Packages that have open unimportant issues

This page lists packages that are affected by issues that are considered unimportant from a security perspective. These issues are thought to be unexploitable or uneffective in most situations (for example, browser denial-of-services).

Package	Bug	Description	Releases
389-ds-base	CVE-2016-5416	389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, ...	bookworm, bullseye, sid, trixie
7zip	CVE-2022-47111	7-Zip 22.01 does not report an error for certain invalid xz files, inv ...	bookworm, sid, trixie
	CVE-2022-47112	7-Zip 22.01 does not report an error for certain invalid xz files, inv ...	bookworm, sid, trixie
	CVE-2024-11612	7-Zip CopyCoder Infinite Loop Denial-of-Service Vulnerability. This vu ...	bookworm
	CVE-2025-53817	7-Zip is a file archiver with a high compression ratio. 7-Zip supports ...	bookworm, trixie
9base	CVE-2014-1935	9base 1:6-6 and 1:6-7 insecurely creates temporary files which results ...	bookworm, bullseye, sid, trixie
abcm2ps	CVE-2021-32434	abcm2ps v8.14.11 was discovered to contain an out-of-bounds read in th ...	bullseye
	CVE-2021-32436	An out-of-bounds read in the function write_title() in subs.c of abcm2 ...	bullseye
abiword	CVE-2017-17529	af/util/xp/ut_go_file.cpp in AbiWord 3.0.2-2 does not validate strings ...	bookworm, bullseye, sid, trixie
acpica-unix	CVE-2024-24856	The memory allocation function ACPI_ALLOCATE_ZEROED does not guarantee ...	bookworm, bullseye, sid, trixie
advancecomp	CVE-2022-35014	Advancecomp v2.3 contains a segmentation fault.	bullseye
	CVE-2022-35015	Advancecomp v2.3 was discovered to contain a heap buffer overflow via ...	bullseye
	CVE-2022-35016	Advancecomp v2.3 was discovered to contain a heap buffer overflow.	bullseye
	CVE-2022-35017	Advancecomp v2.3 was discovered to contain a heap buffer overflow.	bullseye
	CVE-2022-35018	Advancecomp v2.3 was discovered to contain a segmentation fault.	bullseye
	CVE-2022-35020	Advancecomp v2.3 was discovered to contain a heap buffer overflow via ...	bullseye
	CVE-2023-2961	A segmentation fault flaw was found in the Advancecomp package. This m ...	bullseye
amarok	CVE-2020-13152	A remote user can create a specially crafted M3U file, media playlist ...	sid, trixie
amd64-microcode	CVE-2024-36348	A transient execution vulnerability in some AMD processors may allow a ...	bookworm, bullseye, sid, trixie
	CVE-2024-36349	A transient execution vulnerability in some AMD processors may allow a ...	bookworm, bullseye, sid, trixie
android-framework-23	CVE-2017-0752	A elevation of privilege vulnerability in the Android framework (windo ...	bullseye, sid
	CVE-2017-0822	An elevation of privilege vulnerability in the Android system (camera) ...	bullseye, sid
android-platform-frameworks-base	CVE-2021-39796	In HarmfulAppWarningActivity of HarmfulAppWarningActivity.java, there ...	bookworm, bullseye, sid, trixie
	CVE-2022-20011	In getArray of NotificationManagerService.java , there is a possible l ...	bookworm, bullseye, sid, trixie
android-platform-frameworks-native	CVE-2015-3875	libutils in Android before 5.1.1 LMY48T allows remote attackers to exe ...	bookworm, bullseye, sid
	CVE-2015-6602	libutils in Android through 5.1.1 LMY48M allows remote attackers to ex ...	bookworm, bullseye, sid
	CVE-2015-6609	libutils in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allo ...	bookworm, bullseye, sid
android-platform-system-core	CVE-2012-5564	android-tools 4.1.1 in Android Debug Bridge (ADB) allows local users t ...	bullseye
	CVE-2017-0841	A remote code execution vulnerability in the Android system (libutils) ...	bullseye
anjuta	CVE-2021-42522	There is a Information Disclosure vulnerability in anjuta/plugins/docu ...	bookworm, bullseye
ansible	CVE-2020-1734	A flaw was found in the pipe lookup plugin of ansible. Arbitrary comma ...	bookworm, bullseye, sid, trixie
	CVE-2020-1736	A flaw was found in Ansible Engine when a file is moved using atomic_m ...	bookworm, bullseye, sid, trixie
	CVE-2020-1738	A flaw was found in Ansible Engine when the module package or service ...	bookworm, bullseye, sid, trixie
ant	CVE-2021-36373	When reading a specially crafted TAR archive an Apache Ant build can b ...	bullseye
	CVE-2021-36374	When reading a specially crafted ZIP archive, or a derived formats, an ...	bullseye
apache2	CVE-2001-1534	mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's u ...	bookworm, bullseye, sid, trixie
	CVE-2003-1307	The mod_php module for the Apache HTTP Server allows local users with ...	bookworm, bullseye, sid, trixie
	CVE-2003-1580	The Apache HTTP Server 2.0.44, when DNS resolution is enabled for clie ...	bookworm, bullseye, sid, trixie
	CVE-2003-1581	The Apache HTTP Server 2.0.44, when DNS resolution is enabled for clie ...	bookworm, bullseye, sid, trixie
	CVE-2007-0086	The Apache HTTP Server, when accessed through a TCP connection with a ...	bookworm, bullseye, sid, trixie
	CVE-2007-1743	suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combination ...	bookworm, bullseye, sid, trixie
	CVE-2007-3303	Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows loc ...	bookworm, bullseye, sid, trixie
	CVE-2008-0456	CRLF injection vulnerability in the mod_negotiation module in the Apac ...	bookworm, bullseye, sid, trixie
apparmor	CVE-2016-1585	In all versions of AppArmor mount rules are accidentally widened when ...	bookworm, bullseye
apt	CVE-2011-3374	It was found that apt-key in apt, all versions, do not correctly valid ...	bookworm, bullseye, sid, trixie
apt-setup	CVE-2005-2214	apt-setup in Debian GNU/Linux installs the apt.conf file with insecure ...	bookworm, bullseye, sid, trixie
arm-trusted-firmware	CVE-2022-47630	Trusted Firmware-A through 2.8 has an out-of-bounds read in the X.509 ...	bookworm, bullseye
	CVE-2024-6285	Integer Underflow (Wrap or Wraparound) vulnerability in Renesas arm-tr ...	bookworm, bullseye, sid, trixie
	CVE-2024-6287	Incorrect Calculation vulnerability in Renesas arm-trusted-firmware al ...	bookworm, bullseye, sid, trixie
asn1c	CVE-2017-12966	The asn1f_lookup_symbol_impl function in asn1fix_retrieve.c in libasn1 ...	bookworm, bullseye, sid, trixie
	CVE-2020-23910	Stack-based buffer overflow vulnerability in asn1c through v0.9.28 via ...	bookworm, bullseye, sid, trixie
	CVE-2020-23911	An issue was discovered in asn1c through v0.9.28. A NULL pointer deref ...	bookworm, bullseye, sid, trixie
asterisk	CVE-2024-57520	Insecure Permissions vulnerability in asterisk v22 allows a remote att ...	bullseye
audiofile	CVE-2022-24599	In autofile Audio File Library 0.3.6, there exists one memory leak vul ...	bullseye
awffull	CVE-2007-0510	Multiple buffer overflows in (1) graphs.c, (2) output.c, and (3) prese ...	bookworm, bullseye, sid, trixie
awstats	CVE-2018-10245	A Full Path Disclosure vulnerability in AWStats through 7.6 allows rem ...	bookworm, bullseye, sid, trixie
axis	CVE-2007-2353	Apache Axis 1.0 allows remote attackers to obtain sensitive informatio ...	bookworm, bullseye, sid, trixie
	CVE-2019-0227	A Server Side Request Forgery (SSRF) vulnerability affected the Apache ...	bookworm, bullseye, sid, trixie
bash	TEMP-0841856-B18BAF	Privilege escalation possible to other user than root	bookworm, bullseye, sid, trixie
bash-completion	CVE-2018-7738	In util-linux before 2.32-rc1, bash-completion/umount allows local use ...	bookworm, bullseye, sid, trixie
beaker	CVE-2013-7489	The Beaker library through 1.11.0 for Python is affected by deserializ ...	bookworm, bullseye, sid, trixie
berkeley-abc	CVE-2025-45333	berkeley-abc abc 1.1 contains a Null Pointer Dereference (NPD) vulnera ...	bookworm, bullseye
binaryen	CVE-2021-45290	A Denial of Service vulnerability exits in Binaryen 103 due to an asse ...	bullseye
	CVE-2021-45293	A Denial of Service vulnerability exists in Binaryen 103 due to an Inv ...	bullseye
	CVE-2021-46048	A Denial of Service vulnerability exists in Binaryen 104 due to an ass ...	bookworm, bullseye, sid, trixie
	CVE-2021-46050	A Stack Overflow vulnerability exists in Binaryen 103 via the printf_c ...	bookworm, bullseye, sid, trixie
	CVE-2021-46052	A Denial of Service vulnerability exists in Binaryen 104 due to an ass ...	bookworm, bullseye, sid, trixie
	CVE-2021-46053	A Denial of Service vulnerability exists in Binaryen 103. The program ...	bookworm, bullseye, sid, trixie
	CVE-2021-46054	A Denial of Service vulnerability exists in Binaryen 104 due to an ass ...	bookworm, bullseye, sid, trixie
	CVE-2021-46055	A Denial of Service vulnerability exists in Binaryen 104 due to an ass ...	bookworm, bullseye, sid, trixie
binutils	CVE-2017-13716	The C++ symbol demangler routine in cplus-dem.c in libiberty, as distr ...	bookworm, bullseye, sid, trixie
	CVE-2018-9996	An issue was discovered in cplus-dem.c in GNU libiberty, as distribute ...	bookworm, bullseye, sid, trixie
	CVE-2018-20673	The demangle_template function in cplus-dem.c in GNU libiberty, as dis ...	bookworm, bullseye, sid, trixie
	CVE-2018-20712	A heap-based buffer over-read exists in the function d_expression_1 in ...	bookworm, bullseye, sid, trixie
	CVE-2019-1010204	GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is aff ...	bullseye
	CVE-2020-19726	An issue was discovered in binutils libbfd.c 2.36 relating to the auxi ...	bullseye
	CVE-2020-35448	An issue was discovered in the Binary File Descriptor (BFD) library (a ...	bullseye
	CVE-2021-3530	A flaw was discovered in GNU libiberty within demangle_path() in rust- ...	bullseye
	CVE-2021-3549	An out of bounds flaw was found in GNU binutils objdump utility versio ...	bullseye
	CVE-2021-3826	Heap/stack buffer overflow in the dlang_lname function in d-demangle.c ...	bullseye
	CVE-2021-20197	There is an open race window when writing output in the following util ...	bullseye
	CVE-2021-20284	A flaw was found in GNU Binutils 2.35.1, where there is a heap-based b ...	bullseye
	CVE-2021-32256	An issue was discovered in GNU libiberty, as distributed in GNU Binuti ...	bookworm, bullseye, sid, trixie
	CVE-2021-45078	stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows ...	bullseye
	CVE-2021-46174	Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump ...	bullseye
	CVE-2021-46195	GCC v12.0 was discovered to contain an uncontrolled recursion via the ...	bullseye
	CVE-2022-4285	An illegal memory access flaw was found in the binutils package. Parsi ...	bullseye
	CVE-2022-35205	An issue was discovered in Binutils readelf 2.38.50, reachable asserti ...	bullseye
	CVE-2022-35206	Null pointer dereference vulnerability in Binutils readelf 2.38.50 via ...	bullseye
	CVE-2022-38533	In GNU Binutils before 2.40, there is a heap-buffer-overflow in the er ...	bullseye
	CVE-2022-44840	Heap buffer overflow vulnerability in binutils readelf before 2.40 via ...	bullseye
	CVE-2022-45703	Heap buffer overflow vulnerability in binutils readelf before 2.40 via ...	bullseye
	CVE-2022-47007	An issue was discovered function stab_demangle_v3_arg in stabs.c in Bi ...	bullseye
	CVE-2022-47008	An issue was discovered function make_tempdir, and make_tempname in bu ...	bullseye
	CVE-2022-47010	An issue was discovered function pr_function_type in prdbg.c in Binuti ...	bullseye
	CVE-2022-47011	An issue was discovered function parse_stab_struct_fields in stabs.c i ...	bullseye
	CVE-2022-47673	An issue was discovered in Binutils addr2line before 2.39.3, function ...	bullseye
	CVE-2022-47695	An issue was discovered Binutils objdump before 2.39.3 allows attacker ...	bullseye
	CVE-2022-47696	An issue was discovered Binutils objdump before 2.39.3 allows attacker ...	bullseye
	CVE-2022-48063	GNU Binutils before 2.40 was discovered to contain an excessive memory ...	bullseye
	CVE-2022-48064	GNU Binutils before 2.40 was discovered to contain an excessive memory ...	bullseye
	CVE-2022-48065	GNU Binutils before 2.40 was discovered to contain a memory leak vulne ...	bullseye
	CVE-2023-1579	Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64.	bullseye
	CVE-2023-1972	A potential heap based buffer overflow was found in _bfd_elf_slurp_ver ...	bookworm, bullseye
	CVE-2023-25584	An out-of-bounds read flaw was found in the parse_module function in b ...	bullseye
	CVE-2023-25585	A flaw was found in Binutils. The use of an uninitialized field in the ...	bullseye
	CVE-2023-25586	A flaw was found in Binutils. A logic fail in the bfd_init_section_dec ...	bullseye
	CVE-2023-25588	A flaw was found in Binutils. The field `the_bfd` of `asymbol`struct i ...	bullseye
	CVE-2024-53589	GNU objdump 2.43 is vulnerable to Buffer Overflow in the BFD (Binary F ...	bookworm, bullseye
	CVE-2024-57360	https://www.gnu.org/software/binutils/ nm >=2.43 is affected by: Incor ...	bookworm, bullseye
	CVE-2025-0840	A vulnerability, which was classified as problematic, was found in GNU ...	bookworm, bullseye
	CVE-2025-1147	A vulnerability has been found in GNU Binutils 2.43 and classified as ...	bookworm, bullseye, sid, trixie
	CVE-2025-1148	A vulnerability was found in GNU Binutils 2.43 and classified as probl ...	bookworm, bullseye, sid, trixie
	CVE-2025-1149	A vulnerability was found in GNU Binutils 2.43. It has been classified ...	bookworm, bullseye, sid, trixie
	CVE-2025-1150	A vulnerability was found in GNU Binutils 2.43. It has been declared a ...	bookworm, bullseye, sid, trixie
	CVE-2025-1151	A vulnerability was found in GNU Binutils 2.43. It has been rated as p ...	bookworm, bullseye, sid, trixie
	CVE-2025-1152	A vulnerability classified as problematic has been found in GNU Binuti ...	bookworm, bullseye, sid, trixie
	CVE-2025-1153	A vulnerability classified as problematic was found in GNU Binutils 2. ...	bookworm, bullseye, sid, trixie
	CVE-2025-1176	A vulnerability was found in GNU Binutils 2.43 and classified as criti ...	bookworm, bullseye, sid, trixie
	CVE-2025-1178	A vulnerability was found in GNU Binutils 2.43. It has been declared a ...	bookworm, bullseye, sid, trixie
	CVE-2025-1179	A vulnerability was found in GNU Binutils 2.43. It has been rated as c ...	bookworm, bullseye
	CVE-2025-1180	A vulnerability classified as problematic has been found in GNU Binuti ...	bookworm, bullseye, sid, trixie
	CVE-2025-1181	A vulnerability classified as critical was found in GNU Binutils 2.43. ...	bookworm, bullseye, sid, trixie
	CVE-2025-1182	A vulnerability, which was classified as critical, was found in GNU Bi ...	bookworm, bullseye, sid, trixie
	CVE-2025-3198	A vulnerability has been found in GNU Binutils 2.43/2.44 and classifie ...	bookworm, bullseye, sid, trixie
	CVE-2025-5244	A vulnerability was found in GNU Binutils up to 2.44. It has been rate ...	bookworm, bullseye, sid, trixie
	CVE-2025-5245	A vulnerability classified as critical has been found in GNU Binutils ...	bookworm, bullseye, sid, trixie
	CVE-2025-7545	A vulnerability classified as problematic was found in GNU Binutils 2. ...	bookworm, bullseye, sid, trixie
	CVE-2025-7546	A vulnerability, which was classified as problematic, has been found i ...	bookworm, bullseye, sid, trixie
binwalk	CVE-2021-4287	A vulnerability, which was classified as problematic, was found in ReF ...	bullseye
blender	CVE-2005-3151	Buffer overflow in blenderplay in Blender Player 2.37a allows attacker ...	bookworm, bullseye, sid, trixie
	CVE-2009-3850	Blender 2.34, 2.35a, 2.40, and 2.49b allows remote attackers to execut ...	bookworm, bullseye, sid, trixie
	CVE-2010-5105	The undo save quit routine in the kernel in Blender 2.5, 2.63a, and ea ...	bookworm, bullseye, sid, trixie
	CVE-2022-2832	A flaw was found in Blender 3.3.0. A null pointer dereference exists i ...	bookworm, bullseye, sid, trixie
	CVE-2022-2833	Endless Infinite loop in Blender-thumnailing due to logical bugs.	bullseye
bluez	CVE-2016-9797	In BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" functio ...	bookworm, bullseye, sid, trixie
	CVE-2016-9798	In BlueZ 5.42, a use-after-free was identified in "conf_opt" function ...	bookworm, bullseye, sid, trixie
	CVE-2016-9799	In BlueZ 5.42, a buffer overflow was observed in "pklg_read_hci" funct ...	bookworm, bullseye, sid, trixie
	CVE-2016-9800	In BlueZ 5.42, a buffer overflow was observed in "pin_code_reply_dump" ...	bookworm, bullseye, sid, trixie
	CVE-2016-9801	In BlueZ 5.42, a buffer overflow was observed in "set_ext_ctrl" functi ...	bookworm, bullseye, sid, trixie
	CVE-2016-9802	In BlueZ 5.42, a buffer over-read was identified in "l2cap_packet" fun ...	bookworm, bullseye, sid, trixie
	CVE-2016-9803	In BlueZ 5.42, an out-of-bounds read was observed in "le_meta_ev_dump" ...	bookworm, bullseye, sid, trixie
	CVE-2016-9804	In BlueZ 5.42, a buffer overflow was observed in "commands_dump" funct ...	bookworm, bullseye, sid, trixie
	CVE-2016-9917	In BlueZ 5.42, a buffer overflow was observed in "read_n" function in ...	bookworm, bullseye, sid, trixie
	CVE-2016-9918	In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump ...	bookworm, bullseye, sid, trixie
bochs	CVE-2007-2894	The emulated floppy disk controller in Bochs 2.3 allows local users of ...	bookworm, bullseye, sid, trixie
botan	CVE-2024-50382	Botan before 3.6.0, when certain LLVM versions are used, has compiler- ...	bookworm, bullseye
bpfcc	CVE-2024-2314	If kernel headers need to be extracted, bcc will attempt to load them ...	bookworm, bullseye
bpftrace	CVE-2024-2313	If kernel headers need to be extracted, bpftrace will attempt to load ...	bookworm, bullseye
brandy	CVE-2019-14662	Brandy 1.20.1 has a stack-based buffer overflow in fileio_openout in f ...	bullseye
	CVE-2019-14663	Brandy 1.20.1 has a stack-based buffer overflow in fileio_openin in fi ...	bullseye
	CVE-2019-14665	Brandy 1.20.1 has a heap-based buffer overflow in define_array in vari ...	bullseye
	CVE-2020-27372	A buffer overflow vulnerability exists in Brandy Basic V Interpreter 1 ...	bookworm, bullseye, sid, trixie
budgie-extras	CVE-2023-49347	Temporary data passed between application components by Budgie Extras ...	bookworm, bullseye
busybox	CVE-2018-1000500	Busybox contains a Missing SSL certificate validation vulnerability in ...	bookworm, bullseye, sid, trixie
	CVE-2021-42373	A NULL pointer dereference in Busybox's man applet leads to denial of ...	bullseye
	CVE-2021-42375	An incorrect handling of a special element in Busybox's ash applet lea ...	bullseye
	CVE-2021-42376	A NULL pointer dereference in Busybox's hush applet leads to denial of ...	bullseye
	CVE-2021-42377	An attacker-controlled pointer free in Busybox's hush applet leads to ...	bullseye
	CVE-2022-30065	A use-after-free in Busybox 1.35-x's awk applet leads to denial of ser ...	bookworm, bullseye
bwa	CVE-2019-11371	BWA (aka Burrow-Wheeler Aligner) 0.7.17 r1198 has a Buffer Overflow vi ...	bookworm, bullseye, sid, trixie
byobu	CVE-2019-7306	Byobu Apport hook may disclose sensitive information since it automati ...	bookworm, bullseye, sid, trixie
byzanz	CVE-2015-2785	The GIF encoder in Byzanz allows remote attackers to cause a denial of ...	bookworm, bullseye, sid, trixie
bzip3	CVE-2023-29417	An issue was discovered in libbzip3.a in bzip3 1.2.2. There is a bz3_d ...	bookworm, sid, trixie
c-ares	CVE-2023-31124	c-ares is an asynchronous resolver library. When cross-compiling c-are ...	bookworm, bullseye
	CVE-2023-31147	c-ares is an asynchronous resolver library. When /dev/urandom or RtlGe ...	bookworm, bullseye
cacti	CVE-2020-7058	data_input.php in Cacti 1.2.8 allows remote code execution via a craft ...	bookworm, bullseye, sid, trixie
	CVE-2022-48538	In Cacti 1.2.19, there is an authentication bypass in the web login fu ...	bullseye
cadaver	CVE-2009-3560	The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, a ...	bookworm, bullseye, sid, trixie
	CVE-2009-3720	The updatePosition function in lib/xmltok_impl.c in libexpat in Expat ...	bookworm, bullseye, sid, trixie
cairo	CVE-2018-18064	cairo through 1.15.14 has an out-of-bounds stack-memory write during p ...	bookworm, bullseye, sid, trixie
catdoc	CVE-2018-20451	The process_file function in reader.c in libdoc through 2017-10-23 has ...	bookworm, bullseye, sid, trixie
	CVE-2018-20453	The getlong function in numutils.c in libdoc through 2017-10-23 has a ...	bookworm, bullseye, sid, trixie
	CVE-2019-7156	In libdoc through 2019-01-28, calcFileBlockOffset in ole.c allows divi ...	bookworm, bullseye, sid, trixie
	CVE-2019-7233	In libdoc through 2019-01-28, doc2text in catdoc.c has a NULL pointer ...	bookworm, bullseye, sid, trixie
	CVE-2023-31979	Catdoc v0.95 was discovered to contain a global buffer overflow via th ...	bookworm, bullseye, sid, trixie
	CVE-2023-41633	Catdoc v0.95 was discovered to contain a NULL pointer dereference via ...	bookworm, bullseye, sid, trixie
	CVE-2023-46345	Catdoc v0.95 was discovered to contain a NULL pointer dereference via ...	bookworm, bullseye, sid, trixie
cflow	CVE-2019-16165	GNU cflow through 1.6 has a use-after-free in the reference function i ...	bullseye
	CVE-2019-16166	GNU cflow through 1.6 has a heap-based buffer over-read in the nexttok ...	bullseye
	CVE-2020-23856	Use-after-Free vulnerability in cflow 1.6 in the void call(char *name, ...	bullseye
	CVE-2023-2789	A vulnerability was found in GNU cflow 1.7. It has been rated as probl ...	bookworm, bullseye, sid, trixie
chafa	CVE-2022-1507	chafa: NULL Pointer Dereference in function gif_internal_decode_frame ...	bullseye
	CVE-2022-2061	Heap-based Buffer Overflow in GitHub repository hpjansson/chafa prior ...	bullseye
	CVE-2022-2301	Buffer Over-read in GitHub repository hpjansson/chafa prior to 1.10.3.	bullseye
checkinstall	CVE-2020-25031	checkinstall 1.6.2, when used to create a package that contains a syml ...	bookworm, bullseye, sid, trixie
cifs-utils	CVE-2014-2830	Stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils ...	bookworm, bullseye, sid, trixie
cimg	CVE-2018-7587	An issue was discovered in CImg v.220. DoS occurs when loading a craft ...	bookworm, bullseye, sid, trixie
civetweb	CVE-2020-27304	The CivetWeb web library does not validate uploaded filepaths when run ...	bullseye
ckeditor	CVE-2023-4771	A Cross-Site scripting vulnerability has been found in CKSource CKEdit ...	bookworm, bullseye, sid
	CVE-2024-43411	CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. ...	sid
ckeditor3	CVE-2018-17960	CKEditor 4.x before 4.11.0 allows user-assisted XSS involving a source ...	bookworm, bullseye
	CVE-2024-24816	CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. ...	bookworm, bullseye
clementine	CVE-2018-14332	An issue was discovered in Clementine Music Player 1.3.1. Clementine.e ...	bookworm, bullseye, sid, trixie
	CVE-2021-40826	Clementine Music Player through 1.3.1 is vulnerable to a User Mode Wri ...	bookworm, bullseye, sid, trixie
	CVE-2021-40827	Clementine Music Player through 1.3.1 (when a GLib 2.0.0 DLL is used) ...	bookworm, bullseye, sid, trixie
coin3	CVE-2009-3560	The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, a ...	bookworm, bullseye, sid, trixie
	CVE-2009-3720	The updatePosition function in lib/xmltok_impl.c in libexpat in Expat ...	bookworm, bullseye, sid, trixie
colord	CVE-2021-42523	There are two Information Disclosure vulnerabilities in colord, and th ...	bullseye
colpack	CVE-2024-55566	ColPack 1.0.10 through 9a7293a has a predictable temporary file (locat ...	bookworm, bullseye, sid, trixie
configobj	CVE-2023-26112	All versions of the package configobj are vulnerable to Regular Expres ...	bookworm, bullseye
context	CVE-2017-17513	TeX Live through 20170524 does not validate strings before launching t ...	bookworm, bullseye, sid, trixie
coreboot	CVE-2022-29264	An issue was discovered in coreboot 4.13 through 4.16. On APs, arbitra ...	bookworm, sid, trixie
coreutils	CVE-2017-18018	In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does no ...	bookworm, bullseye, sid, trixie
	CVE-2025-5278	A flaw was found in GNU Coreutils. The sort utility's begfield() funct ...	bookworm, bullseye, sid, trixie
courier	CVE-2004-2313	Inter7 SqWebMail 3.4.1 through 3.6.1 generates different error message ...	bookworm, bullseye, sid, trixie
	CVE-2005-1308	SqWebMail allows remote attackers to inject arbitrary web script or HT ...	bookworm, bullseye, sid, trixie
cppcheck	CVE-2023-39070	An issue in Cppcheck 2.12 dev allows a local attacker to execute arbit ...	bookworm, bullseye, sid, trixie
