with Table Export plug-in when expo ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-29806 | ZoneMinder before 1.36.13 allows remote code execution via an invalid ... | bullseye | |
| CVE-2022-30768 | A Stored Cross Site Scripting (XSS) issue in ZoneMinder 1.36.12 allows ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-30769 | Session fixation exists in ZoneMinder through 1.36.12 as an attacker c ... | bookworm, bullseye, sid, trixie | |
| CVE-2022-39285 | ZoneMinder is a free, open source Closed-circuit television software a ... | bullseye | |
| CVE-2022-39289 | ZoneMinder is a free, open source Closed-circuit television software a ... | bullseye | |
| CVE-2022-39290 | ZoneMinder is a free, open source Closed-circuit television software a ... | bullseye | |
| CVE-2022-39291 | ZoneMinder is a free, open source Closed-circuit television software a ... | bullseye | |
| CVE-2023-25825 | ZoneMinder is a free, open source Closed-circuit television software a ... | bullseye | |
| CVE-2023-26032 | ZoneMinder is a free, open source Closed-circuit television software a ... | bullseye | |
| CVE-2023-26034 | ZoneMinder is a free, open source Closed-circuit television software a ... | bullseye | |
| CVE-2023-26035 | ZoneMinder is a free, open source Closed-circuit television software a ... | bullseye | |
| CVE-2023-26036 | ZoneMinder is a free, open source Closed-circuit television software a ... | bullseye | |
| CVE-2023-26037 | ZoneMinder is a free, open source Closed-circuit television software a ... | bullseye | |
| CVE-2023-26038 | ZoneMinder is a free, open source Closed-circuit television software a ... | bullseye | |
| CVE-2023-26039 | ZoneMinder is a free, open source Closed-circuit television software a ... | bullseye | |
| CVE-2023-31493 | RCE (Remote Code Execution) exists in ZoneMinder through 1.36.33 as an ... | bookworm, bullseye, sid, trixie | |
| CVE-2023-41884 | ZoneMinder is a free, open source Closed-circuit television software a ... | bookworm, bullseye | |
| CVE-2024-43358 | ZoneMinder is a free, open source closed-circuit television software a ... | bookworm, bullseye | |
| CVE-2024-43359 | ZoneMinder is a free, open source closed-circuit television software a ... | bookworm, bullseye | |
| CVE-2024-43360 | ZoneMinder is a free, open source closed-circuit television software a ... | bookworm, bullseye | |
| zoph | CVE-2014-9235 | Multiple SQL injection vulnerabilities in Zoph (aka Zoph Organizes Pho ... | bookworm, bullseye, sid, trixie |
| CVE-2014-9236 | Cross-site scripting (XSS) vulnerability in php/edit_photos.php in Zop ... | bookworm, bullseye, sid, trixie | |
| zziplib | CVE-2018-6542 | In ZZIPlib 0.13.67, there is a bus error (when handling a disk64_trail ... | bookworm, bullseye, sid, trixie |
| CVE-2018-7727 | An issue was discovered in ZZIPlib 0.13.68. There is a memory leak tri ... | bookworm, bullseye, sid, trixie | |
| zziplib | CVE-2018-17828 | Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers ... | bookworm, bullseye, sid, trixie |