crasm	CVE-2023-23108	In crasm 1.8-3, invalid input validation, specific files passed to the ...	bookworm, bullseye, sid, trixie
	CVE-2023-23109	In crasm 1.8-3, invalid input validation, specific files passed to the ...	bookworm, bullseye, sid, trixie
ctn	CVE-2008-5146	add-accession-numbers in ctn 3.0.6 allows local users to overwrite arb ...	bookworm, bullseye, sid, trixie
cups	CVE-2014-8166	The browsing feature in the server in CUPS does not filter ANSI escape ...	bookworm, bullseye, sid, trixie
curl	CVE-2021-22922	When curl is instructed to download content using the metalink feature ...	bullseye
	CVE-2021-22923	When curl is instructed to get content using the metalink feature, and ...	bullseye
	CVE-2023-28320	A denial of service vulnerability exists in curl <v8.1.0 in the way li ...	bullseye
	CVE-2024-2379	libcurl skips the certificate verification for a QUIC connection under ...	bookworm, bullseye
	CVE-2025-0725	When libcurl is asked to perform automatic gzip decompression of conte ...	bookworm, bullseye
cvc5	CVE-2024-37794	Improper input validation in CVC5 Solver v1.1.3 allows attackers to ca ...	bookworm, sid, trixie
	CVE-2024-37795	A segmentation fault in CVC5 Solver v1.1.3 allows attackers to cause a ...	bookworm, sid, trixie
db4o	CVE-2012-6550	Cross-site scripting (XSS) vulnerability in ZeroClipboard before 1.1.4 ...	bookworm, bullseye
	CVE-2013-1808	Cross-site scripting (XSS) vulnerability in ZeroClipboard.swf and Zero ...	bookworm, bullseye
	CVE-2014-1869	Multiple cross-site scripting (XSS) vulnerabilities in ZeroClipboard.s ...	bookworm, bullseye
dcraw	CVE-2018-19565	A buffer over-read in crop_masked_pixels in dcraw through 9.28 could b ...	bookworm, bullseye, sid, trixie
	CVE-2018-19566	A heap buffer over-read in parse_tiff_ifd in dcraw through 9.28 could ...	bookworm, bullseye, sid, trixie
	CVE-2018-19567	A floating point exception in parse_tiff_ifd in dcraw through 9.28 cou ...	bookworm, bullseye, sid, trixie
	CVE-2018-19568	A floating point exception in kodak_radc_load_raw in dcraw through 9.2 ...	bookworm, bullseye, sid, trixie
dia	CVE-2019-19451	When GNOME Dia before 2019-11-27 is launched with a filename argument ...	bullseye
dillo	TEMP-0560108-565B70	browser-based css info disclosure	bookworm, bullseye, sid, trixie
dlt-daemon	CVE-2021-29507	GENIVI Diagnostic Log and Trace (DLT) provides a log and trace interfa ...	bullseye
dmg2img	CVE-2021-3548	A flaw was found in dmg2img through 20170502. dmg2img did not validate ...	bookworm, bullseye, sid, trixie
	CVE-2021-32614	A flaw was found in dmg2img through 20170502. fill_mishblk() does not ...	bookworm, bullseye, sid, trixie
dmidecode	CVE-2023-30630	Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This ...	bookworm, bullseye
dnsmasq	CVE-2021-45951	Dnsmasq 2.86 has a heap-based buffer overflow in check_bad_address (ca ...	bookworm, bullseye, sid, trixie
	CVE-2021-45952	Dnsmasq 2.86 has a heap-based buffer overflow in dhcp_reply (called fr ...	bookworm, bullseye, sid, trixie
	CVE-2021-45953	Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called ...	bookworm, bullseye, sid, trixie
	CVE-2021-45954	Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called ...	bookworm, bullseye, sid, trixie
	CVE-2021-45955	Dnsmasq 2.86 has a heap-based buffer overflow in resize_packet (called ...	bookworm, bullseye, sid, trixie
	CVE-2021-45956	Dnsmasq 2.86 has a heap-based buffer overflow in print_mac (called fro ...	bookworm, bullseye, sid, trixie
	CVE-2021-45957	Dnsmasq 2.86 has a heap-based buffer overflow in answer_request (calle ...	bookworm, bullseye, sid, trixie
	CVE-2023-49441	dnsmasq 2.9 is vulnerable to Integer Overflow via forward_query.	bullseye
dnstracer	CVE-2017-9430	Stack-based buffer overflow in dnstracer through 1.9 allows attackers ...	bookworm, bullseye, sid, trixie
dogtag-pki	CVE-2015-0234	Multiple temporary file creation vulnerabilities in pki-core 10.2.0.	bullseye
dokuwiki	CVE-2016-7964	The sendRequest method in HTTPClient Class in file /inc/HTTPClient.php ...	bookworm, bullseye
	CVE-2016-7965	DokuWiki 2016-06-26a and older uses $_SERVER[HTTP_HOST] instead of the ...	bookworm, bullseye
	CVE-2024-33103	An arbitrary file upload vulnerability in the Media Manager component ...	bookworm, bullseye, sid, trixie
dovecot	CVE-2008-4870	dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedor ...	bookworm, bullseye, sid, trixie
dpic	CVE-2021-32421	dpic 2021.01.01 has a Heap Use-After-Free in thedeletestringbox() func ...	bullseye
	CVE-2021-32422	dpic 2021.01.01 has a Global buffer overflow in theyylex() function in ...	bullseye
	CVE-2021-33390	dpic 2021.04.10 has a use-after-free in thedeletestringbox() function ...	bullseye
dpkg-cross	CVE-2008-4950	gccross in dpkg-cross 2.3.0 allows local users to overwrite arbitrary ...	bookworm, bullseye, sid, trixie
duo-unix	CVE-2020-12135	bson before 0.8 incorrectly uses int rather than size_t for many varia ...	bookworm, bullseye, sid, trixie
elfutils	CVE-2021-33294	In elfutils 0.183, an infinite loop was found in the function handle_s ...	bullseye
	CVE-2024-25260	elfutils v0.189 was discovered to contain a NULL pointer dereference v ...	bookworm, bullseye, sid, trixie
	CVE-2025-1352	A vulnerability has been found in GNU elfutils 0.192 and classified as ...	bookworm, bullseye, sid, trixie
	CVE-2025-1365	A vulnerability, which was classified as critical, was found in GNU el ...	bookworm, bullseye, sid, trixie
	CVE-2025-1371	A vulnerability has been found in GNU elfutils 0.192 and classified as ...	bookworm, bullseye, sid, trixie
	CVE-2025-1372	A vulnerability was found in GNU elfutils 0.192. It has been declared ...	bookworm, bullseye, sid, trixie
	CVE-2025-1376	A vulnerability classified as problematic was found in GNU elfutils 0. ...	bookworm, bullseye, sid, trixie
	CVE-2025-1377	A vulnerability, which was classified as problematic, has been found i ...	bookworm, bullseye, sid, trixie
epiphany-browser	CVE-2007-1084	Mozilla Firefox 2.0.0.1 and earlier does not prompt users before savin ...	bookworm, bullseye, sid, trixie
	CVE-2014-3566	The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other prod ...	bookworm, bullseye, sid, trixie
	TEMP-0560108-565B70	browser-based css info disclosure	bookworm, bullseye, sid, trixie
erlang	CVE-2009-0130	lib/crypto/c_src/crypto_drv.c in erlang does not properly check the re ...	bookworm, bullseye, sid, trixie
	CVE-2016-1000107	inets in Erlang possibly 22.1 and earlier follows RFC 3875 section 4.1 ...	bookworm, bullseye, sid, trixie
etcd	CVE-2022-34038	Etcd v3.5.4 allows remote attackers to cause a denial of service via f ...	bookworm, bullseye, sid, trixie
evolution	CVE-2007-1266	Evolution 2.8.1 and earlier does not properly use the --status-fd argu ...	bookworm, bullseye, sid, trixie
	CVE-2011-3201	GNOME Evolution before 3.2.3 allows user-assisted remote attackers to ...	bookworm, bullseye, sid, trixie
	CVE-2013-4166	The gpg_ctx_add_recipient function in camel/camel-gpg-context.c in GNO ...	bookworm, bullseye, sid, trixie
	CVE-2017-17689	The S/MIME specification allows a Cipher Block Chaining (CBC) malleabi ...	bookworm, bullseye, sid, trixie
	CVE-2021-3349	GNOME Evolution through 3.38.3 produces a "Valid signature" message fo ...	bookworm, bullseye, sid, trixie
exif	CVE-2021-27815	NULL Pointer Deference in the exif command line tool, when printing ou ...	bullseye
exiftags	CVE-2024-42851	Buffer Overflow vulnerability in open source exiftags v.1.01 allows a ...	bookworm, bullseye, sid, trixie
exiv2	CVE-2018-14338	samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realp ...	bookworm, bullseye, sid, trixie
	CVE-2020-18773	An invalid memory access in the decode function in iptc.cpp of Exiv2 0 ...	bookworm, bullseye, sid, trixie
	CVE-2020-18774	A float point exception in the printLong function in tags_int.cpp of E ...	bookworm, bullseye, sid, trixie
	CVE-2020-18898	A stack exhaustion issue in the printIFDStructure function of Exiv2 0. ...	bookworm, bullseye, sid, trixie
expat	CVE-2013-0340	expat 2.1.0 and earlier does not properly handle entities expansion un ...	bullseye
	CVE-2023-52426	libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DT ...	bookworm, bullseye
	CVE-2024-28757	libexpat through 2.6.1 allows an XML Entity Expansion attack when ther ...	bookworm, bullseye
faust	CVE-2021-32275	An issue was discovered in faust through v2.30.5. A NULL pointer deref ...	bookworm, bullseye, sid, trixie
	CVE-2021-41736	Faust v2.35.0 was discovered to contain a heap-buffer overflow in the ...	bookworm, bullseye, sid, trixie
	CVE-2021-41737	In Faust 2.23.1, an input file with the lines "// r visualisation tCst ...	bookworm, bullseye, sid, trixie
	CVE-2023-37770	faust commit ee39a19 was discovered to contain a stack overflow via th ...	bookworm, bullseye, sid, trixie
fdkaac	CVE-2022-36148	fdkaac commit 53fe239 was discovered to contain a floating point excep ...	bookworm, bullseye
	CVE-2022-37781	fdkaac v1.0.3 was discovered to contain a heap buffer overflow via __i ...	bookworm, bullseye
	CVE-2023-34823	fdkaac before 1.0.5 was discovered to contain a stack overflow in read ...	bookworm, bullseye
	CVE-2023-34824	fdkaac before 1.0.5 was discovered to contain a heap buffer overflow i ...	bookworm, bullseye
ffmpeg	CVE-2020-22038	A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ...	bullseye
fig2dev	CVE-2025-46397	In xfig diagramming tool, a stack-overflowwhile running fig2dev allows ...	bookworm
	CVE-2025-46398	In xfig diagramming tool, a stack-overflow while running fig2dev allow ...	bookworm
	CVE-2025-46399	A flaw was found in fig2dev. This vulnerability allows availability vi ...	bookworm
	CVE-2025-46400	In xfig diagramming tool, a segmentation fault while running fig2dev a ...	bookworm
firefox	CVE-2004-1639	Mozilla Firefox before 0.10, Mozilla 5.0, and Gecko 20040913 allows re ...	sid
	CVE-2005-2395	Mozilla Firefox 1.0.4 and 1.0.5 does not choose the challenge with the ...	sid
	CVE-2005-4685	Firefox and Mozilla can associate a cookie with multiple domains when ...	sid
	CVE-2019-12383	Tor Browser before 8.0.1 has an information exposure vulnerability. It ...	sid
	CVE-2023-5217	Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior ...	sid
firefox-esr	CVE-2019-12383	Tor Browser before 8.0.1 has an information exposure vulnerability. It ...	bookworm, bullseye, sid, trixie
	CVE-2023-5217	Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior ...	bookworm, sid, trixie
firehol	CVE-2008-4953	firehol in firehol 1.256 allows local users to overwrite arbitrary fil ...	bookworm, bullseye, sid, trixie
flask-caching	CVE-2021-33026	The Flask-Caching extension through 1.10.1 for Flask relies on Pickle ...	bookworm, bullseye, sid, trixie
flex	CVE-2019-6293	An issue was discovered in the function mark_beginning_as_normal in nf ...	bookworm, bullseye, sid, trixie
flintqs	CVE-2023-29465	SageMath FlintQS 1.0 relies on pathnames under TMPDIR (typically world ...	bookworm, bullseye, sid, trixie
flvmeta	CVE-2023-36243	FLVMeta v1.2.1 was discovered to contain a buffer overflow via the xml ...	bookworm, bullseye
fontforge	CVE-2017-11570	FontForge 20161012 is vulnerable to a buffer over-read in umodenc (par ...	bookworm, bullseye, sid, trixie
	CVE-2017-11573	FontForge 20161012 is vulnerable to a buffer over-read in ValidatePost ...	bookworm, bullseye, sid, trixie
	CVE-2017-17521	uiutil.c in FontForge through 20170731 does not validate strings befor ...	bookworm, bullseye, sid, trixie
foomatic-filters	CVE-2011-2923	foomatic-rip filter, all versions, used insecurely creates temporary f ...	bookworm, bullseye, sid, trixie
	TEMP-0000000-ACBC4C	buffer overflows in init_cups	bookworm, bullseye, sid, trixie
freeglut	CVE-2024-24258	freeglut 3.4.0 was discovered to contain a memory leak via the menuEnt ...	bookworm, bullseye, sid, trixie
	CVE-2024-24259	freeglut through 3.4.0 was discovered to contain a memory leak via the ...	bookworm, bullseye, sid, trixie
freeipa	CVE-2015-5179	FreeIPA might display user data improperly via vectors involving non-p ...	bookworm, sid, trixie
	CVE-2017-12169	It was found that FreeIPA 4.2.0 and later could disclose password hash ...	bookworm, sid, trixie
	CVE-2019-14826	A flaw was found in FreeIPA versions 4.5.0 and later. Session cookies ...	bookworm, sid, trixie
	CVE-2023-5455	A Cross-site request forgery vulnerability exists in ipa/session/login ...	bookworm
	CVE-2024-2698	A vulnerability was found in FreeIPA in how the initial implementation ...	bookworm
	CVE-2024-3183	A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ ...	bookworm
freeradius	CVE-2019-10143	It was discovered freeradius up to and including version 3.0.19 does n ...	bookworm, bullseye
freetype	CVE-2022-31782	ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based bu ...	bullseye
frr	CVE-2020-12831	An issue was discovered in FRRouting FRR (aka Free Range Routing) thro ...	bookworm, bullseye, sid, trixie
ganglia-web	CVE-2019-20378	ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via th ...	bookworm, bullseye, sid, trixie
	CVE-2019-20379	ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via th ...	bookworm, bullseye, sid, trixie
gcc-10	CVE-2023-4039	DISPUTEDA failure in the -fstack-protector feature in GCC-based to ...	bullseye, bookworm
gcc-12	CVE-2022-27943	libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in ...	bookworm, sid, trixie
gcc-9	CVE-2023-4039	DISPUTEDA failure in the -fstack-protector feature in GCC-based to ...	bullseye
gcc-mingw-w64	CVE-2016-4973	Binaries compiled against targets that use the libssp library in GCC f ...	bookworm, bullseye, sid, trixie
gdal	CVE-2025-29480	Buffer Overflow vulnerability in gdal 3.10.2 allows a local attacker t ...	bookworm, bullseye, sid, trixie
gdb	CVE-2014-8501	The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU binutil ...	bookworm, bullseye, sid, trixie
	CVE-2023-39128	GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack o ...	bookworm, bullseye, sid, trixie
	CVE-2023-39129	GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap us ...	bookworm, bullseye, sid, trixie
	CVE-2023-39130	GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap bu ...	bookworm, bullseye, sid, trixie
gedit	CVE-2017-14108	libgedit.a in GNOME gedit through 3.22.1 allows remote attackers to ca ...	bookworm, bullseye, sid, trixie
gegl	CVE-2018-10111	An issue was discovered in GEGL through 0.3.32. The render_rectangle f ...	bookworm, bullseye, sid, trixie
	CVE-2018-10112	An issue was discovered in GEGL through 0.3.32. The gegl_tile_backend_ ...	bookworm, bullseye, sid, trixie
geomview	CVE-2017-17530	common/help.c in Geomview 1.9.5 does not validate strings before launc ...	bookworm, bullseye, sid, trixie
gerbv	CVE-2021-40400	An out-of-bounds read vulnerability exists in the RS-274X aperture mac ...	bullseye
	CVE-2021-40402	An out-of-bounds read vulnerability exists in the RS-274X aperture mac ...	bookworm, bullseye, sid, trixie
	CVE-2023-4508	A user able to control file input to Gerbv, between versions 2.4.0 and ...	bookworm, bullseye
ghostscript	CVE-2022-1350	A vulnerability classified as problematic was found in GhostPCL 9.55.0 ...	bullseye
	CVE-2023-38560	An integer overflow flaw was found in pcl/pl/plfont.c:418 in pl_glyph_ ...	bookworm, bullseye
	CVE-2024-29511	Artifex Ghostscript before 10.03.1, when Tesseract is used for OCR, ha ...	bookworm, bullseye
	CVE-2025-48708	gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscri ...	bookworm, bullseye
ghostwriter	CVE-2022-39209	cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and renderin ...	bullseye
giac	CVE-2017-17526	Input.cc in Bernard Parisse Giac 1.2.3.57 does not validate strings be ...	bookworm, bullseye, sid, trixie
gif2apng	CVE-2021-45907	An issue was discovered in gif2apng 1.9. There is a stack-based buffer ...	bullseye
	CVE-2021-45908	An issue was discovered in gif2apng 1.9. There is a stack-based buffer ...	bullseye
giflib	CVE-2020-23922	An issue was discovered in giflib through 5.1.4. DumpScreen2RGB in gif ...	bookworm, bullseye
	CVE-2021-40633	A memory leak (out-of-memory) in gif2rgb in util/gif2rgb.c in giflib 5 ...	bookworm, bullseye
	CVE-2022-28506	There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RG ...	bookworm, bullseye
	CVE-2023-39742	giflib v5.2.1 was discovered to contain a segmentation fault via the c ...	bookworm, bullseye, sid, trixie
	CVE-2023-48161	Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows ...	bookworm, bullseye
	CVE-2024-45993	Giflib Project v5.2.2 is vulnerable to a heap buffer overflow via gif2 ...	bookworm, bullseye, sid, trixie
gifsicle	CVE-2020-19752	The find_color_or_error function in gifsicle 1.92 contains a NULL poin ...	bullseye
	CVE-2023-36193	Gifsicle v1.9.3 was discovered to contain a heap buffer overflow via t ...	bookworm, bullseye
	CVE-2023-44821	Gifsicle through 1.94, if deployed in a way that allows untrusted inpu ...	bookworm, bullseye, sid, trixie
	CVE-2023-46009	gifsicle-1.94 was found to have a floating point exception (FPE) vulne ...	bookworm, bullseye, sid, trixie
giftrans	CVE-2021-45972	The giftrans function in giftrans 1.12.2 contains a stack-based buffer ...	bookworm, bullseye, sid, trixie
gimp	CVE-2012-4245	The scriptfu network server in GIMP 2.6 does not require authenticatio ...	bookworm, bullseye, sid, trixie
	CVE-2018-12713	GIMP through 2.10.2 makes g_get_tmp_dir calls to establish temporary f ...	bookworm, bullseye
	CVE-2022-30067	GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a ...	bullseye
	CVE-2022-32990	An issue in gimp_layer_invalidate_boundary of GNOME GIMP 2.10.30 allow ...	bullseye
git	CVE-2018-1000021	GIT version 2.15.1 and earlier contains a Input Validation Error vulne ...	bookworm, bullseye, sid, trixie
	CVE-2022-24975	The --mirror documentation for Git through 2.35.1 does not mention the ...	bookworm, bullseye, sid, trixie
	CVE-2024-52005	Git is a source code management tool. When cloning from a server (or f ...	bookworm, bullseye, sid, trixie
glance	CVE-2013-4354	The API before 2.1 in OpenStack Image Registry and Delivery Service (G ...	bookworm, bullseye, sid, trixie
	CVE-2015-8234	The image signature algorithm in OpenStack Glance 11.0.0 allows remote ...	bookworm, bullseye, sid, trixie
	CVE-2016-4383	The glance-manage db in all versions of HPE Helion Openstack Glance al ...	bookworm, bullseye, sid, trixie
	CVE-2016-8611	A vulnerability was found in Openstack Glance. No limits are enforced ...	bookworm, bullseye, sid, trixie
glib2.0	CVE-2012-0039	GLib 2.31.8 and earlier, when the g_str_hash function is used, compute ...	bookworm, bullseye, sid, trixie
glibc	CVE-2010-4756	The glob implementation in the GNU C Library (aka glibc or libc6) allo ...	bookworm, bullseye, sid, trixie
	CVE-2018-20796	In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limi ...	bookworm, bullseye, sid, trixie
	CVE-2019-9192	In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limi ...	bookworm, bullseye, sid, trixie
	CVE-2019-1010022	GNU Libc current is affected by: Mitigation bypass. The impact is: Att ...	bookworm, bullseye, sid, trixie
	CVE-2019-1010023	GNU Libc current is affected by: Re-mapping current loaded library wit ...	bookworm, bullseye, sid, trixie
	CVE-2019-1010024	GNU Libc current is affected by: Mitigation bypass. The impact is: Att ...	bookworm, bullseye, sid, trixie
	CVE-2019-1010025	GNU Libc current is affected by: Mitigation bypass. The impact is: Att ...	bookworm, bullseye, sid, trixie
glslang	CVE-2025-3010	A vulnerability, which was classified as problematic, has been found i ...	bookworm, bullseye, sid, trixie
gnome-keyring	CVE-2018-19358	GNOME Keyring through 3.28.2 allows local users to retrieve login cred ...	bookworm, bullseye, sid, trixie
gnome-remote-desktop	CVE-2022-1736	Ubuntu's configuration of gnome-control-center allowed Remote Desktop ...	bullseye
gnome-settings-daemon	CVE-2024-38394	Mismatches in interpreting USB authorization policy between GNOME Sett ...	bookworm, bullseye, sid, trixie
gnumail	CVE-2007-1269	GNUMail 1.1.2 and earlier does not properly use the --status-fd argume ...	bookworm, bullseye, sid, trixie
gnupg1	CVE-2018-6829	cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt mess ...	bookworm, bullseye, sid, trixie
	CVE-2019-14855	A flaw was found in the way certificate signatures could be forged usi ...	bookworm, bullseye, sid, trixie
gnupg2	CVE-2022-3219	GnuPG can be made to spin on a relatively small input by (for example) ...	bookworm, bullseye, sid, trixie
gnuplot	CVE-2020-25412	com_line() in command.c in gnuplot 5.4 leads to an out-of-bounds-write ...	bookworm, bullseye
	CVE-2020-25559	gnuplot 5.5 is affected by double free when executing print_set_output ...	bookworm, bullseye
	CVE-2020-25969	gnuplot v5.5 was discovered to contain a buffer overflow via the funct ...	bookworm, bullseye
	CVE-2025-3359	A flaw was found in GNUPlot. A segmentation fault via IO_str_init_stat ...	bookworm, bullseye, sid, trixie
	CVE-2025-31176	A flaw was found in gnuplot. The plot3d_points() function may lead to ...	bookworm, bullseye, sid, trixie
	CVE-2025-31177	gnuplot is affected by a heap buffer overflow at function utf8_copy_on ...	bookworm, bullseye, sid, trixie
	CVE-2025-31178	A flaw was found in gnuplot. The GetAnnotateString() function may lead ...	bookworm, bullseye, sid, trixie
	CVE-2025-31179	A flaw was found in gnuplot. The xstrftime() function may lead to a se ...	bookworm, bullseye, sid, trixie
	CVE-2025-31180	A flaw was found in gnuplot. The CANVAS_text() function may lead to a ...	bookworm, bullseye, sid, trixie
	CVE-2025-31181	A flaw was found in gnuplot. The X11_graphics() function may lead to a ...	bookworm, bullseye, sid, trixie
gnutls28	CVE-2011-3389	The SSL protocol, as used in certain configurations in Microsoft Windo ...	bookworm, bullseye, sid, trixie
gocr	CVE-2021-33479	A stack-based buffer overflow vulnerability was discovered in gocr thr ...	bookworm, bullseye, sid, trixie
	CVE-2021-33480	An use-after-free vulnerability was discovered in gocr through 0.53-20 ...	bookworm, bullseye, sid, trixie
	CVE-2021-33481	A stack-based buffer overflow vulnerability was discovered in gocr thr ...	bookworm, bullseye, sid, trixie
golang-1.15	CVE-2020-29509	The encoding/xml package in Go (all versions) does not correctly prese ...	bullseye
	CVE-2020-29510	The encoding/xml package in Go versions 1.15 and earlier does not corr ...	bullseye
	CVE-2020-29511	The encoding/xml package in Go (all versions) does not correctly prese ...	bullseye
	CVE-2022-41716	Due to unsanitized NUL values, attackers may be able to maliciously se ...	bullseye
	CVE-2022-41720	On Windows, restricted files can be accessed via os.DirFS and http.Dir ...	bullseye
	CVE-2022-41722	A path traversal vulnerability exists in filepath.Clean on Windows. On ...	bullseye
	CVE-2023-45283	The filepath package does not recognize paths with a \??\ prefix as sp ...	bullseye
	CVE-2023-45284	On Windows, The IsLocal function does not correctly detect reserved de ...	bullseye
golang-1.19	CVE-2023-45283	The filepath package does not recognize paths with a \??\ prefix as sp ...	bookworm
	CVE-2023-45284	On Windows, The IsLocal function does not correctly detect reserved de ...	bookworm
golang-github-blevesearch-bleve	CVE-2022-31022	Bleve is a text indexing library for go. Bleve includes HTTP utilities ...	bullseye
golang-github-containers-buildah	CVE-2022-4122	A vulnerability was found in buildah. Incorrect following of symlinks ...	bookworm, bullseye, sid, trixie
	CVE-2022-4123	A flaw was found in Buildah. The local path and the lowest subdirector ...	bookworm, bullseye, sid, trixie
golang-github-lucas-clemente-quic-go	CVE-2022-30591	quic-go through 0.27.0 allows remote attackers to cause a denial of se ...	bookworm, bullseye, sid, trixie
golang-go.crypto	CVE-2022-30636	httpTokenCacheKey uses path.Base to extract the expected HTTP-01 token ...	bullseye
google-perftools	CVE-2018-13420	Google gperftools 2.7 has a memory leak in malloc_extension.cc, relate ...	bookworm, bullseye, sid, trixie
gpac	CVE-2022-43254	GPAC v2.1-DEV-rev368-gfd054169b-master was discovered to contain a mem ...	bullseye
gpw	CVE-2011-4931	gpw generates shorter passwords than required	bookworm, bullseye, sid, trixie
graphicsmagick	CVE-2017-13736	There are lots of memory leaks in the GMCommand function in magick/com ...	bookworm, bullseye, sid, trixie
graphviz	CVE-2019-11023	The agroot() function in cgraph\obj.c in libcgraph.a in Graphviz 2.39. ...	bookworm, bullseye, sid, trixie
	CVE-2023-46045	Graphviz 2.36.0 through 9.x before 10.0.1 has an out-of-bounds read vi ...	bookworm, bullseye
grub	CVE-2008-3896	Grub Legacy 0.97 and earlier stores pre-boot authentication passwords ...	bookworm, bullseye, sid, trixie
	CVE-2023-4949	An attacker with local access to a system (either through a disk or ex ...	bookworm, bullseye, sid, trixie
gsoap	CVE-2021-21783	A code execution vulnerability exists in the WS-Addressing plugin func ...	bookworm, bullseye, sid, trixie
gssproxy	CVE-2020-12658	gssproxy (aka gss-proxy) before 0.8.3 does not unlock cond_mutex befor ...	bookworm, bullseye, sid, trixie
h2database	CVE-2022-45868	The web-based admin console in H2 Database Engine before 2.2.220 can b ...	bookworm, bullseye, sid, trixie
hamster-time-tracker	CVE-2023-36250	CSV Injection vulnerability in GNOME time tracker version 3.0.2, allow ...	bookworm, bullseye, sid, trixie
haskell-tls	CVE-2011-3389	The SSL protocol, as used in certain configurations in Microsoft Windo ...	bookworm, bullseye, sid, trixie
hdf5	CVE-2017-17507	In HDF5 1.10.1, there is an out of bounds read vulnerability in the fu ...	bookworm, bullseye
	CVE-2018-13869	An issue was discovered in the HDF HDF5 1.8.20 library. There is a mem ...	bullseye
	CVE-2018-13870	An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ...	bullseye
	CVE-2018-14031	An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ...	bookworm, bullseye
	CVE-2018-14033	An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ...	bookworm, bullseye
	CVE-2018-14034	An issue was discovered in the HDF HDF5 1.8.20 library. There is an ou ...	bookworm, bullseye, sid, trixie
	CVE-2018-14035	An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ...	bookworm, bullseye, sid, trixie
	CVE-2018-14460	An issue was discovered in the HDF HDF5 1.8.20 library. There is a hea ...	bullseye
	CVE-2018-15671	An issue was discovered in the HDF HDF5 1.10.2 library. Excessive stac ...	bookworm, bullseye, sid, trixie
	CVE-2018-16438	An issue was discovered in the HDF HDF5 1.8.20 library. There is an ou ...	bookworm, bullseye
	CVE-2018-17432	A NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c in ...	bullseye
	CVE-2018-17433	A heap-based buffer overflow in ReadGifImageDesc() in gifread.c in the ...	bookworm, bullseye, sid, trixie
	CVE-2018-17435	A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c in the ...	bullseye
	CVE-2018-17436	ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library allo ...	bookworm, bullseye, sid, trixie
	CVE-2018-17439	An issue was discovered in the HDF HDF5 1.10.3 library. There is a sta ...	bookworm, bullseye
	CVE-2019-8397	An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ...	bookworm, bullseye, sid, trixie
	CVE-2019-9151	An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ...	bookworm, bullseye, sid, trixie
	CVE-2019-9152	An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ...	bookworm, bullseye, sid, trixie
	CVE-2020-10809	An issue was discovered in HDF5 through 1.12.0. A heap-based buffer ov ...	bookworm, bullseye, sid, trixie
	CVE-2020-10810	An issue was discovered in HDF5 through 1.12.0. A NULL pointer derefer ...	bullseye
	CVE-2020-10811	An issue was discovered in HDF5 through 1.12.0. A heap-based buffer ov ...	bullseye
	CVE-2020-10812	An issue was discovered in HDF5 through 1.12.0. A NULL pointer derefer ...	bookworm, bullseye, sid, trixie
	CVE-2020-18232	Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1 ...	bookworm, bullseye, sid, trixie
	CVE-2020-18494	Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1 ...	bookworm, bullseye, sid, trixie
	CVE-2021-37501	Buffer Overflow vulnerability in HDFGroup hdf5-h5dump 1.12.0 through 1 ...	bookworm, bullseye
	CVE-2021-45829	HDF5 1.13.1-1 is affected by: segmentation fault, which causes a Denia ...	bookworm, bullseye, sid, trixie
	CVE-2021-45830	A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via ...	bookworm, bullseye
	CVE-2021-45832	A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 at ...	bookworm, bullseye, sid, trixie
	CVE-2021-45833	A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 vi ...	bookworm, bullseye
	CVE-2021-46242	HDF5 v1.13.1-1 was discovered to contain a heap-use-after free via the ...	bookworm, bullseye
	CVE-2021-46243	An untrusted pointer dereference vulnerability exists in HDF5 v1.13.1- ...	bookworm, bullseye, sid, trixie
	CVE-2021-46244	A Divide By Zero vulnerability exists in HDF5 v1.13.1-1 vis the functi ...	bookworm, bullseye
	CVE-2025-6269	A vulnerability classified as critical was found in HDF5 up to 1.14.6. ...	bookworm, bullseye, sid, trixie
	CVE-2025-6270	A vulnerability, which was classified as critical, has been found in H ...	bookworm, bullseye, sid, trixie
	CVE-2025-6516	A vulnerability has been found in HDF5 up to 1.14.6 and classified as ...	bookworm, bullseye, sid, trixie
	CVE-2025-6817	A vulnerability, which was classified as problematic, has been found i ...	bookworm, bullseye, sid, trixie
	CVE-2025-6818	A vulnerability, which was classified as problematic, was found in HDF ...	bookworm, bullseye, sid, trixie
	CVE-2025-6856	A vulnerability, which was classified as problematic, was found in HDF ...	bookworm, bullseye, sid, trixie
	CVE-2025-6857	A vulnerability has been found in HDF5 1.14.6 and classified as proble ...	bookworm, bullseye, sid, trixie
	CVE-2025-6858	A vulnerability was found in HDF5 1.14.6 and classified as problematic ...	bookworm, bullseye, sid, trixie
	CVE-2025-7068	A vulnerability, which was classified as problematic, has been found i ...	bookworm, bullseye, sid, trixie
	CVE-2025-7069	A vulnerability, which was classified as problematic, was found in HDF ...	bookworm, bullseye, sid, trixie
	CVE-2025-44904	hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the ...	bookworm, bullseye, sid, trixie
	CVE-2025-44905	hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the ...	bookworm, bullseye, sid, trixie
heat	CVE-2024-7319	An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensi ...	bookworm, sid, trixie
hex-a-hop	TEMP-0528250-2E3658	hex-a-hop: buffer overflow in loading save games	bookworm, bullseye, sid, trixie
hiredis	CVE-2021-32765	Hiredis is a minimalistic C client library for the Redis database. In ...	bullseye
horizon-eda	CVE-2021-21897	A code execution vulnerability exists in the DL_Dxf::handleLWPolylineD ...	bookworm, bullseye, sid, trixie
hoteldruid	CVE-2024-23091	Weak password hashing using MD5 in funzioni.php in HotelDruid before 1 ...	bookworm, bullseye, sid
htmldoc	CVE-2021-34119	A flaw was discovered in htmodoc 1.9.12 in function parse_paragraph in ...	bullseye
	CVE-2021-34121	An Out of Bounds flaw was discovered in htmodoc 1.9.12 in function par ...	bullseye
	CVE-2022-0137	A heap buffer overflow in image_set_mask function of HTMLDOC before 1. ...	bullseye
	CVE-2022-34033	HTMLDoc v1.9.15 was discovered to contain a heap overflow via (write_h ...	bullseye
	CVE-2022-34035	HTMLDoc v1.9.12 and below was discovered to contain a heap overflow vi ...	bullseye
htslib	CVE-2018-14329	In HTSlib 1.8, a race condition in cram/cram_io.c might allow local us ...	bookworm, bullseye, sid, trixie
httpie	CVE-2023-48052	Missing SSL certificate validation in HTTPie v3.2.2 allows attackers t ...	bookworm, sid, trixie
hugin	CVE-2024-25442	An issue in the HuginBase::PanoramaMemento::loadPTScript function of H ...	bookworm, bullseye
	CVE-2024-25443	An issue in the HuginBase::ImageVariable<double>::linkWith function of ...	bookworm, bullseye
	CVE-2024-25445	Improper handling of values in HuginBase::PTools::Transform::transform ...	bookworm, bullseye
	CVE-2024-25446	An issue in the HuginBase::PTools::setDestImage function of Hugin v202 ...	bookworm, bullseye
icecast2	CVE-2005-0837	IceCast 2.20 allows remote attackers to bypass the XSL parser and obta ...	bookworm, bullseye, sid, trixie
	CVE-2005-0838	Multiple buffer overflows in the XSL parser for IceCast 2.20 may allow ...	bookworm, bullseye, sid, trixie
icedtea-web	CVE-2015-5236	It was discovered that the IcedTea-Web used codebase attribute of the ...	bookworm, bullseye, sid, trixie
imagemagick	CVE-2005-0406	A design flaw in image processing software that modifies JPEG images m ...	bookworm, bullseye, sid, trixie
	CVE-2008-3134	Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 al ...	bookworm, bullseye, sid, trixie
	CVE-2016-8678	The IsPixelMonochrome function in MagickCore/pixel-accessor.h in Image ...	bookworm, bullseye, sid, trixie
	CVE-2017-7275	The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allow ...	bookworm, bullseye, sid, trixie
	CVE-2017-11754	The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 al ...	bookworm, bullseye, sid, trixie
	CVE-2017-11755	The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 al ...	bookworm, bullseye, sid, trixie
	CVE-2018-15607	In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x3 ...	bookworm, bullseye, sid, trixie
	CVE-2021-20311	A flaw was found in ImageMagick in versions before 7.0.11, where a div ...	bookworm, bullseye
	CVE-2023-34152	A vulnerability was found in ImageMagick. This security flaw cause a r ...	bookworm, bullseye, sid, trixie
in-toto	CVE-2023-32076	in-toto is a framework to protect supply chain integrity. The in-toto ...	bookworm, bullseye
influxdb	CVE-2022-36640	influxData influxDB before v1.8.10 contains no authentication mechanis ...	bookworm, bullseye, sid, trixie
iniparser	CVE-2023-33461	iniparser v4.1 is vulnerable to NULL Pointer Dereference in function i ...	bookworm, bullseye
	CVE-2025-0633	Heap-based Buffer Overflow vulnerability ininiparser_dumpsection_ini() ...	bookworm, bullseye
initramfs-tools	CVE-2008-4996	init in initramfs-tools 0.92f allows local users to overwrite arbitrar ...	bookworm, bullseye, sid, trixie
ioquake3	CVE-2019-1010043	Quake3e < 5ed740d is affected by: Buffer Overflow. The impact is: Poss ...	bookworm, bullseye, sid, trixie
ippsample	CVE-2023-24808	PDFio is a C library for reading and writing PDF files. In versions pr ...	bookworm, sid
	CVE-2023-28428	PDFio is a C library for reading and writing PDF files. In versions 1. ...	bookworm, sid
	CVE-2024-42358	PDFio is a simple C library for reading and writing PDF files. There i ...	bookworm, sid
iptables	CVE-2012-2663	extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP S ...	bookworm, bullseye, sid, trixie
iptraf-ng	CVE-2024-52949	iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, th ...	bookworm, bullseye, sid, trixie
iputils	CVE-2025-47268	ping in iputils through 20240905 allows a denial of service (applicati ...	bookworm, bullseye, sid, trixie
jackrabbit	CVE-2023-37895	Java object deserialization issue in Jackrabbit webapp/standalone on a ...	bookworm, bullseye
jakarta-el-api	CVE-2021-28170	In the Jakarta Expression Language implementation 3.0.3 and earlier, a ...	bookworm, bullseye, sid, trixie
janino	CVE-2023-33546	Janino 3.1.9 and earlier are subject to denial of service (DOS) attack ...	bookworm, bullseye, sid, trixie
jansson	CVE-2020-36325	An issue was discovered in Jansson through 2.13.1. Due to a parsing er ...	bookworm, bullseye, sid, trixie
janus	CVE-2021-4124	janus-gateway is vulnerable to Improper Neutralization of Input During ...	bookworm, sid
jbig2dec	CVE-2023-46361	Artifex Software jbig2dec v0.20 was discovered to contain a SEGV vulne ...	bookworm, bullseye, sid, trixie
jbigkit	CVE-2017-9937	In LibTIFF 4.0.8, there is a memory malloc failure in tif_jbig.c. A cr ...	bookworm, bullseye, sid, trixie
jetty9	CVE-2024-6763	Eclipse Jetty is a lightweight, highly scalable, Java-based web server ...	bookworm, bullseye, sid, trixie
jhead	CVE-2020-6624	jhead through 3.04 has a heap-based buffer over-read in process_DQT in ...	bookworm, bullseye, sid, trixie
	CVE-2020-6625	jhead through 3.04 has a heap-based buffer over-read in Get32s when ca ...	bookworm, bullseye, sid, trixie
	CVE-2020-28840	Buffer Overflow vulnerability in jpgfile.c in Matthias-Wandel jhead ve ...	bullseye
	CVE-2021-28275	A Denial of Service vulnerability exists in jhead 3.04 and 3.05 due to ...	bullseye
	CVE-2021-28276	A Denial of Service vulnerability exists in jhead 3.04 and 3.05 via a ...	bullseye
	CVE-2021-28277	A Heap-based Buffer Overflow vulnerabilty exists in jhead 3.04 and 3.0 ...	bullseye
	CVE-2021-28278	A Heap-based Buffer Overflow vulnerability exists in jhead 3.04 and 3. ...	bullseye
	CVE-2024-2824	A vulnerability was found in Matthias-Wandel jhead 3.08 and classified ...	bookworm, bullseye, sid, trixie
jinja2	CVE-2019-8341	An issue was discovered in Jinja2 2.10. The from_string function is pr ...	bookworm, bullseye, sid, trixie
joblib	CVE-2024-34997	joblib v1.4.2 was discovered to contain a deserialization vulnerabilit ...	bookworm, bullseye, sid, trixie
jpeg-xl	CVE-2021-36691	libjxl v0.5.0 is affected by a Assertion failed issue in lib/jxl/image ...	bookworm, sid, trixie
jpegoptim	CVE-2022-32325	JPEGOPTIM v1.4.7 was discovered to contain a segmentation violation wh ...	bookworm, bullseye, sid, trixie
	CVE-2023-27781	jpegoptim v1.5.2 was discovered to contain a heap overflow in the opti ...	bookworm, bullseye, sid, trixie
jq	CVE-2024-23337	jq is a command-line JSON processor. In versions up to and including 1 ...	bookworm, bullseye
jquery-goodies	CVE-2022-23395	jQuery Cookie 1.4.1 is affected by prototype pollution, which can lead ...	bookworm, bullseye, sid, trixie
json-glib	TEMP-0772585-D41D8C		bookworm, bullseye, sid, trixie
jsonpickle	CVE-2020-22083	jsonpickle through 1.4.1 allows remote code execution during deseriali ...	bookworm, bullseye, sid, trixie
jupyter-server	CVE-2023-49080	The Jupyter Server provides the backend (i.e. the core services, APIs, ...	bookworm, bullseye
jython	CVE-2017-17522	Lib/webbrowser.py in Python through 3.6.3 does not validate strings be ...	bookworm, bullseye, sid, trixie
keepalived	CVE-2024-41184	In the vrrp_ipsets_handler handler (fglobal_parser.c) of keepalived th ...	bookworm, bullseye
keepass2	CVE-2019-20184	KeePass 2.4.1 allows CSV injection in the title field of a CSV export.	bookworm, bullseye, sid, trixie
	CVE-2023-32784	In KeePass 2.x before 2.54, it is possible to recover the cleartext ma ...	bookworm, bullseye, sid, trixie
kiwi	CVE-2017-17532	examples/framework/news/news3.py in Kiwi 1.9.22 does not validate stri ...	bookworm, sid
knot-resolver	CVE-2022-32983	Knot Resolver through 5.5.1 may allow DNS cache poisoning when there i ...	bookworm, bullseye, sid, trixie
krb5	CVE-2018-5709	An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The ...	bookworm, bullseye, sid, trixie
	CVE-2024-26458	Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/r ...	bookworm, bullseye, sid, trixie
	CVE-2024-26461	Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ...	bookworm, bullseye, sid, trixie
lbreakout2	TEMP-0608980-E8B8DF	Crash with long HOME environment variable	bookworm, bullseye
lcms2	CVE-2025-29070	A heap buffer overflow vulnerability has been identified in thesmooth2 ...	bookworm, bullseye, sid, trixie
leocad	CVE-2021-31804	LeoCAD before 21.03 sometimes allows a use-after-free during the openi ...	bookworm, bullseye, sid, trixie
libao	CVE-2017-11548	The _tokenize_matrix function in audio_out.c in Xiph.Org libao 1.2.0 a ...	bookworm, bullseye, sid, trixie
libapache-poi-java	CVE-2016-5000	The XLSX2CSV example in Apache POI before 3.14 allows remote attackers ...	bookworm, bullseye, sid, trixie
	CVE-2019-12415	In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to conv ...	bookworm, bullseye, sid, trixie
libarchive	CVE-2023-30571	Libarchive through 3.6.2 can cause directories to have world-writable ...	bookworm, bullseye, sid, trixie
	CVE-2025-1632	A vulnerability was found in libarchive up to 3.7.7. It has been class ...	bookworm, bullseye
	CVE-2025-25724	list_item_verbose in tar/util.c in libarchive through 3.7.7 does not c ...	bookworm, bullseye
libbpf	CVE-2025-29481	Buffer Overflow vulnerability in libbpf 1.5.0 allows a local attacker ...	bookworm, bullseye
libbson-xs-perl	CVE-2025-40906	BSON::XS versions 0.8.4 and earlier for Perl includes a bundled libbso ...	bookworm, bullseye
libcaca	CVE-2022-0856	libcaca is affected by a Divide By Zero issue via img2txt, which allow ...	bookworm, bullseye, sid, trixie
libcommons-collections4-java	CVE-2015-7501	Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data G ...	bookworm, bullseye, sid, trixie
libcommons-fileupload-java	CVE-2016-1000031	Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation ...	bookworm, bullseye, sid, trixie
libcrypt-cbc-perl	CVE-2025-2814	Crypt::CBC versions between 1.21 and 3.05 for Perl may use the rand() ...	bookworm, bullseye, sid, trixie
libcrypto++	CVE-2016-7420	Crypto++ (aka cryptopp) through 5.6.4 does not document the requiremen ...	bookworm, bullseye, sid, trixie
libdata-uuid-perl	CVE-2013-4184	Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink a ...	bookworm, bullseye
libesmtp	CVE-2019-19977	libESMTP through 1.0.6 mishandles domain copying into a fixed-size buf ...	bookworm, bullseye, sid, trixie
libfwsi	CVE-2019-17263	In libyal libfwsi before 20191006, libfwsi_extension_block_copy_from_b ...	bookworm, bullseye, sid, trixie
libgadu	CVE-2013-4488	libgadu before 1.12.0 does not verify X.509 certificates from SSL serv ...	bookworm, bullseye, sid, trixie
libgcrypt20	CVE-2018-6829	cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt mess ...	bookworm, bullseye, sid, trixie
	CVE-2024-2236	A timing-based side-channel flaw was found in libgcrypt's RSA implemen ...	bookworm, bullseye, sid, trixie
libgd2	CVE-2021-40145	gdImageGd2Ptr in gd_gd2.c in the GD Graphics Library (aka LibGD) throu ...	bullseye
libgda5	CVE-2021-39359	In GNOME libgda through 6.0.0, gda-web-provider.c does not enable TLS ...	bookworm, bullseye
libgig	CVE-2018-14449	An issue was discovered in libgig 4.1.0. There is an out of bounds rea ...	bookworm, bullseye, sid, trixie
	CVE-2018-14450	An issue was discovered in libgig 4.1.0. There is an out-of-bounds rea ...	bookworm, bullseye, sid, trixie
	CVE-2018-14451	An issue was discovered in libgig 4.1.0. There is a heap-based buffer ...	bookworm, bullseye, sid, trixie
	CVE-2018-14452	An issue was discovered in libgig 4.1.0. There is an out-of-bounds rea ...	bookworm, bullseye, sid, trixie
	CVE-2018-14453	An issue was discovered in libgig 4.1.0. There is a heap-based buffer ...	bookworm, bullseye, sid, trixie
	CVE-2018-14454	An issue was discovered in libgig 4.1.0. There is an out-of-bounds rea ...	bookworm, bullseye, sid, trixie
	CVE-2018-14455	An issue was discovered in libgig 4.1.0. There is an out-of-bounds wri ...	bookworm, bullseye, sid, trixie
	CVE-2018-14456	An issue was discovered in libgig 4.1.0. There is an out-of-bounds wri ...	bookworm, bullseye, sid, trixie
	CVE-2018-14457	An issue was discovered in libgig 4.1.0. There is an out-of-bounds wri ...	bookworm, bullseye, sid, trixie
	CVE-2018-14458	An issue was discovered in libgig 4.1.0. There is a heap-based buffer ...	bookworm, bullseye, sid, trixie
	CVE-2018-14459	An issue was discovered in libgig 4.1.0. There is an out-of-bounds wri ...	bookworm, bullseye, sid, trixie
	CVE-2018-18192	An issue was discovered in libgig 4.1.0. There is a NULL pointer deref ...	bookworm, bullseye, sid, trixie
	CVE-2018-18193	An issue was discovered in libgig 4.1.0. There is operator new[] failu ...	bookworm, bullseye, sid, trixie
	CVE-2018-18194	An issue was discovered in libgig 4.1.0. There is a heap-based buffer ...	bookworm, bullseye, sid, trixie
	CVE-2018-18195	An issue was discovered in libgig 4.1.0. There is an FPE (divide-by-ze ...	bookworm, bullseye, sid, trixie
	CVE-2018-18196	An issue was discovered in libgig 4.1.0. There is a heap-based buffer ...	bookworm, bullseye, sid, trixie
	CVE-2018-18197	An issue was discovered in libgig 4.1.0. There is an operator new[] fa ...	bookworm, bullseye, sid, trixie
	CVE-2021-32294	An issue was discovered in libgig through 20200507. A heap-buffer-over ...	bookworm, bullseye, sid, trixie
libglvnd	CVE-2023-45924	libglxproto.c in OpenGL libglvnd bb06db5a was discovered to contain a ...	bookworm, bullseye, sid, trixie
libheif	CVE-2023-49463	libheif v1.17.5 was discovered to contain a segmentation violation via ...	bookworm, bullseye
	CVE-2024-25269	libheif <= 1.17.6 contains a memory leak in the function JpegEncoder:: ...	bookworm, bullseye
libhttp-tiny-perl	CVE-2023-31486	HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available ...	bookworm
libjgroups-java	CVE-2016-2141	It was found that JGroups did not require necessary headers for encryp ...	bookworm, bullseye, sid, trixie
libjpeg	CVE-2022-31620	In libjpeg before 1.64, BitStream<false>::Get in bitstream.hpp has an ...	bullseye
	CVE-2022-31796	libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRe ...	bullseye
	CVE-2022-32201	In libjpeg 1.63, there is a NULL pointer dereference in Component::Sub ...	bullseye
	CVE-2022-32202	In libjpeg 1.63, there is a NULL pointer dereference in LineBuffer::Fe ...	bullseye
	CVE-2022-32978	There is an assertion failure in SingleComponentLSScan::ParseMCU in si ...	bullseye
	CVE-2022-35166	libjpeg commit 842c7ba was discovered to contain an infinite loop via ...	bookworm, bullseye, sid, trixie
	CVE-2022-37768	libjpeg commit 281daa9 was discovered to contain an infinite loop via ...	bullseye
	CVE-2022-37770	libjpeg commit 281daa9 was discovered to contain a segmentation fault ...	bullseye
	CVE-2023-37836	libjpeg commit db33a6e was discovered to contain a reachable assertion ...	bookworm, bullseye
	CVE-2023-37837	libjpeg commit db33a6e was discovered to contain a heap buffer overflo ...	bookworm, bullseye
libjpeg6b	CVE-2016-3616	The cjpeg utility in libjpeg allows remote attackers to cause a denial ...	sid
liblnk	CVE-2019-17263	In libyal libfwsi before 20191006, libfwsi_extension_block_copy_from_b ...	bookworm, bullseye, sid, trixie
	CVE-2019-17264	In libyal liblnk before 20191006, liblnk_location_information_read_dat ...	bookworm, bullseye, sid, trixie
	CVE-2019-17401	libyal liblnk 20191006 has a heap-based buffer over-read in the networ ...	bookworm, bullseye, sid, trixie
liblouis	CVE-2023-26767	Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remo ...	bookworm, bullseye
	CVE-2023-26768	Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remo ...	bookworm, bullseye
	CVE-2023-26769	Buffer Overflow vulnerability found in Liblouis Lou_Trace v.3.24.0 all ...	bookworm, bullseye
libmatio	CVE-2019-20019	An attempted excessive memory allocation was discovered in Mat_VarRead ...	bookworm, bullseye, sid, trixie
libmetadata-extractor-java	CVE-2022-24613	metadata-extractor up to 2.16.0 can throw various uncaught exceptions ...	bookworm, bullseye, sid, trixie
	CVE-2022-24614	When reading a specially crafted JPEG file, metadata-extractor up to 2 ...	bookworm, bullseye, sid, trixie
libokhttp-java	CVE-2018-20200	CertificatePinner.java in OkHttp 3.x through 3.12.0 allows man-in-the- ...	bookworm, bullseye, sid, trixie
libpam-krb5	CVE-2023-3326	pam_krb5 authenticates a user by essentially running kinit with the pa ...	bookworm, bullseye, sid, trixie
libpcap	CVE-2023-7256	In affected libpcap versions during the setup of a remote packet captu ...	bookworm, bullseye
	CVE-2024-8006	Remote packet capture support is disabled by default in libpcap. When ...	bookworm, bullseye
libphp-adodb	CVE-2006-4976	The Date Library in John Lim ADOdb Library for PHP allows remote attac ...	bookworm, bullseye, sid, trixie
	CVE-2011-3699	John Lim ADOdb Library for PHP 5.11 allows remote attackers to obtain ...	bookworm, bullseye, sid, trixie
libpng1.6	CVE-2019-6129	png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as ...	bullseye
	CVE-2021-4214	A heap overflow flaw was found in libpngs' pngimage.c program. This fl ...	bookworm, bullseye, sid, trixie
libpodofo	CVE-2018-20797	An issue was discovered in PoDoFo 0.9.6. There is an attempted excessi ...	bookworm, bullseye, sid, trixie
	CVE-2020-18972	Exposure of Sensitive Information to an Unauthorized Actor in PoDoFo v ...	bookworm, bullseye, sid, trixie
libquicktime	CVE-2017-12143	In libquicktime 1.2.4, an allocation failure was found in the function ...	bookworm, bullseye, sid, trixie
	CVE-2017-12145	In libquicktime 1.2.4, an allocation failure was found in the function ...	bookworm, bullseye, sid, trixie
libraw	CVE-2020-24890	libraw 20.0 has a null pointer dereference vulnerability in parse_tiff ...	bookworm, bullseye, sid, trixie
librecad	CVE-2021-21897	A code execution vulnerability exists in the DL_Dxf::handleLWPolylineD ...	bookworm, bullseye, sid, trixie
	CVE-2023-30259	A Buffer Overflow vulnerability in importshp plugin in LibreCAD 2.2.0 ...	bookworm, bullseye
libreoffice	CVE-2012-5639	LibreOffice and OpenOffice automatically open embedded content	bookworm, bullseye, sid, trixie
	CVE-2018-10583	An information disclosure vulnerability occurs when LibreOffice 6.0.3 ...	bookworm, bullseye, sid, trixie
libreswan	CVE-2018-5389	The Internet Key Exchange v1 main mode is vulnerable to offline dictio ...	bookworm, bullseye, sid, trixie
libsass	CVE-2019-18797	LibSass 3.6.1 has uncontrolled recursion in Sass::Eval::operator()(Sas ...	bookworm, bullseye, sid, trixie
libslirp	CVE-2020-7211	tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\ ...	bookworm, bullseye, sid, trixie
libspring-java	CVE-2021-22060	In Spring Framework versions 5.3.0 - 5.3.13, 5.2.0 - 5.2.18, and older ...	bookworm, bullseye, sid, trixie
	CVE-2021-22096	In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older ...	bookworm, bullseye, sid, trixie
	CVE-2022-22950	n Spring Framework versions 5.3.0 - 5.3.16 and older unsupported versi ...	bookworm, bullseye, sid, trixie
	CVE-2022-22965	A Spring MVC or Spring WebFlux application running on JDK 9+ may be vu ...	bookworm, bullseye, sid, trixie
	CVE-2022-22968	In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older ...	bookworm, bullseye, sid, trixie
	CVE-2022-22970	In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupp ...	bookworm, bullseye, sid, trixie
	CVE-2022-22971	In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupp ...	bookworm, bullseye, sid, trixie
	CVE-2023-20860	Spring Framework running version 6.0.0 - 6.0.6 or 5.3.0 - 5.3.25 using ...	bookworm, bullseye, sid, trixie
	CVE-2023-20861	In Spring Framework versions 6.0.0 - 6.0.6, 5.3.0 - 5.3.25, 5.2.0.RELE ...	bookworm, bullseye, sid, trixie
	CVE-2023-20863	In spring framework versions prior to 5.2.24 release+ ,5.3.27+ and 6.0 ...	bookworm, bullseye, sid, trixie
	CVE-2024-22243	Applications that use UriComponentsBuilderto parse an externally provi ...	bookworm, bullseye, sid, trixie
	CVE-2024-22259	Applications that use UriComponentsBuilder in Spring Frameworkto parse ...	bookworm, bullseye, sid, trixie
	CVE-2024-22262	Applications that use UriComponentsBuilderto parse an externally provi ...	bookworm, bullseye, sid, trixie
	CVE-2024-38807	Applications that use spring-boot-loaderor spring-boot-loader-classica ...	bookworm, bullseye, sid, trixie
	CVE-2024-38808	In Spring Framework versions 5.3.0 - 5.3.38 and older unsupported vers ...	bookworm, bullseye, sid, trixie
	CVE-2024-38809	Applications that parse ETags from "If-Match" or "If-None-Match" reque ...	bookworm, bullseye, sid, trixie
	CVE-2024-38816	Applications serving static resources through the functional web frame ...	bookworm, bullseye, sid, trixie
	CVE-2024-38819	Applications serving static resources through the functional web frame ...	bookworm, bullseye, sid, trixie
	CVE-2024-38820	The fix for CVE-2022-22968 made disallowedFieldspatterns in DataBinder ...	bookworm, bullseye, sid, trixie
	CVE-2024-38828	Spring MVC controller methods with an @RequestBody byte[]method parame ...	bookworm, bullseye, sid, trixie
	CVE-2024-38829	A vulnerability in Spring LDAP allows data exposure for case sensitive ...	bookworm, bullseye, sid, trixie
	CVE-2025-22233	CVE-2024-38820 ensured Locale-independent, lowercase conversion for bo ...	bookworm, bullseye, sid, trixie
libstb	CVE-2022-27938	stb_image.h (aka the stb image loader) 2.19, as used in libsixel and o ...	bookworm, bullseye, sid, trixie
	CVE-2022-28048	STB v2.27 was discovered to contain an integer shift of invalid size i ...	bookworm, bullseye
libtheora	CVE-2024-56431	oc_huff_tree_unpack in huffdec.c in libtheora in Theora through 1.0 71 ...	bookworm, bullseye
libvncserver	CVE-2019-15680	TightVNC code version 1.3.10 contains null pointer dereference in Hand ...	bookworm, bullseye, sid, trixie
libvpx	CVE-2017-0641	A remote denial of service vulnerability in libvpx in Mediaserver coul ...	bookworm, bullseye, sid, trixie
libvterm	CVE-2018-20786	libvterm through 0+bzr726, as used in Vim and other products, mishandl ...	bookworm, bullseye, sid, trixie
libwmf	CVE-2007-3476	Array index error in gd_gif_in.c in the GD Graphics Library (libgd) be ...	bookworm, bullseye, sid, trixie
	CVE-2007-3477	The (a) imagearc and (b) imagefilledarc functions in GD Graphics Libra ...	bookworm, bullseye, sid, trixie
	CVE-2007-3996	Multiple integer overflows in libgd in PHP before 5.2.4 allow remote a ...	bookworm, bullseye, sid, trixie
	CVE-2009-3546	The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5. ...	bookworm, bullseye, sid, trixie
	TEMP-0601525-BEBB65	libgd2: gdImageColorTransparent can write outside buffer	bookworm, bullseye, sid, trixie
libxerces2-java	CVE-2012-0881	Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to ca ...	bookworm, bullseye, sid, trixie
libxml2	CVE-2024-34459	An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2. ...	bullseye
	CVE-2025-6170	A flaw was found in the interactive shell of the xmllint command-line ...	bookworm, bullseye, sid, trixie
libxslt	CVE-2015-9019	In libxslt 1.1.29 and earlier, the EXSLT math.random function was not ...	bookworm, bullseye, sid, trixie
	CVE-2023-40403	The issue was addressed with improved memory handling. This issue is f ...	bookworm, bullseye, sid, trixie
libxsmm	CVE-2018-20543	There is an attempted excessive memory allocation at libxsmm_sparse_cs ...	bookworm, sid, trixie
libxstream-java	CVE-2022-40151	Those using Xstream to seralize XML data may be vulnerable to Denial o ...	bookworm, bullseye, sid, trixie
linux	CVE-2004-0230	TCP, when using a large Window Size, makes it easier for remote attack ...	bookworm, bullseye, sid, trixie
	CVE-2005-3660	Linux kernel 2.4 and 2.6 allows attackers to cause a denial of service ...	bookworm, bullseye, sid, trixie
	CVE-2007-3719	The process scheduler in the Linux kernel 2.6.16 gives preference to " ...	bookworm, bullseye, sid, trixie
	CVE-2008-2544	Mounting /proc filesystem via chroot command silently mounts it in rea ...	bookworm, bullseye, sid, trixie
	CVE-2008-4609	The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, ...	bookworm, bullseye, sid, trixie
	CVE-2010-4563	The Linux kernel, when using IPv6, allows remote attackers to determin ...	bookworm, bullseye, sid, trixie
	CVE-2010-5321	Memory leak in drivers/media/video/videobuf-core.c in the videobuf sub ...	bookworm, bullseye, sid, trixie
	CVE-2011-4915	fs/proc/base.c in the Linux kernel through 3.1 allows local users to o ...	bookworm, bullseye, sid, trixie
	CVE-2011-4916	Linux kernel through 3.1 allows local users to obtain sensitive keystr ...	bookworm, bullseye, sid, trixie
	CVE-2011-4917	In the Linux kernel through 3.1 there is an information disclosure iss ...	bookworm, bullseye, sid, trixie
	CVE-2012-4542	block/scsi_ioctl.c in the Linux kernel through 3.8 does not properly c ...	bookworm, bullseye, sid, trixie
	CVE-2014-9892	The snd_compr_tstamp function in sound/core/compress_offload.c in the ...	bookworm, bullseye, sid, trixie
	CVE-2014-9900	The ethtool_get_wol function in net/core/ethtool.c in the Linux kernel ...	bookworm, bullseye, sid, trixie
	CVE-2015-2877	Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 through 4.x d ...	bookworm, bullseye, sid, trixie
	CVE-2016-8660	The XFS subsystem in the Linux kernel through 4.8.2 allows local users ...	bookworm, bullseye, sid, trixie
	CVE-2016-10723	An issue was discovered in the Linux kernel through 4.17.2. Since the ...	bookworm, bullseye, sid, trixie
	CVE-2017-0630	An information disclosure vulnerability in the kernel trace subsystem ...	bookworm, bullseye, sid, trixie
	CVE-2017-13693	The acpi_ds_create_operands() function in drivers/acpi/acpica/dsutils. ...	bookworm, bullseye, sid, trixie
	CVE-2017-13694	The acpi_ps_complete_final_op() function in drivers/acpi/acpica/psobje ...	bookworm, bullseye, sid, trixie
	CVE-2018-1121	procps-ng, procps is vulnerable to a process hiding through race condi ...	bookworm, bullseye, sid, trixie
	CVE-2018-17977	The Linux kernel 4.14.67 mishandles certain interaction among XFRM Net ...	bookworm, bullseye, sid, trixie
	CVE-2019-11191	The Linux kernel through 5.0.7, when CONFIG_IA32_AOUT is enabled and i ...	bookworm, bullseye, sid, trixie
	CVE-2019-12378	An issue was discovered in ip6_ra_control in net/ipv6/ipv6_sockglue.c ...	bookworm, bullseye, sid, trixie
	CVE-2019-12379	An issue was discovered in con_insert_unipair in drivers/tty/vt/consol ...	bookworm, bullseye, sid, trixie
	CVE-2019-12380	DISPUTED An issue was discovered in the efi subsystem in the Linux ...	bookworm, bullseye, sid, trixie
	CVE-2019-12381	An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in ...	bookworm, bullseye, sid, trixie
	CVE-2019-12382	An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/d ...	bookworm, bullseye, sid, trixie
	CVE-2019-12455	An issue was discovered in sunxi_divs_clk_setup in drivers/clk/sunxi/c ...	bookworm, bullseye, sid, trixie
	CVE-2019-12456	An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in ...	bookworm, bullseye, sid, trixie
	CVE-2019-16229	drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c in the Linux kernel 5.2.14 ...	bookworm, bullseye, sid, trixie
	CVE-2019-16230	drivers/gpu/drm/radeon/radeon_display.c in the Linux kernel 5.2.14 doe ...	bookworm, bullseye, sid, trixie
	CVE-2019-16231	drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check ...	bookworm, bullseye, sid, trixie
	CVE-2019-16232	drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5. ...	bookworm, bullseye, sid, trixie
	CVE-2019-16233	drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not chec ...	bookworm, bullseye, sid, trixie
	CVE-2019-16234	drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5. ...	bookworm, bullseye, sid, trixie
	CVE-2019-19070	A memory leak in the spi_gpio_probe() function in drivers/spi/spi-gpio ...	bookworm, bullseye, sid, trixie
	CVE-2019-19378	In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image ...	bookworm, bullseye, sid, trixie
	CVE-2020-11725	snd_ctl_elem_add in sound/core/control.c in the Linux kernel through 5 ...	bookworm, bullseye, sid, trixie
	CVE-2020-35501	A flaw was found in the Linux kernels implementation of audit rules, w ...	bookworm, bullseye, sid, trixie
	CVE-2021-3714	A flaw was found in the Linux kernels memory deduplication mechanism. ...	bookworm, bullseye, sid, trixie
	CVE-2021-26934	An issue was discovered in the Linux kernel 4.18 through 5.10.16, as u ...	bookworm, bullseye, sid, trixie
	CVE-2021-32078	An Out-of-Bounds Read was discovered in arch/arm/mach-footbridge/perso ...	bullseye
	CVE-2022-0400	An out-of-bounds read vulnerability was discovered in linux kernel in ...	bookworm, bullseye, sid, trixie
	CVE-2022-1247	An issue found in linux-kernel that leads to a race condition in rose_ ...	bookworm, bullseye, sid, trixie
	CVE-2022-2961	A use-after-free flaw was found in the Linux kernel\u2019s PLP Rose fu ...	bookworm, bullseye, sid, trixie
	CVE-2022-3238	A double-free flaw was found in the Linux kernel\u2019s NTFS3 subsyste ...	bookworm, sid, trixie
	CVE-2022-4543	A flaw named "EntryBleed" was found in the Linux Kernel Page Table Iso ...	bookworm, bullseye, sid, trixie
	CVE-2022-25265	In the Linux kernel through 5.16.10, certain binary files may have the ...	bookworm, bullseye, sid, trixie
	CVE-2022-41848	drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 ...	bookworm, bullseye, sid, trixie
	CVE-2022-44032	An issue was discovered in the Linux kernel through 6.0.6. drivers/cha ...	bookworm, bullseye, sid, trixie
	CVE-2022-44033	An issue was discovered in the Linux kernel through 6.0.6. drivers/cha ...	bookworm, bullseye, sid, trixie
	CVE-2022-44034	An issue was discovered in the Linux kernel through 6.0.6. drivers/cha ...	bookworm, bullseye
	CVE-2022-45884	An issue was discovered in the Linux kernel through 6.0.9. drivers/med ...	bookworm, bullseye, sid, trixie
	CVE-2022-45885	An issue was discovered in the Linux kernel through 6.0.9. drivers/med ...	bookworm, bullseye, sid, trixie
	CVE-2023-3640	A possible unauthorized memory access flaw was found in the Linux kern ...	bookworm, bullseye, sid, trixie
	CVE-2023-4134	A use-after-free vulnerability was found in the cyttsp4_core driver in ...	bookworm, bullseye
	CVE-2023-6610	An out-of-bounds read vulnerability was found in smb2_dump_detail in f ...	bullseye
	CVE-2023-22995	In the Linux kernel before 5.17, an error path in dwc3_qcom_acpi_regis ...	bullseye
	CVE-2023-23000	In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles t ...	bullseye
	CVE-2023-23003	In the Linux kernel before 5.16, tools/perf/util/expr.c lacks a check ...	bullseye
	CVE-2023-23039	An issue was discovered in the Linux kernel through 6.2.0-rc2. drivers ...	bookworm, bullseye, sid, trixie
	CVE-2023-26242	afu_mmio_region_get_by_offset in drivers/fpga/dfl-afu-region.c in the ...	bookworm, bullseye, sid, trixie
	CVE-2023-31081	An issue was discovered in drivers/media/test-drivers/vidtv/vidtv_brid ...	bookworm, bullseye, sid, trixie
	CVE-2023-31085	An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel ...	bookworm, bullseye, sid, trixie
	CVE-2023-39191	An improper input validation flaw was found in the eBPF subsystem in t ...	bookworm
	CVE-2024-0564	A flaw was found in the Linux kernel's memory deduplication mechanism. ...	bookworm, bullseye, sid, trixie
	CVE-2024-40918	In the Linux kernel, the following vulnerability has been resolved: p ...	bookworm, bullseye
	TEMP-0000000-F7A20F	Kernel: Unprivileged user can freeze journald	bookworm, bullseye, sid, trixie
linuxptp	CVE-2024-42861	An issue in IEEE 802.1AS linuxptp v.4.2 and before allowing a remote a ...	bookworm, bullseye, sid, trixie
llvm-toolchain-13	CVE-2023-29932	llvm-project commit fdbc55a5 was discovered to contain a segmentation ...	bookworm, bullseye
	CVE-2023-29933	llvm-project commit bd456297 was discovered to contain a segmentation ...	bookworm, bullseye
	CVE-2023-29934	llvm-project commit 6c01b5c was discovered to contain a segmentation f ...	bookworm, bullseye
	CVE-2023-29935	llvm-project commit a0138390 was discovered to contain an assertion fa ...	bookworm, bullseye
	CVE-2023-29939	llvm-project commit a0138390 was discovered to contain a segmentation ...	bookworm, bullseye
	CVE-2023-29941	llvm-project commit a0138390 was discovered to contain a segmentation ...	bookworm, bullseye
	CVE-2023-29942	llvm-project commit a0138390 was discovered to contain a segmentation ...	bookworm, bullseye
llvm-toolchain-14	CVE-2023-26924	LLVM a0dab4950 has a segmentation fault in mlir::outlineSingleBlockReg ...	bookworm, sid
	CVE-2023-29932	llvm-project commit fdbc55a5 was discovered to contain a segmentation ...	bookworm
	CVE-2023-29933	llvm-project commit bd456297 was discovered to contain a segmentation ...	bookworm, sid
	CVE-2023-29934	llvm-project commit 6c01b5c was discovered to contain a segmentation f ...	bookworm
	CVE-2023-29935	llvm-project commit a0138390 was discovered to contain an assertion fa ...	bookworm, sid
	CVE-2023-29939	llvm-project commit a0138390 was discovered to contain a segmentation ...	bookworm
	CVE-2023-29941	llvm-project commit a0138390 was discovered to contain a segmentation ...	bookworm, sid
	CVE-2023-29942	llvm-project commit a0138390 was discovered to contain a segmentation ...	bookworm, sid
	CVE-2024-31852	LLVM before 18.1.3 generates code in which the LR register can be over ...	bookworm, sid
llvm-toolchain-15	CVE-2023-26924	LLVM a0dab4950 has a segmentation fault in mlir::outlineSingleBlockReg ...	bookworm
	CVE-2023-29932	llvm-project commit fdbc55a5 was discovered to contain a segmentation ...	bookworm
	CVE-2023-29933	llvm-project commit bd456297 was discovered to contain a segmentation ...	bookworm
	CVE-2023-29934	llvm-project commit 6c01b5c was discovered to contain a segmentation f ...	bookworm
	CVE-2023-29935	llvm-project commit a0138390 was discovered to contain an assertion fa ...	bookworm
	CVE-2023-29939	llvm-project commit a0138390 was discovered to contain a segmentation ...	bookworm
	CVE-2023-29941	llvm-project commit a0138390 was discovered to contain a segmentation ...	bookworm
	CVE-2023-29942	llvm-project commit a0138390 was discovered to contain a segmentation ...	bookworm
	CVE-2024-31852	LLVM before 18.1.3 generates code in which the LR register can be over ...	bookworm, bookworm, bullseye, sid, trixie
log4cxx	CVE-2023-31038	SQL injection in Log4cxx when using the ODBC appender to send log mess ...	bookworm, bullseye
loguru	CVE-2022-0338	Insertion of Sensitive Information into Log File in Conda loguru prior ...	bookworm, sid, trixie
lrzip	CVE-2019-10654	The lzo1x_decompress function in liblzo2.so.2 in LZO 2.10, as used in ...	bookworm, bullseye, sid, trixie
	CVE-2021-33451	An issue was discovered in lrzip version 0.641. There are memory leaks ...	bookworm, bullseye, sid, trixie
	CVE-2021-33453	An issue was discovered in lrzip version 0.641. There is a use-after-f ...	bookworm, bullseye, sid, trixie
	CVE-2022-33067	Lrzip v0.651 was discovered to contain multiple invalid arithmetic shi ...	bookworm, bullseye, sid, trixie
lua-cgi	CVE-2014-2875	The session.lua library in CGILua 5.2 alpha 1 and 5.2 alpha 2 uses wea ...	bookworm, bullseye, sid, trixie
luajit	CVE-2019-19391	In LuaJIT through 2.0.5, as used in Moonjit before 2.1.2 and other pro ...	bullseye
	CVE-2020-15890	LuaJit through 2.1.0-beta3 has an out-of-bounds read because __gc hand ...	bullseye
	CVE-2020-24372	LuaJIT through 2.1.0-beta3 has an out-of-bounds read in lj_err_run in ...	bookworm, bullseye, sid, trixie
lucene-solr	CVE-2017-3164	Server Side Request Forgery in Apache Solr, versions 1.3 until 7.6 (in ...	bookworm, bullseye, sid, trixie
	CVE-2019-17558	Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code ...	bookworm, bullseye, sid, trixie
lxc-templates	CVE-2017-18641	In LXC 2.0, many template scripts download code over cleartext HTTP, a ...	bookworm, bullseye, sid, trixie
m2crypto	CVE-2009-0127	M2Crypto does not properly check the return value from the OpenSSL EVP ...	bookworm, bullseye, sid, trixie
m4	CVE-2008-1687	The (1) maketemp and (2) mkstemp builtin functions in GNU m4 before 1. ...	bookworm, bullseye, sid, trixie
	CVE-2008-1688	Unspecified vulnerability in GNU m4 before 1.4.11 might allow context- ...	bookworm, bullseye, sid, trixie
maildirsync	CVE-2008-5150	sample.sh in maildirsync 1.1 allows local users to append data to arbi ...	bookworm, bullseye, sid, trixie
man2html	CVE-2021-40648	In man2html 1.6g, a filename can be created to overwrite the previous ...	bookworm, bullseye, sid, trixie
mapcache	CVE-2019-20005	An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...	bookworm, bullseye, sid, trixie
	CVE-2019-20006	An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...	bookworm, bullseye, sid, trixie
	CVE-2019-20007	An issue was discovered in ezXML 0.8.2 through 0.8.6. The function ezx ...	bookworm, bullseye, sid, trixie
	CVE-2019-20198	An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...	bookworm, bullseye, sid, trixie
	CVE-2019-20199	An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...	bookworm, bullseye, sid, trixie
	CVE-2019-20200	An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...	bookworm, bullseye, sid, trixie
	CVE-2019-20201	An issue was discovered in ezXML 0.8.3 through 0.8.6. The ezxml_parse_ ...	bookworm, bullseye, sid, trixie
	CVE-2019-20202	An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...	bookworm, bullseye, sid, trixie
	CVE-2021-26220	The ezxml_toxml function in ezxml 0.8.6 and earlier is vulnerable to O ...	bookworm, bullseye, sid, trixie
	CVE-2021-26221	The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB ...	bookworm, bullseye, sid, trixie
	CVE-2021-26222	The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB ...	bookworm, bullseye, sid, trixie
	CVE-2021-30485	An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ...	bookworm, bullseye, sid, trixie
	CVE-2021-31229	An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ...	bookworm, bullseye, sid, trixie
	CVE-2021-31347	An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ...	bookworm, bullseye, sid, trixie
	CVE-2021-31348	An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ...	bookworm, bullseye, sid, trixie
	CVE-2021-31598	An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ...	bookworm, bullseye, sid, trixie
	CVE-2022-30045	An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ...	bookworm, bullseye, sid, trixie
matanza	CVE-2009-3560	The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, a ...	bookworm, bullseye, sid, trixie
	CVE-2009-3720	The updatePosition function in lib/xmltok_impl.c in libexpat in Expat ...	bookworm, bullseye, sid, trixie
mathtex	CVE-2023-51890	An infinite loop issue discovered in Mathtex 1.05 and before allows a ...	bookworm, bullseye
maxima	CVE-2024-34490	In Maxima through 5.47.0 before 51704c, the plotting facilities make u ...	bookworm, bullseye
mbedtls	CVE-2018-1000520	ARM mbedTLS version 2.7.0 and earlier contains a Ciphersuite Allows In ...	bookworm, bullseye, sid, trixie
	CVE-2023-43615	Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow.	bookworm, bullseye, sid, trixie
	CVE-2024-45157	An issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1 ...	bookworm, bullseye, sid, trixie
mc	CVE-2023-45925	GNU Midnight Commander 4.8.29-146-g299d9a2fb was discovered to contain ...	bookworm, bullseye, sid, trixie
mcollective	CVE-2014-0175	mcollective has a default password set at install	bookworm, bullseye
mdadm	CVE-2023-28938	Uncontrolled resource consumption in some Intel(R) SSD Tools software ...	bullseye
mediaelement	CVE-2016-4567	Cross-site scripting (XSS) vulnerability in flash/FlashMediaElement.as ...	bookworm, bullseye, sid, trixie
mesa	CVE-2023-45913	Mesa v23.0.4 was discovered to contain a NULL pointer dereference via ...	bookworm, bullseye, sid, trixie
	CVE-2023-45919	Mesa 23.0.4 was discovered to contain a buffer over-read in glXQuerySe ...	bookworm, bullseye, sid, trixie
	CVE-2023-45922	glx_pbuffer.c in Mesa 23.0.4 was discovered to contain a segmentation ...	bookworm, bullseye, sid, trixie
	CVE-2023-45931	Mesa 23.0.4 was discovered to contain a NULL pointer dereference in ch ...	bookworm, bullseye, sid, trixie
metview	CVE-2017-17515	etc/ObjectList in Metview 4.7.3 does not validate strings before launc ...	bookworm, bullseye, sid, trixie
mh-book	CVE-2008-5152	inmail-show in mh-book 200605 allows local users to overwrite arbitrar ...	bookworm, bullseye, sid, trixie
midori	CVE-2012-2132	libsoup 2.32.2 and earlier does not validate certificates or clear the ...	bullseye
	CVE-2014-3566	The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other prod ...	bullseye
milkytracker	CVE-2022-34927	MilkyTracker v1.03.00 was discovered to contain a stack overflow via t ...	bookworm, bullseye
mingw-w64	CVE-2018-5392	mingw-w64 version 5.0.4 by default produces executables that opt in to ...	bookworm, bullseye, sid, trixie
mini-httpd	CVE-2009-4490	mini_httpd 1.19 writes data to a log file without sanitizing non-print ...	bookworm, bullseye, sid, trixie
	CVE-2017-17663	The htpasswd implementation of mini_httpd before v1.28 and of thttpd b ...	bookworm, bullseye, sid, trixie
minidjvu	CVE-2017-12441	The row_is_empty function in base/4bitmap.c:274 in minidjvu 0.8 can ca ...	bookworm, bullseye, sid, trixie
	CVE-2017-12442	The row_is_empty function in base/4bitmap.c:272 in minidjvu 0.8 can ca ...	bookworm, bullseye, sid, trixie
	CVE-2017-12443	The mdjvu_bitmap_pack_row function in base/4bitmap.c in minidjvu 0.8 c ...	bookworm, bullseye, sid, trixie
	CVE-2017-12444	The mdjvu_bitmap_get_bounding_box function in base/4bitmap.c in minidj ...	bookworm, bullseye, sid, trixie
	CVE-2017-12445	The JB2BitmapCoder::code_row_by_refinement function in jb2/bmpcoder.cp ...	bookworm, bullseye, sid, trixie
minidlna	CVE-2023-47430	Stack-buffer-overflow vulnerability in ReadyMedia (MiniDLNA) v1.3.3 al ...	bookworm, bullseye, sid, trixie
	CVE-2024-51442	Command Injection in Minidlna version v1.3.3 and before allows an atta ...	bookworm, bullseye, sid, trixie
minizinc	CVE-2023-46046	An issue in MiniZinc before 2.8.0 allows a NULL pointer dereference vi ...	bookworm, bullseye
modsecurity-crs	CVE-2019-11388	An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ...	bookworm, bullseye, sid, trixie
	CVE-2019-11389	An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ...	bookworm, bullseye, sid, trixie
	CVE-2019-11390	An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ...	bookworm, bullseye, sid, trixie
	CVE-2019-11391	An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ...	bookworm, bullseye, sid, trixie
mojarra	CVE-2010-2087	Oracle Mojarra 1.2_14 and 2.0.2, as used in IBM WebSphere Application ...	bookworm, bullseye, sid, trixie
monitoring-plugins	CVE-2023-37154	check_by_ssh in Nagios nagios-plugins 2.4.5 allows arbitrary command e ...	bookworm, bullseye, sid, trixie
monopd	CVE-2015-0841	Off-by-one error in the readBuf function in listener.cpp in libcapsine ...	bookworm, bullseye, sid, trixie
mootools	CVE-2021-32821	MooTools is a collection of JavaScript utilities for JavaScript develo ...	bookworm, bullseye, sid, trixie
mp3splt	CVE-2017-5665	The splt_cue_export_to_file function in cue.c in libmp3splt 0.9.2 allo ...	bookworm, bullseye, sid, trixie
	CVE-2017-5666	The free_options function in options_manager.c in mp3splt 2.6.2 allows ...	bookworm, bullseye, sid, trixie
	CVE-2017-5851	The free_options function in options_manager.c in mp3splt 2.6.2 allows ...	bookworm, bullseye, sid, trixie
mplayer	CVE-2022-38600	Mplayer SVN-r38374-13.0.1 is vulnerable to Memory Leak via vf.c and vf ...	bullseye
	CVE-2022-38853	Certain The MPlayer Project products are vulnerable to Buffer Overflow ...	bullseye
	CVE-2022-38856	Certain The MPlayer Project products are vulnerable to Buffer Overflow ...	bullseye
mtr	CVE-2025-49809	mtr through 0.95, in certain privileged contexts, mishandles execution ...	bookworm, bullseye, sid, trixie
mupdf	CVE-2020-26683	A memory leak issue discovered in /pdf/pdf-font-add.c in Artifex Softw ...	bullseye
	CVE-2021-4216	A Floating point exception (division-by-zero) flaw was found in Mupdf ...	bullseye
	CVE-2023-31794	MuPDF v1.21.1 was discovered to contain an infinite recursion in the c ...	bookworm, bullseye
	CVE-2023-51103	A floating point exception (divide-by-zero) vulnerability was discover ...	bookworm, bullseye, sid, trixie
	CVE-2023-51104	A floating point exception (divide-by-zero) vulnerability was discover ...	bookworm, bullseye, sid, trixie
	CVE-2023-51105	A floating point exception (divide-by-zero) vulnerability was discover ...	bookworm, bullseye, sid, trixie
	CVE-2023-51106	A floating point exception (divide-by-zero) vulnerability was discover ...	bookworm, bullseye, sid, trixie
	CVE-2023-51107	A floating point exception (divide-by-zero) vulnerability was discover ...	bookworm, bullseye, sid, trixie
	CVE-2024-46657	Artifex Software mupdf v1.24.9 was discovered to contain a segmentatio ...	bookworm, bullseye
musescore2	CVE-2023-44428	MuseScore CAP File Parsing Heap-based Buffer Overflow Remote Code Exec ...	bookworm, bullseye
	CVE-2024-44866	A buffer overflow in the GuitarPro1::read function of MuseScore Studio ...	bookworm, bullseye
musescore3	CVE-2023-26923	Musescore 3.0 to 4.0.1 has a stack buffer overflow vulnerability that ...	bookworm, bullseye
	CVE-2023-44428	MuseScore CAP File Parsing Heap-based Buffer Overflow Remote Code Exec ...	bookworm, bullseye
	CVE-2024-44866	A buffer overflow in the GuitarPro1::read function of MuseScore Studio ...	bookworm, bullseye
mustache.js	CVE-2015-8861	The handlebars package before 4.0.0 for Node.js allows remote attacker ...	bookworm, bullseye, sid, trixie
	CVE-2015-8862	mustache package before 2.2.1 for Node.js allows remote attackers to c ...	bookworm, bullseye, sid, trixie
	TEMP-0000000-137F0A	quoteless attributes in templates can lead to content injection	bookworm, bullseye, sid, trixie
mutt	CVE-2007-1268	Mutt 1.5.13 and earlier does not properly use the --status-fd argument ...	bookworm, bullseye, sid, trixie
	CVE-2024-49393	In neomutt and mutt, the To and Cc email headers are not validated by ...	bookworm, bullseye, sid, trixie
	CVE-2024-49394	In mutt and neomutt the In-Reply-To email header field is not protecte ...	bookworm, bullseye, sid, trixie
	CVE-2024-49395	In mutt and neomutt, PGP encryption does not use the --hidden-recipien ...	bookworm, bullseye, sid, trixie
mxml	CVE-2018-20005	An issue has been found in Mini-XML (aka mxml) 2.12. It is a use-after ...	bookworm, bullseye, sid, trixie
mycli	CVE-2023-44690	Inadequate encryption strength in mycli 1.27.0 allows attackers to vie ...	bookworm, bullseye, sid, trixie
nacl	CVE-2015-0565	NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks ...	bookworm, bullseye, sid, trixie
nagios4	CVE-2020-35269	Nagios Core application version 4.2.4 is vulnerable to Site-Wide Cross ...	bookworm, bullseye, sid, trixie
nasm	CVE-2018-19213	Netwide Assembler (NASM) through 2.14rc16 has memory leaks that may le ...	bookworm, bullseye, sid, trixie
	CVE-2018-20538	There is a use-after-free at asm/preproc.c (function pp_getline) in Ne ...	bookworm, bullseye, sid, trixie
	CVE-2018-1000886	nasm version 2.14.01rc5, 2.15 contains a Buffer Overflow vulnerability ...	bookworm, bullseye, sid, trixie
	CVE-2019-6290	An infinite recursion issue was discovered in eval.c in Netwide Assemb ...	bookworm, bullseye, sid, trixie
	CVE-2019-6291	An issue was discovered in the function expr6 in eval.c in Netwide Ass ...	bookworm, bullseye, sid, trixie
	CVE-2019-8343	In Netwide Assembler (NASM) 2.14.02, there is a use-after-free in past ...	bookworm, bullseye, sid, trixie
	CVE-2019-20334	In Netwide Assembler (NASM) 2.14.02, stack consumption occurs in expr# ...	bookworm, bullseye, sid, trixie
	CVE-2020-18974	Buffer Overflow in Netwide Assembler (NASM) v2.15.xx allows attackers ...	bookworm, bullseye, sid, trixie
	CVE-2020-21528	A Segmentation Fault issue discovered in in ieee_segment function in o ...	bullseye
	CVE-2021-33450	An issue was discovered in NASM version 2.16rc0. There are memory leak ...	bookworm, bullseye, sid, trixie
	CVE-2021-33452	An issue was discovered in NASM version 2.16rc0. There are memory leak ...	bookworm, bullseye, sid, trixie
	CVE-2021-45256	A Null Pointer Dereference vulnerability existfs in nasm 2.16rc0 via a ...	bookworm, bullseye, sid, trixie
	CVE-2021-45257	An infinite loop vulnerability exists in nasm 2.16rc0 via the gpaste_t ...	bookworm, bullseye, sid, trixie
	CVE-2022-29654	Buffer overflow vulnerability in quote_for_pmake in asm/nasm.c in nasm ...	bullseye
	CVE-2022-41420	nasm v2.16 was discovered to contain a stack overflow in the Ndisasm c ...	bookworm, bullseye, sid, trixie
	CVE-2022-44368	NASM v2.16 was discovered to contain a null pointer deference in the N ...	bookworm, bullseye, sid, trixie
	CVE-2022-44369	NASM 2.16 (development) is vulnerable to 476: Null Pointer Dereference ...	bookworm, bullseye, sid, trixie
	CVE-2022-44370	NASM v2.16 was discovered to contain a heap buffer overflow in the com ...	bullseye
	CVE-2022-46456	NASM v2.16 was discovered to contain a global buffer overflow in the c ...	bookworm, bullseye, sid, trixie
	CVE-2022-46457	NASM v2.16 was discovered to contain a segmentation violation in the c ...	bookworm, bullseye, sid, trixie
	CVE-2023-31722	There exists a heap buffer overflow in nasm 2.16.02rc1 (GitHub commit: ...	bookworm, bullseye, sid, trixie
	CVE-2023-38665	Null pointer dereference in ieee_write_file in nasm 2.16rc0 allows att ...	bookworm, bullseye, sid, trixie
	CVE-2023-38667	Stack-based buffer over-read in function disasm in nasm 2.16 allows at ...	bookworm, bullseye, sid, trixie
	CVE-2023-38668	Stack-based buffer over-read in disasm in nasm 2.16 allows attackers t ...	bookworm, bullseye, sid, trixie
nautilus	CVE-2022-37290	GNOME Nautilus 42.2 allows a NULL pointer dereference and get_basename ...	bullseye
neomutt	CVE-2024-49393	In neomutt and mutt, the To and Cc email headers are not validated by ...	bookworm, bullseye
	CVE-2024-49394	In mutt and neomutt the In-Reply-To email header field is not protecte ...	bookworm, bullseye
	CVE-2024-49395	In mutt and neomutt, PGP encryption does not use the --hidden-recipien ...	bookworm, bullseye, sid, trixie
net-tools	CVE-2002-1976	ifconfig, when used on the Linux kernel 2.2 and later, does not report ...	bookworm, bullseye, sid, trixie
netdata	CVE-2019-9834	The Netdata web application through 1.13.0 allows remote attackers to ...	bookworm, bullseye
netty	CVE-2022-24823	Netty is an open-source, asynchronous event-driven network application ...	bookworm, bullseye, sid, trixie
network-manager-applet	CVE-2017-6590	An issue was discovered in network-manager-applet (aka network-manager ...	bookworm, bullseye, sid, trixie
networkd-dispatcher	CVE-2022-29799	A vulnerability was found in networkd-dispatcher. This flaw exists bec ...	bullseye
	CVE-2022-29800	A time-of-check-time-of-use (TOCTOU) race condition vulnerability was ...	bullseye
newlib	CVE-2024-30949	An issue in newlib v.4.3.0 allows an attacker to execute arbitrary cod ...	bookworm, bullseye
nginx	CVE-2009-4487	nginx 0.7.64 writes data to a log file without sanitizing non-printabl ...	bookworm, bullseye, sid, trixie
	CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consum ...	bookworm, bullseye
nip2	CVE-2017-17514	boxes.c in nip2 8.4.0 does not validate strings before launching the p ...	bookworm, bullseye, sid, trixie
nmap	CVE-2018-15173	Nmap through 7.70, when the -sV option is used, allows remote attacker ...	bookworm, bullseye, sid, trixie
nodau	CVE-2022-4399	A vulnerability was found in TicklishHoneyBee nodau. It has been rated ...	bullseye
node-dompurify	CVE-2025-48050	In DOMPurify through 3.2.5 before 6bc6d60, scripts/server.js does not ...	bookworm, sid, trixie
node-ejs	CVE-2023-29827	ejs v3.1.9 is vulnerable to server-side template injection. If the ejs ...	bookworm, bullseye, sid, trixie
node-formidable	CVE-2022-29622	An arbitrary file upload vulnerability in formidable v3.1.4 allows att ...	bullseye
nova	CVE-2013-0326	OpenStack nova base images permissions are world readable	bookworm, bullseye, sid, trixie
nss	CVE-2017-11695	Heap-based buffer overflow in the alloc_segs function in lib/dbm/src/h ...	bookworm, bullseye, sid, trixie
	CVE-2017-11696	Heap-based buffer overflow in the __hash_open function in lib/dbm/src/ ...	bookworm, bullseye, sid, trixie
	CVE-2017-11697	The __hash_open function in hash.c:229 in Mozilla Network Security Ser ...	bookworm, bullseye, sid, trixie
	CVE-2017-11698	Heap-based buffer overflow in the __get_page function in lib/dbm/src/h ...	bookworm, bullseye, sid, trixie
ntopng	CVE-2024-53426	A heap-buffer-overflow vulnerability has been identified in ntopng 6.2 ...	sid
ntp	CVE-2018-12327	Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 ...	bullseye
	CVE-2023-26551	mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write ...	bullseye
	CVE-2023-26552	mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write ...	bullseye
	CVE-2023-26553	mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write ...	bullseye
	CVE-2023-26554	mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write ...	bullseye
numpy	CVE-2021-34141	An incomplete string comparison in the numpy.core component in NumPy b ...	bookworm, bullseye, sid, trixie
	CVE-2021-41495	Null Pointer Dereference vulnerability exists in numpy.sort in NumPy & ...	bookworm, bullseye, sid, trixie
	CVE-2021-41496	Buffer overflow in the array_from_pyobj function of fortranobject.c in ...	bookworm, bullseye, sid, trixie
nvidia-cg-toolkit	CVE-2008-5144	nvidia-cg-toolkit-installer in nvidia-cg-toolkit 2.0.0015 allows local ...	bookworm, bullseye, sid, trixie
nvidia-cuda-toolkit	CVE-2023-0193	NVIDIA CUDA Toolkit SDK contains a vulnerability in cuobjdump, where a ...	bookworm, bullseye
	CVE-2023-0196	NVIDIA CUDA Toolkit SDK contains a bug in cuobjdump, where a local use ...	bookworm, bullseye
	CVE-2023-25510	NVIDIA CUDA Toolkit SDK for Linux and Windows contains a NULL pointer ...	bookworm, bullseye
	CVE-2023-25511	NVIDIA CUDA Toolkit for Linux and Windows contains a vulnerability in ...	bookworm, bullseye
	CVE-2023-25512	NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in ...	bookworm, bullseye
	CVE-2023-25513	NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in ...	bookworm, bullseye
	CVE-2023-25514	NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in ...	bookworm, bullseye
	CVE-2023-25523	NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in ...	bookworm, bullseye
	CVE-2024-0125	NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in ...	bookworm, bullseye, sid, trixie
	CVE-2024-53870	NVIDIA CUDA toolkit for all platforms contains a vulnerability in the ...	bookworm, bullseye, sid, trixie
	CVE-2024-53871	NVIDIA CUDA toolkit for all platforms contains a vulnerability in the ...	bookworm, bullseye, sid, trixie
	CVE-2024-53872	NVIDIA CUDA toolkit for all platforms contains a vulnerability in the ...	bookworm, bullseye, sid, trixie
	CVE-2024-53874	NVIDIA CUDA toolkit for all platforms contains a vulnerability in the ...	bookworm, bullseye, sid, trixie
	CVE-2024-53875	NVIDIA CUDA toolkit for all platforms contains a vulnerability in the ...	bookworm, bullseye, sid, trixie
	CVE-2024-53876	NVIDIA CUDA toolkit for all platforms contains a vulnerability in the ...	bookworm, bullseye, sid, trixie
	CVE-2024-53877	NVIDIA CUDA toolkit for all platforms contains a vulnerability in the ...	bookworm, bullseye, sid, trixie
	CVE-2024-53878	NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in ...	bookworm, bullseye, sid, trixie
	CVE-2024-53879	NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in ...	bookworm, bullseye, sid, trixie
ocaml-batteries	CVE-2017-17519	batteriesConfig.mlp in OCaml Batteries Included (aka ocaml-batteries) ...	bookworm, bullseye, sid, trixie
ocsinventory-server	CVE-2014-4722	Multiple cross-site scripting (XSS) vulnerabilities in the OCS Reports ...	bookworm, bullseye, sid
	CVE-2018-15537	Unrestricted file upload (with remote code execution) in OCS Inventory ...	bullseye
	CVE-2023-3726	OCSInventory allow stored email template with special characters that ...	bookworm, bullseye, sid
oggvideotools	CVE-2020-21723	A Segmentation Fault issue discovered StreamSerializer::extractStreams ...	bookworm, bullseye, sid, trixie
ompl	CVE-2021-41490	Memory leaks in LazyPRM.cpp of OMPL v1.5.0 can cause unexpected behavi ...	bookworm, bullseye, sid, trixie
	CVE-2021-42218	OMPL v1.5.2 contains a memory leak in VFRRT.cpp	bookworm, bullseye, sid, trixie
onionshare	CVE-2022-21694	OnionShare is an open source tool that lets you securely and anonymous ...	bullseye
openconnect	CVE-2020-12105	OpenConnect through 8.08 mishandles negative return values from X509_c ...	bookworm, bullseye, sid, trixie
opendkim	CVE-2020-35766	The test suite in libopendkim in OpenDKIM through 2.10.3 allows local ...	bookworm, bullseye, sid, trixie
openexr	CVE-2017-14988	Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remot ...	bookworm, bullseye, sid, trixie
	CVE-2021-26945	An integer overflow leading to a heap-buffer overflow was found in Ope ...	bullseye
openjpeg2	CVE-2016-9113	There is a NULL pointer dereference in function imagetobmp of convertb ...	bookworm, bullseye, sid, trixie
	CVE-2016-9114	There is a NULL Pointer Access in function imagetopnm of convert.c:194 ...	bookworm, bullseye, sid, trixie
	CVE-2016-9115	Heap Buffer Over-read in function imagetotga of convert.c(jp2):942 in ...	bookworm, bullseye, sid, trixie
	CVE-2016-9116	NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in O ...	bookworm, bullseye, sid, trixie
	CVE-2016-9117	NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in O ...	bookworm, bullseye, sid, trixie
	CVE-2016-9580	An integer overflow vulnerability was found in tiftoimage function in ...	bookworm, bullseye, sid, trixie
	CVE-2016-9581	An infinite loop vulnerability in tiftoimage that results in heap buff ...	bookworm, bullseye, sid, trixie
	CVE-2016-10505	NULL pointer dereference vulnerabilities in the imagetopnm function in ...	bookworm, bullseye, sid, trixie
	CVE-2017-17479	In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the ...	bookworm, bullseye, sid, trixie
	CVE-2018-16375	An issue was discovered in OpenJPEG 2.3.0. Missing checks for header_i ...	bookworm, bullseye, sid, trixie
	CVE-2018-16376	An issue was discovered in OpenJPEG 2.3.0. A heap-based buffer overflo ...	bookworm, bullseye, sid, trixie
	CVE-2018-20846	Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi ...	bookworm, bullseye, sid, trixie
openldap	CVE-2015-3276	The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDA ...	bookworm, bullseye, sid, trixie
	CVE-2017-14159	slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping ...	bookworm, bullseye, sid, trixie
	CVE-2017-17740	contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when bot ...	bookworm, bullseye, sid, trixie
	CVE-2020-15719	libldap in certain third-party OpenLDAP packages has a certificate-val ...	bookworm, bullseye, sid, trixie
openscad	CVE-2022-0496	A vulnerbiility was found in Openscad, where a DXF-format drawing with ...	bullseye
	CVE-2022-0497	A vulnerbiility was found in Openscad, where a .scad file with no trai ...	bullseye
openssh	CVE-2007-2243	OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabl ...	bookworm, bullseye, sid, trixie
	CVE-2007-2768	OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, a ...	bookworm, bullseye, sid, trixie
	CVE-2008-3234	sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapsh ...	bookworm, bullseye, sid, trixie
	CVE-2016-20012	OpenSSH through 8.7 allows remote attackers, who have a suspicion that ...	bookworm, bullseye, sid, trixie
	CVE-2018-15919	Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 co ...	bookworm, bullseye, sid, trixie
	CVE-2019-6110	In OpenSSH 7.9, due to accepting and displaying arbitrary stderr outpu ...	bookworm, bullseye, sid, trixie
	CVE-2020-14145	The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepan ...	bookworm, bullseye, sid, trixie
	CVE-2020-15778	scp in OpenSSH through 8.3p1 allows command injection in the scp.c tor ...	bookworm, bullseye, sid, trixie
	CVE-2021-36368	An issue was discovered in OpenSSH before 8.9. If a client is using pu ...	bullseye
	CVE-2023-51767	OpenSSH through 9.6, when common types of DRAM are used, might allow r ...	bookworm, bullseye, sid, trixie
openssl	CVE-2025-27587	OpenSSL 3.0.0 through 3.3.2 on the PowerPC architecture is vulnerable ...	bookworm, bullseye
openstack-trove	CVE-2015-3156	The _write_config function in trove/guestagent/datastore/experimental/ ...	bookworm, sid, trixie
openvpn	CVE-2006-2229	OpenVPN 2.0.7 and earlier, when configured to use the --management opt ...	bookworm, bullseye, sid, trixie
	CVE-2016-6329	OpenVPN, when using a 64-bit block cipher, makes it easier for remote ...	bookworm, bullseye, sid, trixie
	CVE-2018-7544	A cross-protocol scripting issue was discovered in the management inte ...	bookworm, bullseye, sid, trixie
optee-os	CVE-2021-36133	The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access ...	sid, trixie
optipng	CVE-2023-43907	OptiPNG v0.7.7 was discovered to contain a global buffer overflow via ...	bookworm, bullseye
os-prober	CVE-2008-5135	os-prober in os-prober 1.17 allows local users to overwrite arbitrary ...	bookworm, bullseye, sid, trixie
otrs2	CVE-2018-7567	In the Admin Package Manager in Open Ticket Request System (OTRS) 5.0. ...	bullseye
p7zip	CVE-2022-47069	p7zip 16.02 was discovered to contain a heap-buffer-overflow vulnerabi ...	bookworm, bullseye, sid, trixie
	CVE-2022-47111	7-Zip 22.01 does not report an error for certain invalid xz files, inv ...	bookworm, bullseye
	CVE-2022-47112	7-Zip 22.01 does not report an error for certain invalid xz files, inv ...	bookworm, bullseye
	CVE-2023-52169	The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) conta ...	bookworm, bullseye
	CVE-2024-11612	7-Zip CopyCoder Infinite Loop Denial-of-Service Vulnerability. This vu ...	bookworm, bullseye
	CVE-2025-53817	7-Zip is a file archiver with a high compression ratio. 7-Zip supports ...	bookworm, bullseye
packagekit	CVE-2022-0987	A flaw was found in PackageKit in the way some of the methods exposed ...	bookworm, bullseye, sid, trixie
pam-pkcs11	CVE-2025-24031	PAM-PKCS#11 is a Linux-PAM login module that allows a X.509 certificat ...	bookworm, bullseye, sid, trixie
pandas	CVE-2020-13091	pandas through 1.0.3 can unserialize and execute commands from an untr ...	bookworm, bullseye, sid, trixie
pandoc	CVE-2025-51591	A Server-Side Request Forgery (SSRF) in JGM Pandoc v3.6.4 allows attac ...	bookworm, bullseye, sid, trixie
passenger	CVE-2016-10345	In Phusion Passenger before 5.1.0, a known /tmp filename was used duri ...	bullseye
password-store	CVE-2020-28086	pass through 1.7.3 has a possibility of using a password for an uninte ...	bookworm, bullseye, sid, trixie
patch	CVE-2010-4651	Directory traversal vulnerability in util.c in GNU patch 2.6.1 and ear ...	bookworm, bullseye, sid, trixie
	CVE-2018-6951	An issue was discovered in GNU patch through 2.7.6. There is a segment ...	bookworm, bullseye, sid, trixie
	CVE-2018-6952	A double free exists in the another_hunk function in pch.c in GNU patc ...	bookworm, bullseye, sid, trixie
	CVE-2021-45261	An Invalid Pointer vulnerability exists in GNU patch 2.7 via the anoth ...	bookworm, bullseye, sid, trixie
patchelf	CVE-2022-44940	Patchelf v0.9 was discovered to contain an out-of-bounds read via the ...	bookworm, bullseye, sid, trixie
pcf2bdf	CVE-2022-23318	A heap-buffer-overflow in pcf2bdf, versions >= 1.05 allows an attacker ...	bullseye
	CVE-2022-23319	A segmentation fault during PCF file parsing in pcf2bdf versions >=1.0 ...	bullseye
pcre2	CVE-2022-41409	Integer overflow vulnerability in pcre2test before 10.41 allows attack ...	bullseye
pcre3	CVE-2017-7245	Stack-based buffer overflow in the pcre32_copy_substring function in p ...	bookworm, bullseye
	CVE-2017-7246	Stack-based buffer overflow in the pcre32_copy_substring function in p ...	bookworm, bullseye
	CVE-2017-11164	In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exe ...	bookworm, bullseye
	CVE-2017-16231	In PCRE 8.41, after compiling, a pcretest load test PoC produces a cra ...	bookworm, bullseye
	CVE-2019-20838	libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT w ...	bookworm, bullseye
pdfresurrect	CVE-2021-3508	A flaw was found in PDFResurrect in version 0.22b. There is an infinit ...	bullseye
percona-toolkit	CVE-2024-7701	Use of Password Hash With Insufficient Computational Effort vulnerabil ...	bookworm, bullseye, sid, trixie
perl	CVE-2011-4116	_is_safe in the File::Temp module for Perl does not properly handle sy ...	bookworm, bullseye, sid, trixie
	CVE-2023-31486	HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available ...	bookworm, bullseye
phabricator	CVE-2017-17536	Phabricator before 2017-11-10 does not block the --config and --debugg ...	bookworm, bullseye, sid
php-getid3	CVE-2021-40926	Cross-site scripting (XSS) vulnerability in demos/demo.mysqli.php in g ...	bullseye
php-gettext	TEMP-0000000-07A77D	php-gettext XSS	bookworm, bullseye, sid
php-horde	CVE-2019-12094	Horde Groupware Webmail Edition through 5.2.22 allows XSS via an admin ...	bookworm, bullseye, sid
php-horde-trean	CVE-2019-12095	Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 ...	bookworm, bullseye, sid
php-pear	CVE-2017-5630	PECL in the download utility class in the Installer in PEAR Base Syste ...	bookworm, bullseye, sid, trixie
phpldapadmin	CVE-2018-12689	phpLDAPadmin 1.2.2 allows LDAP injection via a crafted server_id param ...	bookworm, sid, trixie
	CVE-2024-9102	phpLDAPadmin since at least version 1.2.0 through the latest version 1 ...	bookworm, sid, trixie
phpmyadmin	CVE-2005-3622	phpMyAdmin 2.7.0-beta1 and earlier allows remote attackers to obtain t ...	bookworm, bullseye, sid, trixie
	CVE-2007-4306	Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.10 ...	bookworm, bullseye, sid, trixie
	CVE-2020-11441	phpMyAdmin 5.0.2 allows CRLF injection, as demonstrated by %0D%0Astrin ...	bookworm, bullseye, sid, trixie
	CVE-2022-0813	PhpMyAdmin 5.1.1 and before allows an attacker to retrieve potentially ...	bullseye
	CVE-2022-23807	An issue was discovered in phpMyAdmin 4.9 before 4.9.8 and 5.1 before ...	bullseye
	CVE-2022-23808	An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker ca ...	bullseye
picolibc	CVE-2019-14876	In the __lshift function of the newlib libc library, all versions prio ...	bookworm, bullseye, sid, trixie
pidgin	CVE-2008-2956	Memory leak in Pidgin 2.0.0, and possibly other versions, allows remot ...	bookworm, bullseye, sid, trixie
	CVE-2012-1257	Pidgin 2.10.0 uses DBUS for certain cleartext communication, which all ...	bookworm, bullseye, sid, trixie
pipewire	CVE-2022-4964	Ubuntu's pipewire-pulse in snap grants microphone access even when the ...	bookworm, bullseye
pixman	CVE-2023-37769	stress-test master commit e4c878 was discovered to contain a FPE vulne ...	bookworm, bullseye, sid, trixie
policykit-1	CVE-2025-7519	A flaw was found in polkit. When processing an XML policy with 32 or m ...	bookworm, bullseye, sid, trixie
poppler	CVE-2013-4472	The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 a ...	bookworm, bullseye, sid, trixie
	CVE-2017-2814	An exploitable heap overflow vulnerability exists in the image renderi ...	bookworm, bullseye, sid, trixie
	CVE-2017-2818	An exploitable heap overflow vulnerability exists in the image renderi ...	bookworm, bullseye, sid, trixie
	CVE-2017-2820	An exploitable integer overflow vulnerability exists in the JPEG 2000 ...	bookworm, bullseye, sid, trixie
	CVE-2017-9083	poppler 0.54.0, as used in Evince and other products, has a NULL point ...	bookworm, bullseye, sid, trixie
	CVE-2022-24106	In Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly allowing ...	bookworm, bullseye, sid, trixie
	CVE-2024-6239	A flaw was found in the Poppler's Pdfinfo utility. This issue occurs w ...	bookworm, bullseye
ppp	CVE-2008-5366	The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local u ...	bookworm, bullseye, sid, trixie
	CVE-2008-5367	ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to o ...	bookworm, bullseye, sid, trixie
	CVE-2022-4603	A vulnerability classified as problematic has been found in ppp. Affec ...	bookworm, bullseye
proftpd-dfsg	CVE-2024-57392	Buffer Overflow vulnerability in Proftpd commit 4017eff8 allows a remo ...	bookworm
prometheus-alertmanager	CVE-2023-40577	Alertmanager handles alerts sent by client applications such as the Pr ...	bookworm, bullseye
prometheus-blackbox-exporter	CVE-2020-16248	Prometheus Blackbox Exporter through 0.17.0 allows /probe?target= SSRF ...	bookworm, bullseye, sid, trixie
	CVE-2023-26735	blackbox_exporter v0.23.0 was discovered to contain an access control ...	bookworm, bullseye, sid, trixie
protobuf	CVE-2015-5237	protobuf allows remote authenticated attackers to cause a heap-based b ...	bookworm, bullseye, sid, trixie
pspp	CVE-2025-5001	A vulnerability was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108 ...	bookworm, bullseye, sid, trixie
	CVE-2025-47229	libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a d ...	bookworm, bullseye, sid, trixie
	CVE-2025-47816	libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause an ...	bookworm, bullseye, sid, trixie
	CVE-2025-48188	libpspp-core.a in GNU PSPP through 2.0.1 has an incorrect call from fi ...	bookworm, bullseye, sid, trixie
puppet	CVE-2020-7942	Previously, Puppet operated on a model that a node with a valid certif ...	bullseye
pure-ftpd	CVE-2024-48208	pure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an ...	bookworm, bullseye, sid, trixie
pwgen	CVE-2013-4441	The Phonemes mode in Pwgen 2.06 generates predictable passwords, which ...	bookworm, bullseye, sid, trixie
py-lmdb	CVE-2019-16224	An issue was discovered in py-lmdb 0.97. For certain values of md_flag ...	bookworm, bullseye, sid, trixie
	CVE-2019-16225	An issue was discovered in py-lmdb 0.97. For certain values of mp_flag ...	bookworm, bullseye, sid, trixie
	CVE-2019-16226	An issue was discovered in py-lmdb 0.97. mdb_node_del does not validat ...	bookworm, bullseye, sid, trixie
	CVE-2019-16227	An issue was discovered in py-lmdb 0.97. For certain values of mn_flag ...	bookworm, bullseye, sid, trixie
	CVE-2019-16228	An issue was discovered in py-lmdb 0.97. There is a divide-by-zero err ...	bookworm, bullseye, sid, trixie
pyrad	CVE-2013-0342	The CreateID function in packet.py in pyrad before 2.1 uses sequential ...	bookworm, bullseye, sid, trixie
python-certifi	CVE-2022-23491	Certifi is a curated collection of Root Certificates for validating th ...	bookworm, bullseye
	CVE-2023-37920	Certifi is a curated collection of Root Certificates for validating th ...	bookworm, bullseye
	CVE-2024-39689	Certifi is a curated collection of Root Certificates for validating th ...	bookworm, bullseye
python-defaults	CVE-2008-4108	Tools/faqwiz/move-faqwiz.sh (aka the generic FAQ wizard moving tool) i ...	bullseye
python-django-celery-results	CVE-2020-17495	django-celery-results through 1.2.1 stores task results in the databas ...	bookworm, bullseye, sid, trixie
python-djangorestframework-simplejwt	CVE-2024-22513	djangorestframework-simplejwt version 5.3.1 and before is vulnerable t ...	bookworm, sid, trixie
python-ecdsa	CVE-2024-23342	The `ecdsa` PyPI package is a pure Python implementation of ECC (Ellip ...	bookworm, bullseye, sid, trixie
python-mkdocs	CVE-2021-40978	The mkdocs 1.2.2 built-in dev-server allows directory traversal using ...	bookworm, bullseye, sid, trixie
python-oslo.privsep	CVE-2022-38065	A privilege escalation vulnerability exists in the oslo.privsep functi ...	bookworm, bullseye, sid, trixie
python-pip	CVE-2018-20225	An issue was discovered in pip (all versions) because it installs the ...	bookworm, bullseye, sid, trixie
python-py	CVE-2022-42969	The py library through 1.11.0 for Python allows remote attackers to co ...	bookworm, bullseye, sid, trixie
python-pysaml2	CVE-2016-10127	PySAML2 allows remote attackers to conduct XML external entity (XXE) a ...	bookworm, bullseye, sid, trixie
python-rsa	CVE-2020-25658	It was found that python-rsa is vulnerable to Bleichenbacher timing at ...	bookworm, bullseye, sid, trixie
python-scrapy	CVE-2017-14158	Scrapy 1.4 allows remote attackers to cause a denial of service (memor ...	bookworm, bullseye, sid, trixie
python2.7	CVE-2013-7040	Python 2.7 before 3.4 only uses the last eight bits of the prefix to r ...	bullseye
	CVE-2017-17522	Lib/webbrowser.py in Python through 3.6.3 does not validate strings be ...	bullseye
	CVE-2019-9674	Lib/zipfile.py in Python through 3.7.2 allows remote attackers to caus ...	bullseye
	CVE-2020-27619	In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK ...	bullseye
	CVE-2021-28861	Python 3.x through 3.10 has an open redirection vulnerability in lib/h ...	bullseye
python3.9	CVE-2022-37454	The Keccak XKCP SHA-3 reference implementation before fdc6fef has an i ...	bullseye
pytorch	CVE-2024-48063	In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. NOTE: th ...	bookworm, bullseye, sid, trixie
qbittorrent	CVE-2023-30801	All versions of the qBittorrent client through 4.5.5 use default crede ...	bookworm, bullseye, sid, trixie
qemu	CVE-2019-12247	QEMU 3.0.0 has an Integer Overflow because the qga/commands*.c files d ...	bookworm, bullseye, sid, trixie
	CVE-2019-12928	The QMP migrate command in QEMU version 4.0.0 and earlier is vulnerabl ...	bookworm, bullseye, sid, trixie
	CVE-2019-12929	The QMP guest_exec command in QEMU 4.0.0 and earlier is prone to OS co ...	bookworm, bullseye, sid, trixie
	CVE-2020-24352	An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory ...	bookworm, bullseye, sid, trixie
	CVE-2022-35414	softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized r ...	bullseye
	CVE-2022-36648	The hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device ...	bookworm, bullseye, sid, trixie
qt6-base	CVE-2023-45935	Qt 6 through 6.6 was discovered to contain a NULL pointer dereference ...	bookworm, sid, trixie, bookworm, bullseye, sid, trixie, bookworm, bullseye, sid, trixie
qtbase-opensource-src-gles	CVE-2024-39936	An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2. ...	bookworm, bullseye, sid, trixie
qtdeclarative-opensource-src	CVE-2022-40983	An integer overflow vulnerability exists in the QML QtScript Reflect A ...	bookworm, bullseye, sid, trixie
	CVE-2022-43591	A buffer overflow vulnerability exists in the QML QtScript Reflect API ...	bookworm, bullseye, sid, trixie
qtdeclarative-opensource-src-gles	CVE-2022-40983	An integer overflow vulnerability exists in the QML QtScript Reflect A ...	bookworm, bullseye, sid, trixie
	CVE-2022-43591	A buffer overflow vulnerability exists in the QML QtScript Reflect API ...	bookworm, bullseye, sid, trixie
r-base	CVE-2024-27322	Deserialization of untrusted data can occur in the R statistical progr ...	bookworm, bullseye
r-cran-readxl	CVE-2021-27836	An issue was discoverered in in function xls_getWorkSheet in xls.c in ...	bookworm, bullseye, sid, trixie
	CVE-2023-38851	Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacke ...	bookworm, bullseye, sid, trixie
	CVE-2023-38852	Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacke ...	bookworm, bullseye, sid, trixie
	CVE-2023-38853	Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacke ...	bookworm, bullseye, sid, trixie
	CVE-2023-38854	Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacke ...	bookworm, bullseye, sid, trixie
	CVE-2023-38855	Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacke ...	bookworm, bullseye, sid, trixie
	CVE-2023-38856	Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacke ...	bookworm, bullseye, sid, trixie
rails	CVE-2010-3299	The encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to p ...	bookworm, bullseye, sid, trixie
	CVE-2011-3187	The to_s method in actionpack/lib/action_dispatch/middleware/remote_ip ...	bookworm, bullseye, sid, trixie
	CVE-2017-17916	SQL injection vulnerability in the 'find_by' method in Ruby on Rails 5 ...	bookworm, bullseye, sid, trixie
	CVE-2017-17917	SQL injection vulnerability in the 'where' method in Ruby on Rails 5.1 ...	bookworm, bullseye, sid, trixie
	CVE-2017-17919	SQL injection vulnerability in the 'order' method in Ruby on Rails 5.1 ...	bookworm, bullseye, sid, trixie
	CVE-2017-17920	SQL injection vulnerability in the 'reorder' method in Ruby on Rails 5 ...	bookworm, bullseye, sid, trixie
	CVE-2022-3704	A vulnerability classified as problematic has been found in Ruby on Ra ...	bookworm, bullseye, sid, trixie
rbdoom3bfg	CVE-2020-15007	A buffer overflow in the M_LoadDefaults function in m_misc.c in id Tec ...	bookworm, bullseye, sid, trixie
re2c	CVE-2018-21232	re2c before 2.0 has uncontrolled recursion that causes stack consumpti ...	bookworm, bullseye, sid, trixie
	CVE-2022-23901	A stack overflow re2c 2.2 exists due to infinite recursion issues in s ...	bullseye
recutils	CVE-2019-6455	An issue was discovered in GNU Recutils 1.8. There is a double-free pr ...	bookworm, bullseye, sid
	CVE-2019-6456	An issue was discovered in GNU Recutils 1.8. There is a NULL pointer d ...	bookworm, bullseye, sid
	CVE-2019-6457	An issue was discovered in GNU Recutils 1.8. There is a memory leak in ...	bookworm, bullseye, sid
	CVE-2019-6458	An issue was discovered in GNU Recutils 1.8. There is a memory leak in ...	bookworm, bullseye, sid
	CVE-2019-6459	An issue was discovered in GNU Recutils 1.8. There is a memory leak in ...	bookworm, bullseye, sid
	CVE-2019-6460	An issue was discovered in GNU Recutils 1.8. There is a NULL pointer d ...	bookworm, bullseye, sid
	CVE-2019-11637	An issue was discovered in GNU recutils 1.8. There is a NULL pointer d ...	bookworm, bullseye, sid
	CVE-2019-11638	An issue was discovered in GNU recutils 1.8. There is a NULL pointer d ...	bookworm, bullseye, sid
	CVE-2019-11639	An issue was discovered in GNU recutils 1.8. There is a stack-based bu ...	bookworm, bullseye, sid
	CVE-2019-11640	An issue was discovered in GNU recutils 1.8. There is a heap-based buf ...	bookworm, bullseye, sid
	CVE-2021-46019	An untrusted pointer dereference in rec_db_destroy() at rec-db.c of GN ...	bookworm, bullseye, sid
	CVE-2021-46021	An Use-After-Free vulnerability in rec_record_destroy() at rec-record. ...	bookworm, bullseye, sid
	CVE-2021-46022	An Use-After-Free vulnerability in rec_mset_elem_destroy() at rec-mset ...	bookworm, bullseye, sid
redis	CVE-2020-21468	A segmentation fault in the redis-server component of Redis 5.0.7 lead ...	bookworm, bullseye, sid, trixie
	CVE-2022-3647	DISPUTED A vulnerability, which was classified as problematic, w ...	bookworm, bullseye, sid, trixie
retroarch	CVE-2020-23914	An issue was discovered in cpp-peglib through v0.1.12. A NULL pointer ...	bookworm, bullseye, sid, trixie
	CVE-2020-23915	An issue was discovered in cpp-peglib through v0.1.12. peg::resolve_es ...	bookworm, bullseye, sid, trixie
rhythmbox	CVE-2008-7185	GNOME Rhythmbox 0.11.5 allows remote attackers to cause a denial of se ...	bookworm, bullseye, sid, trixie
ring	CVE-2022-24786	PJSIP is a free and open source multimedia communication library writt ...	bullseye
	CVE-2022-24792	PJSIP is a free and open source multimedia communication library writt ...	bullseye
	CVE-2023-38703	PJSIP is a free and open source multimedia communication library writt ...	bookworm, bullseye
roundcube	CVE-2024-57004	Cross-Site Scripting (XSS) vulnerability in Roundcube Webmail 1.6.9 al ...	bookworm, bullseye, sid, trixie
rpm	CVE-2010-2198	lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadat ...	bookworm, bullseye, sid, trixie
	CVE-2010-2199	lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadat ...	bookworm, bullseye, sid, trixie
	CVE-2017-7500	It was found that rpm did not properly handle RPM installations when a ...	bookworm, bullseye, sid, trixie
	CVE-2017-7501	It was found that versions of rpm before 4.13.0.2 use temporary files ...	bookworm, bullseye, sid, trixie
rsyslog	CVE-2015-3243	rsyslog uses weak permissions for generating log files, which allows l ...	bookworm, bullseye, sid, trixie
rtv	CVE-2017-17516	scripts/inspect_webbrowser.py in Reddit Terminal Viewer (RTV) 1.19.0 d ...	bookworm, bullseye
ruamel.yaml	CVE-2019-20478	In ruamel.yaml through 0.16.7, the load method allows remote code exec ...	bookworm, bullseye, sid, trixie
ruby-handlebars-assets	TEMP-0000000-345A3B	handlebars: quoteless attributes in templates can lead to content injection	bookworm, bullseye
ruby-nokogiri	CVE-2022-29181	Nokogiri is an open source XML and HTML library for Ruby. Nokogiri pri ...	bullseye
ruby-oauth	CVE-2016-11086	lib/oauth/consumer.rb in the oauth-ruby gem through 0.5.4 for Ruby doe ...	bookworm, bullseye, sid, trixie
rust-failure	CVE-2020-25575	An issue was discovered in the failure crate through 0.1.5 for Rust. I ...	bookworm, bullseye
rustc	CVE-2021-42574	An issue was discovered in the Bidirectional Algorithm in the Unicode ...	bullseye
samba	CVE-2020-27840	A flaw was found in samba. Spaces used in a string around a domain nam ...	bullseye
	CVE-2021-20277	A flaw was found in Samba's libldb. Multiple, consecutive leading spac ...	bullseye
sane-backends	CVE-2023-46047	An issue in Sane 1.2.1 allows a local attacker to execute arbitrary co ...	bookworm, bullseye, sid, trixie
	CVE-2023-46052	Sane 1.2.1 heap bounds overwrite in init_options() from backend/test.c ...	bookworm, bullseye, sid, trixie
schism	CVE-2021-32419	An issue in Schism Tracker v20200412 fixed in v.20200412 allows attack ...	bullseye
scikit-learn	CVE-2020-13092	scikit-learn (aka sklearn) through 0.23.0 can unserialize and execute ...	bookworm, bullseye, sid, trixie
	CVE-2024-5206	A sensitive data leakage vulnerability was identified in scikit-learn' ...	bookworm, bullseye, sid, trixie
scilab	CVE-2019-20005	An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...	bookworm, bullseye, sid, trixie
	CVE-2019-20006	An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...	bookworm, bullseye, sid, trixie
	CVE-2019-20007	An issue was discovered in ezXML 0.8.2 through 0.8.6. The function ezx ...	bookworm, bullseye, sid, trixie
	CVE-2019-20198	An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...	bookworm, bullseye, sid, trixie
	CVE-2019-20199	An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...	bookworm, bullseye, sid, trixie
	CVE-2019-20200	An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...	bookworm, bullseye, sid, trixie
	CVE-2019-20201	An issue was discovered in ezXML 0.8.3 through 0.8.6. The ezxml_parse_ ...	bookworm, bullseye, sid, trixie
	CVE-2019-20202	An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...	bookworm, bullseye, sid, trixie
	CVE-2021-26220	The ezxml_toxml function in ezxml 0.8.6 and earlier is vulnerable to O ...	bookworm, bullseye, sid, trixie
	CVE-2021-26221	The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB ...	bookworm, bullseye, sid, trixie
	CVE-2021-26222	The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB ...	bookworm, bullseye, sid, trixie
	CVE-2021-30485	An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ...	bookworm, bullseye, sid, trixie
	CVE-2021-31229	An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ...	bookworm, bullseye, sid, trixie
	CVE-2021-31347	An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ...	bookworm, bullseye, sid, trixie
	CVE-2021-31348	An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ...	bookworm, bullseye, sid, trixie
	CVE-2021-31598	An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ...	bookworm, bullseye, sid, trixie
	CVE-2022-30045	An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ...	bookworm, bullseye, sid, trixie
screen	CVE-2023-24626	socket.c in GNU Screen through 4.9.0, when installed setuid or setgid ...	bookworm, bullseye
	CVE-2025-46802	For a short time they PTY is set to mode 666, allowing any user on the ...	bookworm, bullseye
	CVE-2025-46804	A minor information leak when running Screen with setuid-root privileg ...	bookworm, bullseye
	CVE-2025-46805	Screen version 5.0.0 and older version 4 releases have a TOCTOU race ...	bookworm, bullseye
scummvm	CVE-2017-17528	backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not valida ...	bookworm, bullseye, sid, trixie
sdop	CVE-2024-41881	SDoP versions prior to 1.11 fails to handle appropriately some paramet ...	bookworm, bullseye, sid, trixie
seahorse	CVE-2008-7320	GNOME Seahorse through 3.30 allows physically proximate attackers to r ...	bookworm, bullseye, sid, trixie
shadow	CVE-2007-5686	initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ...	bookworm, bullseye, sid, trixie
	CVE-2013-4235	shadow: TOCTOU (time-of-check time-of-use) race condition when copying ...	bullseye
	TEMP-0628843-DBAD28	more related to CVE-2005-4890	bookworm, bullseye, sid, trixie
shadowsocks-libev	CVE-2019-5152	An exploitable information disclosure vulnerability exists in the netw ...	bookworm, bullseye, sid, trixie
sharutils	TEMP-0000000-95CBBF	uudecode: stack out of bounds read access	bookworm, bullseye, sid, trixie
shibboleth-sp	CVE-2019-19191	Shibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file ...	bookworm, bullseye, sid, trixie
singular	CVE-2022-40299	In Singular before 4.3.1, a predictable /tmp pathname is used (e.g., b ...	bookworm, bullseye, sid, trixie
sipcrack	CVE-2017-11654	An out-of-bounds read and write flaw was found in the way SIPcrack 0.2 ...	bookworm, bullseye, sid, trixie
	CVE-2017-11655	A memory leak was found in the way SIPcrack 0.2 handled processing of ...	bookworm, bullseye, sid, trixie
slang2	CVE-2023-45927	S-Lang 2.3.2 was discovered to contain an arithmetic exception via the ...	bookworm, bullseye, sid, trixie
	CVE-2023-45929	S-Lang 2.3.2 was discovered to contain a segmentation fault via the fu ...	bookworm, bullseye, sid, trixie
sleuthkit	CVE-2018-11737	An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from rel ...	bookworm, bullseye, sid, trixie
	CVE-2018-11738	An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from rel ...	bookworm, bullseye, sid, trixie
	CVE-2018-11739	An issue was discovered in libtskimg.a in The Sleuth Kit (TSK) from re ...	bookworm, bullseye, sid, trixie
	CVE-2018-11740	An issue was discovered in libtskbase.a in The Sleuth Kit (TSK) from r ...	bookworm, bullseye, sid, trixie
	CVE-2019-14531	An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an out ...	bookworm, bullseye, sid, trixie
	CVE-2019-14532	An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an off ...	bookworm, bullseye, sid, trixie
	CVE-2020-10233	In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a heap- ...	bookworm, bullseye, sid, trixie
slic3r	CVE-2020-28590	An out-of-bounds read vulnerability exists in the Obj File TriangleMes ...	bookworm, bullseye, sid
	CVE-2021-44961	A memory leakage flaw exists in the class PerimeterGenerator of Slic3r ...	bookworm, bullseye, sid
	CVE-2021-44962	An out-of-bounds read vulnerability exists in the GCode::extrude() fun ...	bookworm, bullseye, sid
	CVE-2021-45846	A flaw in the AMF parser of Slic3r libslic3r 1.3.0 allows an attacker ...	bookworm, bullseye, sid
	CVE-2021-45847	Several missing input validations in the 3MF parser component of Slic3 ...	bookworm, bullseye, sid
slim	TEMP-0537604-F35BD7	insecure tmp file vulnerability in slim	bookworm, bullseye, sid, trixie
snakeyaml	CVE-2022-1471	SnakeYaml's Constructor() class does not restrict types which can be i ...	bookworm, bullseye, sid, trixie
	CVE-2022-38752	Using snakeYAML to parse untrusted YAML files may be vulnerable to Den ...	bullseye
	CVE-2022-41854	Those using Snakeyaml to parse untrusted YAML files may be vulnerable ...	bullseye
sngrep	CVE-2023-31981	Sngrep v1.6.0 was discovered to contain a stack buffer overflow via th ...	bookworm, bullseye
	CVE-2023-31982	Sngrep v1.6.0 was discovered to contain a heap buffer overflow via the ...	bookworm, bullseye
	CVE-2023-36192	Sngrep v1.6.0 was discovered to contain a heap buffer overflow via the ...	bookworm, bullseye
	CVE-2024-35434	Irontec Sngrep v1.8.1 was discovered to contain a heap buffer overflow ...	bookworm, bullseye, sid, trixie
socat	CVE-2024-54661	readline.sh in socat before1.8.0.2 relies on the /tmp/$USER/stderr2 fi ...	bookworm, bullseye
software-properties	CVE-2020-15709	Versions of add-apt-repository before 0.98.9.2, 0.96.24.32.14, 0.96.20 ...	bookworm, bullseye, sid
sosreport	CVE-2014-0246	SOSreport stores the md5 hash of the GRUB bootloader password in an ar ...	bookworm, bullseye
spice-gtk	CVE-2016-3066	The spice-gtk widget allows remote authenticated users to obtain infor ...	bookworm, bullseye, sid, trixie
sql-ledger	CVE-2007-0667	The redirect function in Form.pm for (1) LedgerSMB before 1.1.5 and (2 ...	bookworm, bullseye, sid, trixie
	CVE-2007-1329	Directory traversal vulnerability in SQL-Ledger, and LedgerSMB before ...	bookworm, bullseye, sid, trixie
	CVE-2007-1923	(1) LedgerSMB and (2) DWS Systems SQL-Ledger implement access control ...	bookworm, bullseye, sid, trixie
	CVE-2007-5372	Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 through ...	bookworm, bullseye, sid, trixie
	CVE-2008-4077	The CGI scripts in (1) LedgerSMB (LSMB) before 1.2.15 and (2) SQL-Ledg ...	bookworm, bullseye, sid, trixie
	CVE-2008-4078	SQL injection vulnerability in the AR/AP transaction report in (1) Led ...	bookworm, bullseye, sid, trixie
	CVE-2009-3580	Cross-site request forgery (CSRF) vulnerability in am.pl in SQL-Ledger ...	bookworm, bullseye, sid, trixie
	CVE-2009-3581	Multiple cross-site scripting (XSS) vulnerabilities in SQL-Ledger 2.8. ...	bookworm, bullseye, sid, trixie
	CVE-2009-3582	Multiple SQL injection vulnerabilities in the delete subroutine in SQL ...	bookworm, bullseye, sid, trixie
	CVE-2009-3583	Directory traversal vulnerability in the Preferences menu item in SQL- ...	bookworm, bullseye, sid, trixie
	CVE-2009-3584	SQL-Ledger 2.8.24 does not set the secure flag for the session cookie ...	bookworm, bullseye, sid, trixie
	CVE-2009-4402	The default configuration of SQL-Ledger 2.8.24 allows remote attackers ...	bookworm, bullseye, sid, trixie
sqlite3	CVE-2021-45346	A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 an ...	bookworm, bullseye, sid, trixie
	CVE-2022-35737	SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-b ...	bullseye
sqlitedict	CVE-2024-35515	Insecure deserialization in sqlitedict up to v2.1.0 allows attackers t ...	bookworm, sid, trixie
sqliteodbc	CVE-2020-12050	SQLiteODBC 0.9996, as packaged for certain Linux distributions as 0.99 ...	bookworm, bullseye, sid, trixie
squid	CVE-2019-12522	An issue was discovered in Squid through 4.7. When Squid is run as roo ...	bookworm, bullseye, sid, trixie
ssmtp	CVE-2004-0423	The log_event function in ssmtp 2.50.6 and earlier allows local users ...	bookworm, bullseye, sid, trixie
	CVE-2008-7258	The standardise function in Anibal Monsalve Salazar sSMTP 2.61 and 2.6 ...	bookworm, bullseye, sid, trixie
stalin	CVE-2015-8697	stalin 0.11-5 allows local users to write to arbitrary files.	bookworm, bullseye, sid, trixie
strongswan	CVE-2018-5389	The Internet Key Exchange v1 main mode is vulnerable to offline dictio ...	bookworm, bullseye, sid, trixie
sudo	CVE-2005-1119	Sudo VISudo 1.6.8 and earlier allows local users to corrupt arbitrary ...	bookworm, bullseye, sid, trixie
	CVE-2022-43995	Sudo 1.8.0 through 1.9.12, with the crypt() password backend, contains ...	bullseye
supervisor	CVE-2019-12105	In Supervisor through 4.0.2, an unauthenticated user can read log file ...	bookworm, bullseye, sid, trixie
surf	CVE-2014-3566	The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other prod ...	bookworm, bullseye, sid, trixie
svgpp	CVE-2019-6245	An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SV ...	bookworm, bullseye, sid, trixie
	CVE-2019-6247	An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SV ...	bookworm, bullseye, sid, trixie
swfmill	CVE-2022-36140	SWFMill commit 53d7690 was discovered to contain a segmentation violat ...	bullseye
	CVE-2022-36141	SWFMill commit 53d7690 was discovered to contain a segmentation violat ...	bullseye
	CVE-2022-36142	SWFMill commit 53d7690 was discovered to contain a heap-buffer overflo ...	bullseye
	CVE-2022-36143	SWFMill commit 53d7690 was discovered to contain a heap-buffer overflo ...	bullseye
	CVE-2022-36145	SWFMill commit 53d7690 was discovered to contain a segmentation violat ...	bullseye
	CVE-2022-36146	SWFMill commit 53d7690 was discovered to contain a memory allocation i ...	bullseye
swi-prolog	CVE-2017-17524	library/www_browser.pl in SWI-Prolog 7.2.3 does not validate strings b ...	bookworm, bullseye, sid, trixie
sylpheed	CVE-2007-1267	Sylpheed 2.2.7 and earlier does not properly use the --status-fd argum ...	bookworm, bullseye, sid, trixie
	CVE-2017-17517	libsylph/utils.c in Sylpheed through 3.6 does not validate strings bef ...	bookworm, bullseye, sid, trixie
symfony	CVE-2024-36611	In Symfony v7.07, a security vulnerability was identified in the FormL ...	bookworm, bullseye, sid, trixie
systemd	CVE-2013-4392	systemd, when updating file permissions, allows local users to change ...	bookworm, bullseye, sid, trixie
	CVE-2020-13529	An exploitable denial-of-service vulnerability exists in Systemd 245. ...	bullseye
	CVE-2023-31437	An issue was discovered in systemd 253. An attacker can modify a seale ...	bookworm, bullseye, sid, trixie
	CVE-2023-31438	An issue was discovered in systemd 253. An attacker can truncate a sea ...	bookworm, bullseye, sid, trixie
	CVE-2023-31439	An issue was discovered in systemd 253. An attacker can modify the con ...	bookworm, bullseye, sid, trixie
sysvinit	TEMP-0517018-A83CE6	sysvinit: no-root option in expert installer exposes locally exploitable security flaw	bookworm, bullseye, sid, trixie
tar	CVE-2005-2541	Tar 1.15.1 does not properly warn the user when extracting setuid or s ...	bookworm, bullseye, sid, trixie
	TEMP-0290435-0B57B5	tar's rmt command may have undesired side effects	bookworm, bullseye, sid, trixie
tarantool	CVE-2025-6536	A vulnerability has been found in Tarantool up to 3.3.1 and classified ...	bookworm, bullseye, sid, trixie
tcc	CVE-2018-20374	An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. ...	bookworm, bullseye, sid, trixie
	CVE-2018-20375	An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. ...	bookworm, bullseye, sid, trixie
	CVE-2018-20376	An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. ...	bookworm, bullseye, sid, trixie
tcl8.6	CVE-2021-35331	In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow ...	bookworm, bullseye, sid, trixie
tcpdump	CVE-2018-19519	In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_p ...	bookworm, bullseye, sid, trixie
	CVE-2019-1010220	tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. T ...	bookworm, bullseye, sid, trixie
	CVE-2023-1801	The SMB protocol decoder in tcpdump version 4.99.3 can perform an out- ...	bookworm, bullseye
tcpreplay	CVE-2020-24265	An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap b ...	bullseye
	CVE-2020-24266	An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap b ...	bullseye
	CVE-2021-45386	tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c	bullseye
	CVE-2021-45387	tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c ...	bullseye
	CVE-2022-25484	tcpprep v4.4.1 has a reachable assertion (assert(l2len > 0)) in packet ...	bullseye
	CVE-2022-27416	Tcpreplay v4.4.1 was discovered to contain a double-free via __interce ...	bullseye
	CVE-2022-27418	Tcpreplay v4.4.1 has a heap-based buffer overflow in do_checksum_math ...	bullseye
	CVE-2022-27939	tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_ ...	bullseye
	CVE-2022-27940	tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get ...	bullseye
	CVE-2022-27941	tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get ...	bullseye
	CVE-2022-27942	tcpprep in Tcpreplay 4.4.1 has a heap-based buffer over-read in parse_ ...	bullseye
	CVE-2022-28487	Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_che ...	bullseye
	CVE-2022-37047	The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain ...	bullseye
	CVE-2022-37048	The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain ...	bullseye
	CVE-2022-37049	The component tcpprep in Tcpreplay v4.4.1 was discovered to contain a ...	bullseye
	CVE-2023-4256	Within tcpreplay's tcprewrite, a double free vulnerability has been id ...	bookworm, bullseye
	CVE-2023-27783	An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacke ...	bookworm, bullseye
	CVE-2023-27784	An issue found in TCPReplay v.4.4.3 allows a remote attacker to cause ...	bookworm, bullseye
	CVE-2023-27785	An issue found in TCPreplay TCPprep v.4.4.3 allows a remote attacker t ...	bookworm, bullseye
	CVE-2023-27786	An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a ...	bookworm, bullseye
	CVE-2023-27787	An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a ...	bookworm, bullseye
	CVE-2023-27788	An issue found in TCPrewrite v.4.4.3 allows a remote attacker to cause ...	bookworm, bullseye
	CVE-2023-27789	An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a ...	bookworm, bullseye
	CVE-2023-43279	Null Pointer Dereference in mask_cidr6 component at cidr.c in Tcprepla ...	bookworm, bullseye
	CVE-2024-3024	A vulnerability was found in appneta tcpreplay up to 4.4.4. It has bee ...	bookworm, bullseye, sid, trixie
	CVE-2024-22654	tcpreplay v4.4.4 was discovered to contain an infinite loop via the tc ...	bookworm, bullseye
telegram-desktop	CVE-2018-17231	Telegram Desktop (aka tdesktop) 1.3.14 might allow attackers to cause ...	bookworm, bullseye, sid
	CVE-2018-17613	Telegram Desktop (aka tdesktop) 1.3.16 alpha, when "Use proxy" is enab ...	bookworm, bullseye, sid
texlive-base	CVE-2017-17513	TeX Live through 20170524 does not validate strings before launching t ...	bookworm, bullseye, sid, trixie, bookworm, bullseye, sid, trixie
texlive-bin	CVE-2019-19601	OpenDetex 2.8.5 has a Buffer Overflow in TexOpen in detex.l because of ...	bookworm, bullseye, sid, trixie
	CVE-2022-33047	OTFCC v0.10.4 was discovered to contain a heap buffer overflow after f ...	bookworm, sid, trixie
	CVE-2022-35021	OTFCC commit 617837b was discovered to contain a global buffer overflo ...	bookworm, sid, trixie
	CVE-2022-35022	OTFCC commit 617837b was discovered to contain a segmentation violatio ...	bookworm, sid, trixie
	CVE-2022-35023	OTFCC commit 617837b was discovered to contain a segmentation violatio ...	bookworm, sid, trixie
	CVE-2022-35024	OTFCC commit 617837b was discovered to contain a segmentation violatio ...	bookworm, sid, trixie
	CVE-2022-35025	OTFCC commit 617837b was discovered to contain a segmentation violatio ...	bookworm, sid, trixie
	CVE-2022-35026	OTFCC commit 617837b was discovered to contain a segmentation violatio ...	bookworm, sid, trixie
	CVE-2022-35027	OTFCC commit 617837b was discovered to contain a segmentation violatio ...	bookworm, sid, trixie
	CVE-2022-35028	OTFCC commit 617837b was discovered to contain a segmentation violatio ...	bookworm, sid, trixie
	CVE-2022-35029	OTFCC commit 617837b was discovered to contain a segmentation violatio ...	bookworm, sid, trixie
	CVE-2022-35030	OTFCC commit 617837b was discovered to contain a segmentation violatio ...	bookworm, sid, trixie
	CVE-2022-35031	OTFCC commit 617837b was discovered to contain a segmentation violatio ...	bookworm, sid, trixie
	CVE-2022-35032	OTFCC commit 617837b was discovered to contain a segmentation violatio ...	bookworm, sid, trixie
	CVE-2022-35034	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35035	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35036	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35037	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35038	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35039	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35040	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35041	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35042	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35043	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35044	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35045	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35046	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35047	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35048	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35049	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35050	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35051	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35052	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35053	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35054	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35055	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35056	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35058	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35059	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35060	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35061	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35062	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35063	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35064	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35065	OTFCC commit 617837b was discovered to contain a segmentation violatio ...	bookworm, sid, trixie
	CVE-2022-35066	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35067	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35068	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35069	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35070	OTFCC commit 617837b was discovered to contain a heap buffer overflow ...	bookworm, sid, trixie
	CVE-2022-35447	OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...	bookworm, sid, trixie
	CVE-2022-35448	OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...	bookworm, sid, trixie
	CVE-2022-35449	OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...	bookworm, sid, trixie
	CVE-2022-35450	OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...	bookworm, sid, trixie
	CVE-2022-35451	OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...	bookworm, sid, trixie
	CVE-2022-35452	OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...	bookworm, sid, trixie
	CVE-2022-35453	OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...	bookworm, sid, trixie
	CVE-2022-35454	OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...	bookworm, sid, trixie
	CVE-2022-35455	OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...	bookworm, sid, trixie
	CVE-2022-35456	OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...	bookworm, sid, trixie
	CVE-2022-35458	OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...	bookworm, sid, trixie
	CVE-2022-35459	OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...	bookworm, sid, trixie
	CVE-2022-35460	OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...	bookworm, sid, trixie
	CVE-2022-35461	OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...	bookworm, sid, trixie
	CVE-2022-35462	OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...	bookworm, sid, trixie
	CVE-2022-35463	OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...	bookworm, sid, trixie
	CVE-2022-35464	OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...	bookworm, sid, trixie
	CVE-2022-35465	OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...	bookworm, sid, trixie
	CVE-2022-35466	OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...	bookworm, sid, trixie
	CVE-2022-35467	OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...	bookworm, sid, trixie
	CVE-2022-35468	OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...	bookworm, sid, trixie
	CVE-2022-35469	OTFCC v0.10.4 was discovered to contain a segmentation violation via / ...	bookworm, sid, trixie
	CVE-2022-35470	OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...	bookworm, sid, trixie
	CVE-2022-35471	OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...	bookworm, sid, trixie
	CVE-2022-35472	OTFCC v0.10.4 was discovered to contain a global overflow via /release ...	bookworm, sid, trixie
	CVE-2022-35473	OTFCC v0.10.4 was discovered to contain a segmentation violation via / ...	bookworm, sid, trixie
	CVE-2022-35474	OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...	bookworm, sid, trixie
	CVE-2022-35475	OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...	bookworm, sid, trixie
	CVE-2022-35476	OTFCC v0.10.4 was discovered to contain a segmentation violation via / ...	bookworm, sid, trixie
	CVE-2022-35477	OTFCC v0.10.4 was discovered to contain a segmentation violation via / ...	bookworm, sid, trixie
	CVE-2022-35478	OTFCC v0.10.4 was discovered to contain a segmentation violation via / ...	bookworm, sid, trixie
	CVE-2022-35479	OTFCC v0.10.4 was discovered to contain a segmentation violation via / ...	bookworm, sid, trixie
	CVE-2022-35481	OTFCC v0.10.4 was discovered to contain a segmentation violation via / ...	bookworm, sid, trixie
	CVE-2022-35482	OTFCC v0.10.4 was discovered to contain a segmentation violation via / ...	bookworm, sid, trixie
	CVE-2022-35483	OTFCC v0.10.4 was discovered to contain a segmentation violation via / ...	bookworm, sid, trixie
	CVE-2022-35484	OTFCC v0.10.4 was discovered to contain a segmentation violation via / ...	bookworm, sid, trixie
	CVE-2022-35485	OTFCC v0.10.4 was discovered to contain a segmentation violation via / ...	bookworm, sid, trixie
	CVE-2022-35486	OTFCC v0.10.4 was discovered to contain a segmentation violation via / ...	bookworm, sid, trixie
	CVE-2023-46048	Tex Live 944e257 has a NULL pointer dereference in texk/web2c/pdftexdi ...	bookworm, bullseye, sid, trixie
	CVE-2023-46051	TeX Live 944e257 allows a NULL pointer dereference in texk/web2c/pdfte ...	bookworm, bullseye, sid, trixie
thunar	CVE-2018-18398	Xfce Thunar 1.6.15, when Xfce 4.12 is used, mishandles the IBus-Unikey ...	bookworm, bullseye, sid, trixie
	TEMP-0517020-915121	thunar: potential exploits via application launchers	bookworm, bullseye, sid, trixie
tiff	CVE-2017-5563	LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read i ...	bookworm, bullseye, sid, trixie
	CVE-2017-9117	In LibTIFF 4.0.6 and possibly other versions, the program processes BM ...	bookworm, bullseye, sid, trixie
	CVE-2017-16232	LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow at ...	bookworm, bullseye, sid, trixie
	CVE-2017-17973	In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writ ...	bookworm, bullseye, sid, trixie
	CVE-2018-10126	ijg-libjpeg before 9d, as used in tiff2pdf (from LibTIFF) and other pr ...	bookworm, bullseye, sid, trixie
	CVE-2022-1056	Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers ...	bullseye
	CVE-2022-1210	A vulnerability classified as problematic was found in LibTIFF 4.3.0. ...	bookworm, bullseye, sid, trixie
	CVE-2023-1916	A flaw was found in tiffcrop, a program distributed by the libtiff pac ...	bookworm, bullseye, sid, trixie
	CVE-2023-3164	A heap-buffer-overflow vulnerability was found in LibTIFF, in extractI ...	bookworm, bullseye, sid, trixie
	CVE-2023-6228	An issue was found in the tiffcp utility distributed by the libtiff pa ...	bookworm, bullseye, sid, trixie
	CVE-2023-30775	A vulnerability was found in the libtiff library. This security flaw c ...	bullseye
tiles	CVE-2023-49735	UNSUPPORTED WHEN ASSIGNED The value set as the DefaultLocaleRes ...	bookworm, bullseye, sid, trixie
timidity	CVE-2017-11549	The play_midi function in playmidi.c in TiMidity++ 2.14.0 allows remot ...	bookworm, bullseye, sid, trixie
tin	CVE-2017-17520	tools/url_handler.pl in TIN 2.4.1 does not validate strings before lau ...	bookworm, bullseye, sid, trixie
tinyexr	CVE-2018-12687	tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h ...	bookworm, bullseye, sid, trixie
tinymux	CVE-2007-1959	Unspecified vulnerability in the process_cmdent function in command.cp ...	bookworm, bullseye, sid, trixie
tinyssh	CVE-2023-48795	The SSH transport protocol with certain OpenSSH extensions, found in O ...	bookworm, bullseye
tinyxml2	CVE-2018-11210	TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::P ...	bookworm, bullseye, sid, trixie
tomcat9	CVE-2022-34305	In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 ...	bullseye
tor	CVE-2006-6893	Tor allows remote attackers to discover the IP address of a hidden ser ...	bookworm, bullseye, sid, trixie
	CVE-2007-1103	Tor does not verify a node's uptime and bandwidth advertisements, whic ...	bookworm, bullseye, sid, trixie
	CVE-2009-0654	Tor 0.2.0.28, and probably 0.2.0.34 and earlier, allows remote attacke ...	bookworm, bullseye, sid, trixie
	CVE-2020-8516	The daemon in Tor through 0.4.1.8 and 0.4.2.x through 0.4.2.6 does not ...	bookworm, bullseye, sid, trixie
triplea	CVE-2018-1000546	Triplea version <= 1.9.0.0.10291 contains a XML External Entity (XXE) ...	bookworm, bullseye, sid, trixie
trousers	CVE-2020-24330	An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon ...	bullseye
	CVE-2020-24331	An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon ...	bullseye
	CVE-2020-24332	An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon ...	bullseye
u-boot	CVE-2017-3225	Das U-Boot is a device bootloader that can read its configuration from ...	bookworm, bullseye, sid, trixie
	CVE-2017-3226	Das U-Boot is a device bootloader that can read its configuration from ...	bookworm, bullseye, sid, trixie
	CVE-2018-18439	DENX U-Boot through 2018.09-rc1 has a remotely exploitable buffer over ...	bookworm, bullseye, sid, trixie
	CVE-2018-18440	DENX U-Boot through 2018.09-rc1 has a locally exploitable buffer overf ...	bookworm, bullseye, sid, trixie
	CVE-2018-1000205	U-Boot contains a CWE-20: Improper Input Validation vulnerability in V ...	bookworm, bullseye, sid, trixie
uclibc	CVE-2017-9728	In uClibc 0.9.33.2, there is an out-of-bounds read in the get_subexp f ...	bookworm, bullseye, sid, trixie
	CVE-2017-9729	In uClibc 0.9.33.2, there is stack exhaustion (uncontrolled recursion) ...	bookworm, bullseye, sid, trixie
	CVE-2021-27419	uClibc-ng versions prior to 1.0.37 are vulnerable to integer wrap-arou ...	bookworm, bullseye, sid, trixie
	CVE-2021-43523	In uClibc and uClibc-ng before 1.0.39, incorrect handling of special c ...	bookworm, bullseye, sid, trixie
	CVE-2022-29503	A memory corruption vulnerability exists in the libpthread linuxthread ...	bookworm, bullseye, sid, trixie
	CVE-2022-30295	uClibc-ng through 1.0.40 and uClibc through 0.9.33.2 use predictable D ...	bookworm, bullseye, sid, trixie
uglify-js	CVE-2022-37598	Prototype pollution vulnerability in function DEFNODE in ast.js in mis ...	bookworm, bullseye, sid, trixie, bullseye, sid, trixie
unbound	CVE-2024-43167	DISPUTE NOTE: this issue does not pose a security risk as it (accordin ...	bookworm
	CVE-2024-43168	DISPUTE NOTE: this issue does not pose a security risk as it (accordin ...	bookworm
unixodbc	CVE-2024-1013	An out-of-bounds stack write flaw was found in unixODBC on 64-bit arch ...	bookworm, bullseye, sid, trixie
unrar-free	CVE-2017-11190	unrarlib.c in unrar-free 0.0.1, when _DEBUG_LOG mode is enabled, might ...	bullseye
unzip	CVE-2021-4217	A flaw was found in unzip. The vulnerability occurs due to improper ha ...	bookworm, bullseye, sid, trixie
upx-ucl	CVE-2020-24119	A heap buffer overflow read was discovered in upx 4.0.0, because the c ...	bullseye
	CVE-2020-27796	A heap-based buffer over-read was discovered in the invert_pt_dynamic ...	bullseye
	CVE-2020-27797	An invalid memory address reference was discovered in the elf_lookup f ...	bullseye
	CVE-2020-27798	An invalid memory address reference was discovered in the adjABS funct ...	bullseye
	CVE-2020-27799	A heap-based buffer over-read was discovered in the acc_ua_get_be32 fu ...	bullseye
	CVE-2020-27800	A heap-based buffer over-read was discovered in the get_le32 function ...	bullseye
	CVE-2020-27801	A heap-based buffer over-read was discovered in the get_le64 function ...	bullseye
	CVE-2020-27802	An floating point exception was discovered in the elf_lookup function ...	bullseye
	CVE-2021-20285	A flaw was found in upx canPack in p_lx_elf.cpp in UPX 3.96. This flaw ...	bullseye
	CVE-2021-30500	Null pointer dereference was found in upx PackLinuxElf::canUnpack() in ...	bullseye
	CVE-2021-30501	An assertion abort was found in upx MemBuffer::alloc() in mem.cpp, in ...	bullseye
	CVE-2021-43311	A heap-based buffer overflow was discovered in upx, during the generic ...	bullseye
	CVE-2021-43312	A heap-based buffer overflow was discovered in upx, during the variabl ...	bullseye
	CVE-2021-43313	A heap-based buffer overflow was discovered in upx, during the variabl ...	bullseye
	CVE-2021-43314	A heap-based buffer overflows was discovered in upx, during the generi ...	bullseye
	CVE-2021-43315	A heap-based buffer overflows was discovered in upx, during the generi ...	bullseye
	CVE-2021-43316	A heap-based buffer overflow was discovered in upx, during the generic ...	bullseye
	CVE-2021-43317	A heap-based buffer overflows was discovered in upx, during the generi ...	bullseye
	CVE-2021-46179	Reachable Assertion vulnerability in upx before 4.0.0 allows attackers ...	bullseye
	CVE-2023-23457	A Segmentation fault was found in UPX in PackLinuxElf64::invert_pt_dyn ...	bullseye
	CVE-2024-3209	A vulnerability was found in UPX up to 4.2.2. It has been rated as cri ...	bullseye
util-linux	CVE-2022-0563	A flaw was found in the util-linux chfn and chsh utilities when compil ...	bookworm, bullseye, sid, trixie
uwsgi	CVE-2020-11984	Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure an ...	bookworm, bullseye, sid, trixie
	CVE-2021-36160	A carefully crafted request uri-path can cause mod_proxy_uwsgi to read ...	bookworm, bullseye, sid, trixie
	CVE-2024-24795	HTTP Response splitting in multiple modules in Apache HTTP Server allo ...	bookworm, bullseye, sid, trixie
v4l2loopback	CVE-2022-2652	Depending on the way the format strings in the card label are crafted ...	bullseye
varnish	CVE-2009-4488	Varnish 2.0.6 writes data to a log file without sanitizing non-printab ...	bookworm, bullseye, sid, trixie
vim	CVE-2008-4677	autoload/netrw.vim (aka the Netrw Plugin) 109, 131, and other versions ...	bookworm, bullseye, sid, trixie
	CVE-2017-1000382	VIM version 8.0.1187 (and other versions most likely) ignores umask wh ...	bookworm, bullseye, sid, trixie
	CVE-2021-3903	vim is vulnerable to Heap-based Buffer Overflow	bullseye
	CVE-2021-3927	vim is vulnerable to Heap-based Buffer Overflow	bullseye
	CVE-2021-3928	vim is vulnerable to Use of Uninitialized Variable	bullseye
	CVE-2021-3968	vim is vulnerable to Heap-based Buffer Overflow	bullseye
	CVE-2021-3973	vim is vulnerable to Heap-based Buffer Overflow	bullseye
	CVE-2021-3974	vim is vulnerable to Use After Free	bullseye
	CVE-2021-3984	vim is vulnerable to Heap-based Buffer Overflow	bullseye
	CVE-2021-4069	vim is vulnerable to Use After Free	bullseye
	CVE-2021-4136	vim is vulnerable to Heap-based Buffer Overflow	bullseye
	CVE-2021-4166	vim is vulnerable to Out-of-bounds Read	bullseye
	CVE-2021-4192	vim is vulnerable to Use After Free	bullseye
	CVE-2021-4193	vim is vulnerable to Out-of-bounds Read	bullseye
	CVE-2022-0156	vim is vulnerable to Use After Free	bullseye
	CVE-2022-0158	vim is vulnerable to Heap-based Buffer Overflow	bullseye
	CVE-2022-0213	vim is vulnerable to Heap-based Buffer Overflow	bullseye
	CVE-2022-0318	Heap-based Buffer Overflow in vim/vim prior to 8.2.	bullseye
	CVE-2022-0319	Out-of-bounds Read in vim/vim prior to 8.2.	bullseye
	CVE-2022-0368	Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.	bullseye
	CVE-2022-0393	Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.	bullseye
	CVE-2022-0407	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.	bullseye
	CVE-2022-0408	Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.	bullseye
	CVE-2022-0413	Use After Free in GitHub repository vim/vim prior to 8.2.	bullseye
	CVE-2022-0443	Use After Free in GitHub repository vim/vim prior to 8.2.	bullseye
	CVE-2022-0554	Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior ...	bullseye
	CVE-2022-0629	Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.	bullseye
	CVE-2022-0685	Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior ...	bullseye
	CVE-2022-0696	NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.442 ...	bullseye
	CVE-2022-0714	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4 ...	bullseye
	CVE-2022-0729	Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior ...	bullseye
	CVE-2022-0943	Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim ...	bullseye
	CVE-2022-1154	Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8 ...	bullseye
	CVE-2022-1420	Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior ...	bullseye
	CVE-2022-1619	Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub r ...	bullseye
	CVE-2022-1620	NULL Pointer Dereference in function vim_regexec_string at regexp.c:27 ...	bullseye
	CVE-2022-1621	Heap buffer overflow in vim_strncpy find_word in GitHub repository vim ...	bullseye
	CVE-2022-1629	Buffer Over-read in function find_next_quote in GitHub repository vim/ ...	bullseye
	CVE-2022-1674	NULL Pointer Dereference in function vim_regexec_string at regexp.c:27 ...	bullseye
	CVE-2022-1720	Buffer Over-read in function grab_file_name in GitHub repository vim/v ...	bullseye
	CVE-2022-1725	NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.495 ...	bullseye
	CVE-2022-1733	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4 ...	bullseye
	CVE-2022-1735	Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969 ...	bullseye
	CVE-2022-1769	Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974.	bullseye
	CVE-2022-1771	Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975.	bullseye
	CVE-2022-1796	Use After Free in GitHub repository vim/vim prior to 8.2.4979.	bullseye
	CVE-2022-1851	Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.	bullseye
	CVE-2022-1886	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.	bullseye
	CVE-2022-1898	Use After Free in GitHub repository vim/vim prior to 8.2.	bullseye
	CVE-2022-1927	Buffer Over-read in GitHub repository vim/vim prior to 8.2.	bullseye
	CVE-2022-1968	Use After Free in GitHub repository vim/vim prior to 8.2.	bullseye
	CVE-2022-2042	Use After Free in GitHub repository vim/vim prior to 8.2.	bullseye
	CVE-2022-2124	Buffer Over-read in GitHub repository vim/vim prior to 8.2.	bullseye
	CVE-2022-2125	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.	bullseye
	CVE-2022-2126	Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.	bullseye
	CVE-2022-2175	Buffer Over-read in GitHub repository vim/vim prior to 8.2.	bullseye
	CVE-2022-2182	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.	bullseye
	CVE-2022-2183	Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.	bullseye
	CVE-2022-2206	Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.	bullseye
	CVE-2022-2207	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.	bullseye
	CVE-2022-2208	NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.516 ...	bullseye
	CVE-2022-2210	Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.	bullseye
	CVE-2022-2231	NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.	bullseye
	CVE-2022-2257	Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.	bullseye
	CVE-2022-2264	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.	bullseye
	CVE-2022-2284	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.	bullseye
	CVE-2022-2285	Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9 ...	bullseye
	CVE-2022-2286	Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.	bullseye
	CVE-2022-2287	Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.	bullseye
	CVE-2022-2289	Use After Free in GitHub repository vim/vim prior to 9.0.	bullseye
	CVE-2022-2343	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ...	bullseye
	CVE-2022-2344	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ...	bullseye
	CVE-2022-2345	Use After Free in GitHub repository vim/vim prior to 9.0.0046.	bullseye
	CVE-2022-2522	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ...	bullseye
	CVE-2022-2571	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ...	bullseye
	CVE-2022-2581	Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0104.	bullseye
	CVE-2022-2598	Out-of-bounds Write to API in GitHub repository vim/vim prior to 9.0.0 ...	bullseye
	CVE-2022-2816	Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0212.	bullseye
	CVE-2022-2817	Use After Free in GitHub repository vim/vim prior to 9.0.0213.	bullseye
	CVE-2022-2819	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ...	bullseye
	CVE-2022-2845	Improper Validation of Specified Quantity in Input in GitHub repositor ...	bullseye
	CVE-2022-2849	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ...	bullseye
	CVE-2022-2862	Use After Free in GitHub repository vim/vim prior to 9.0.0221.	bullseye
	CVE-2022-2874	NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.022 ...	bullseye
	CVE-2022-2889	Use After Free in GitHub repository vim/vim prior to 9.0.0225.	bullseye
	CVE-2022-2923	NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.024 ...	bullseye
	CVE-2022-2946	Use After Free in GitHub repository vim/vim prior to 9.0.0246.	bullseye
	CVE-2022-2980	NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.025 ...	bullseye
	CVE-2022-2982	Use After Free in GitHub repository vim/vim prior to 9.0.0260.	bullseye
	CVE-2022-3016	Use After Free in GitHub repository vim/vim prior to 9.0.0286.	bullseye
	CVE-2022-3037	Use After Free in GitHub repository vim/vim prior to 9.0.0322.	bullseye
	CVE-2022-3153	NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.040 ...	bullseye
	CVE-2022-3234	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ...	bullseye
	CVE-2022-3235	Use After Free in GitHub repository vim/vim prior to 9.0.0490.	bullseye
	CVE-2022-3256	Use After Free in GitHub repository vim/vim prior to 9.0.0530.	bullseye
	CVE-2022-3278	NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.055 ...	bullseye
	CVE-2022-3296	Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. ...	bullseye
	CVE-2022-3297	Use After Free in GitHub repository vim/vim prior to 9.0.0579.	bullseye
	CVE-2022-3352	Use After Free in GitHub repository vim/vim prior to 9.0.0614.	bullseye
	CVE-2022-3491	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ...	bullseye
	CVE-2022-3520	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ...	bullseye
	CVE-2022-3591	Use After Free in GitHub repository vim/vim prior to 9.0.0789.	bullseye
	CVE-2022-3705	A vulnerability was found in vim and classified as problematic. Affect ...	bullseye
	CVE-2022-4292	Use After Free in GitHub repository vim/vim prior to 9.0.0882.	bullseye
	CVE-2022-4293	Floating Point Comparison with Incorrect Operator in GitHub repository ...	bullseye
	CVE-2022-47024	A null pointer dereference issue was discovered in function gui_x11_cr ...	bullseye
	CVE-2023-0049	Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143.	bullseye
	CVE-2023-0051	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1 ...	bullseye
	CVE-2023-0288	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1 ...	bullseye
	CVE-2023-0433	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1 ...	bullseye
	CVE-2023-0512	Divide By Zero in GitHub repository vim/vim prior to 9.0.1247.	bullseye
	CVE-2023-1170	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1 ...	bullseye
	CVE-2023-1264	NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.139 ...	bookworm, bullseye
	CVE-2023-1355	NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.140 ...	bookworm, bullseye
	CVE-2023-2609	NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.153 ...	bookworm, bullseye
	CVE-2023-3896	Divide By Zero in vim/vim from9.0.1367-1 to9.0.1367-3	bookworm, bullseye
	CVE-2023-4733	Use After Free in GitHub repository vim/vim prior to 9.0.1840.	bookworm, bullseye
	CVE-2023-4734	Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9 ...	bookworm, bullseye
	CVE-2023-4735	Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847.	bookworm, bullseye
	CVE-2023-4750	Use After Free in GitHub repository vim/vim prior to 9.0.1857.	bookworm, bullseye
	CVE-2023-4751	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1 ...	bookworm, bullseye
	CVE-2023-5441	NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161a ...	bookworm, bullseye
	CVE-2023-5535	Use After Free in GitHub repository vim/vim prior to v9.0.2010.	bookworm, bullseye
	CVE-2023-46246	Vim is an improved version of the good old UNIX editor Vi. Heap-use-af ...	bookworm, bullseye
	CVE-2023-48231	Vim is an open source command line text editor. When closing a window, ...	bookworm, bullseye
	CVE-2023-48232	Vim is an open source command line text editor. A floating point excep ...	bookworm, bullseye
	CVE-2023-48233	Vim is an open source command line text editor. If the count after the ...	bookworm, bullseye
	CVE-2023-48234	Vim is an open source command line text editor. When getting the count ...	bookworm, bullseye
	CVE-2023-48235	Vim is an open source command line text editor. When parsing relative ...	bookworm, bullseye
	CVE-2023-48236	Vim is an open source command line text editor. When using the z= comm ...	bookworm, bullseye
	CVE-2023-48237	Vim is an open source command line text editor. In affected versions w ...	bookworm, bullseye
	CVE-2023-48706	Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-a ...	bookworm, bullseye
	CVE-2024-41957	Vim is an open source command line text editor. Vim < v9.1.0647 has do ...	bookworm, bullseye
	CVE-2024-41965	Vim is an open source command line text editor. double-free in dialog_ ...	bookworm, bullseye
	CVE-2024-43374	The UNIX editor Vim prior to version 9.1.0678 has a use-after-free err ...	bookworm, bullseye
	CVE-2024-43790	Vim is an open source command line text editor. When performing a sear ...	bookworm, bullseye
	CVE-2025-1215	A vulnerability classified as problematic was found in vim up to 9.1.1 ...	bookworm, bullseye
	CVE-2025-22134	When switching to other buffers using the :all command and visual mode ...	bookworm, bullseye
	CVE-2025-24014	Vim is an open source, command line text editor. A segmentation fault ...	bookworm, bullseye
	CVE-2025-26603	Vim is a greatly improved version of the good old UNIX editor Vi. Vim ...	bookworm, bullseye
vino	CVE-2011-1164	Vino before 2.99.4 can connect external networks contrary to the state ...	bookworm, bullseye
	CVE-2011-1165	Vino, possibly before 3.2, does not properly document that it opens po ...	bookworm, bullseye
vorbis-tools	CVE-2017-11331	The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 ...	bookworm, bullseye
	CVE-2023-43361	Buffer Overflow vulnerability in Vorbis-tools v.1.4.2 allows a local a ...	bookworm, bullseye
vte	CVE-2005-0023	gnome-pty-helper in GNOME libzvt2 and libvte4 allows local users to sp ...	bookworm, bullseye, sid, trixie
	CVE-2024-37535	GNOME VTE before 0.76.3 allows an attacker to cause a denial of servic ...	bookworm, bullseye, sid, trixie
w3m	CVE-2023-38252	An out-of-bounds read flaw was found in w3m, in the Strnew_size functi ...	bookworm, bullseye, sid, trixie
	CVE-2023-38253	An out-of-bounds read flaw was found in w3m, in the growbuf_to_Str fun ...	bookworm, bullseye, sid, trixie
	TEMP-0532514-9137E0	predictable random number generator used in web browsers	bookworm, bullseye, sid, trixie
wabt	CVE-2022-43280	wasm-interp v1.0.29 was discovered to contain an out-of-bounds read vi ...	bullseye
	CVE-2022-43281	wasm-interp v1.0.29 was discovered to contain a heap overflow via the ...	bullseye
	CVE-2022-43282	wasm-interp v1.0.29 was discovered to contain an out-of-bounds read vi ...	bullseye
	CVE-2022-43283	wasm2c v1.0.29 was discovered to contain an abort in CWriter::Write.	bullseye
	CVE-2023-27115	WebAssembly v1.0.29 was discovered to contain a segmentation fault via ...	bookworm, bullseye, sid, trixie
	CVE-2023-27116	WebAssembly v1.0.29 discovered to contain an abort in CWriter::MangleT ...	bookworm, bullseye
	CVE-2023-27117	WebAssembly v1.0.29 was discovered to contain a heap overflow via the ...	bookworm, bullseye, sid, trixie
	CVE-2023-27119	WebAssembly v1.0.29 was discovered to contain a segmentation fault via ...	bookworm, bullseye, sid, trixie
	CVE-2023-30300	An issue in the component hang.wasm of WebAssembly 1.0 causes an infin ...	bookworm, bullseye
	CVE-2023-31669	WebAssembly wat2wasm v1.0.32 allows attackers to cause a libc++abi.dyl ...	bookworm, bullseye
	CVE-2023-31670	An issue in wasm2c 1.0.32, wasm2wat 1.0.32, wasm-decompile 1.0.32, and ...	bookworm, bullseye
	CVE-2023-46331	WebAssembly wabt 1.0.33 has an Out-of-Bound Memory Read in in DataSegm ...	bookworm, bullseye, sid, trixie
	CVE-2025-2368	A vulnerability was found in WebAssembly wabt 1.0.36 and classified as ...	bookworm, bullseye, sid, trixie
	CVE-2025-2584	A vulnerability was found in WebAssembly wabt 1.0.36. It has been decl ...	bookworm, bullseye, sid, trixie
	CVE-2025-3122	A vulnerability classified as problematic was found in WebAssembly wab ...	bookworm, bullseye, sid, trixie
	CVE-2025-6273	A vulnerability was found in WebAssembly wabt up to 1.0.37 and classif ...	bookworm, bullseye, sid, trixie
	CVE-2025-6274	A vulnerability was found in WebAssembly wabt up to 1.0.37. It has bee ...	bookworm, bullseye, sid, trixie
	CVE-2025-6275	A vulnerability was found in WebAssembly wabt up to 1.0.37. It has bee ...	bookworm, bullseye, sid, trixie
wavpack	CVE-2021-44269	An out of bounds read was found in Wavpack 5.4.0 in processing *.WAV f ...	bullseye
wheel	CVE-2022-40898	An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 ...	bullseye
whitedune	CVE-2017-17518	swt/motif/browser.c in White_dune (aka whitedune) 0.30.10 does not val ...	bookworm, bullseye, sid
whohas	CVE-2021-4258	A vulnerability was found in whohas. It has been rated as problematic. ...	bookworm, bullseye, sid, trixie
wireshark	CVE-2024-4855	Use after free issue in editcap could cause denial of service via craf ...	bullseye
	CVE-2024-9780	ITS dissector crash in Wireshark 4.4.0 allows denial of service via pa ...	bookworm, bullseye
	CVE-2024-9781	AppleTalk and RELOAD Framing dissector crash in Wireshark 4.4.0 and 4. ...	bookworm, bullseye
	CVE-2025-1492	Bundle Protocol and CBOR dissector crashes in Wireshark 4.4.0 to 4.4.3 ...	bookworm
wkhtmltopdf	CVE-2022-35583	wkhtmlTOpdf 0.12.6 is vulnerable to SSRF which allows an attacker to g ...	bookworm, bullseye
wolfssl	CVE-2023-6935	wolfSSL SP Math All RSA implementation is vulnerable to the Marvin Att ...	bookworm, bullseye
wordpress	CVE-2006-0733	Cross-site scripting (XSS) vulnerability in WordPress 2.0.0 allows rem ...	bookworm, bullseye, sid, trixie
	CVE-2008-0191	WordPress 2.2.x and 2.3.x allows remote attackers to obtain sensitive ...	bookworm, bullseye, sid, trixie
	CVE-2011-4898	wp-admin/setup-config.php in the installation component in WordPress 3 ...	bookworm, bullseye, sid, trixie
	CVE-2011-4899	wp-admin/setup-config.php in the installation component in WordPress 3 ...	bookworm, bullseye, sid, trixie
	CVE-2012-0782	Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/setup- ...	bookworm, bullseye, sid, trixie
	CVE-2012-0937	wp-admin/setup-config.php in the installation component in WordPress 3 ...	bookworm, bullseye, sid, trixie
	CVE-2012-5868	WordPress 3.4.2 does not invalidate a wordpress_sec session cookie upo ...	bookworm, bullseye, sid, trixie
	CVE-2013-7233	Cross-site request forgery (CSRF) vulnerability in the retrospam compo ...	bookworm, bullseye, sid, trixie
	CVE-2017-6514	WordPress 4.7.2 mishandles listings of post authors, which allows remo ...	bookworm, bullseye, sid, trixie
	CVE-2018-6389	In WordPress through 4.9.2, unauthenticated attackers can cause a deni ...	bookworm, bullseye, sid, trixie
	CVE-2018-14028	In WordPress 4.9.7, plugins uploaded via the admin area are not verifi ...	bookworm, bullseye, sid, trixie
wpa	CVE-2017-13084	Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Sta ...	bookworm, bullseye, sid, trixie
	CVE-2019-5062	An exploitable denial-of-service vulnerability exists in the 802.11w s ...	bookworm, bullseye, sid, trixie
	CVE-2021-30004	In wpa_supplicant and hostapd 2.9, forging attacks may occur because A ...	bookworm, bullseye, sid, trixie
wpewebkit	CVE-2023-32409	The issue was addressed with improved bounds checks. This issue is fix ...	bookworm, bullseye
x264	CVE-2025-25467	Insufficient tracking and releasing of allocated used memory in libx26 ...	bookworm, bullseye, sid, trixie
xbindkeys-config	CVE-2014-9513	Insecure use of temporary files in xbindkeys-config 0.1.3-2 allows rem ...	bookworm, bullseye
xdg-user-dirs	CVE-2017-15131	It was found that system umask policy is not being honored when creati ...	bookworm, bullseye, sid, trixie
xdg-utils	CVE-2025-52968	xdg-open in xdg-utils through 1.2.1 can send requests containing SameS ...	bookworm, bullseye, sid, trixie
xen	CVE-2014-9066	Xen 4.4.x and earlier, when using a large number of VCPUs, does not pr ...	bookworm, bullseye, sid, trixie
	CVE-2021-28689	x86: Speculative vulnerabilities with bare (non-shim) 32-bit PV guests ...	bookworm, bullseye, sid, trixie
xerces-c	CVE-2012-0880	Apache Xerces-C++ allows remote attackers to cause a denial of service ...	bookworm, bullseye, sid, trixie
xfig	CVE-2009-4228	Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and earlie ...	bookworm, bullseye, sid, trixie
	CVE-2023-45920	Xfig v3.2.8 was discovered to contain a NULL pointer dereference when ...	bookworm, bullseye
xloadimage	CVE-2006-4484	Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in ...	bookworm, bullseye, sid, trixie
xorg-server	CVE-2022-3553	A vulnerability, which was classified as problematic, was found in X.o ...	bullseye
xpdf	CVE-2010-0206	xpdf allows remote attackers to cause a denial of service (NULL pointe ...	bookworm, bullseye, sid, trixie
	CVE-2010-0207	In xpdf, the xref table contains an infinite loop which allows remote ...	bookworm, bullseye, sid, trixie
	CVE-2013-4472	The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 a ...	bookworm, bullseye, sid, trixie
	CVE-2018-7173	A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an ...	bookworm, bullseye, sid, trixie
	CVE-2018-7174	An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref a ...	bookworm, bullseye, sid, trixie
	CVE-2018-7175	An issue was discovered in xpdf 4.00. A NULL pointer dereference in re ...	bookworm, bullseye, sid, trixie
	CVE-2018-7452	A NULL pointer dereference in JPXStream::fillReadBuf in JPXStream.cc i ...	bookworm, bullseye, sid, trixie
	CVE-2018-7453	Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 ...	bookworm, bullseye, sid, trixie
	CVE-2018-7454	A NULL pointer dereference in XFAForm::scanFields in XFAForm.cc in xpd ...	bookworm, bullseye, sid, trixie
	CVE-2018-7455	An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xp ...	bookworm, bullseye, sid, trixie
	CVE-2018-8100	The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allo ...	bookworm, bullseye, sid, trixie
	CVE-2018-8101	The JPXStream::inverseTransformLevel function in JPXStream.cc in xpdf ...	bookworm, bullseye, sid, trixie
	CVE-2018-8102	The JBIG2MMRDecoder::getBlackCode function in JBIG2Stream.cc in xpdf 4 ...	bookworm, bullseye, sid, trixie
	CVE-2018-8103	The JBIG2Stream::readGenericBitmap function in JBIG2Stream.cc in xpdf ...	bookworm, bullseye, sid, trixie
	CVE-2018-8104	The BufStream::lookChar function in Stream.cc in xpdf 4.00 allows atta ...	bookworm, bullseye, sid, trixie
	CVE-2018-8105	The JPXStream::fillReadBuf function in JPXStream.cc in xpdf 4.00 allow ...	bookworm, bullseye, sid, trixie
	CVE-2018-8106	The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00 ...	bookworm, bullseye, sid, trixie
	CVE-2018-8107	The JPXStream::close function in JPXStream.cc in xpdf 4.00 allows atta ...	bookworm, bullseye, sid, trixie
	CVE-2018-11033	The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in ...	bookworm, bullseye, sid, trixie
	CVE-2018-16368	SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows ...	bookworm, bullseye, sid, trixie
	CVE-2018-16369	XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a ...	bookworm, bullseye, sid, trixie
	CVE-2018-18454	CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote atta ...	bookworm, bullseye, sid, trixie
	CVE-2018-18455	The GfxImageColorMap class in GfxState.cc in Xpdf 4.00 allows remote a ...	bookworm, bullseye, sid, trixie
	CVE-2018-18456	The function Object::isName() in Object.h (called from Gfx::opSetFillC ...	bookworm, bullseye, sid, trixie
	CVE-2018-18457	The function DCTStream::readScan in Stream.cc in Xpdf 4.00 allows remo ...	bookworm, bullseye, sid, trixie
	CVE-2018-18458	The function DCTStream::decodeImage in Stream.cc in Xpdf 4.00 allows r ...	bookworm, bullseye, sid, trixie
	CVE-2018-18459	The function DCTStream::getBlock in Stream.cc in Xpdf 4.00 allows remo ...	bookworm, bullseye, sid, trixie
xserver-xorg-video-nouveau	CVE-2018-3979	A remote denial-of-service vulnerability exists in the way the Nouveau ...	bookworm, bullseye, sid, trixie
xterm	CVE-2006-4447	X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtran ...	bookworm, bullseye, sid, trixie
	CVE-2023-40359	xterm before 380 supports ReGIS reporting for character-set names even ...	bookworm, bullseye
yabasic	CVE-2019-19720	Yabasic 2.86.1 has a heap-based buffer overflow in the yylex() functio ...	bookworm, bullseye, sid, trixie
	CVE-2019-19796	Yabasic 2.86.2 has a heap-based buffer overflow in myformat in functio ...	bookworm, bullseye, sid, trixie
yara	CVE-2019-19648	In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, ...	bookworm, bullseye, sid, trixie
yasm	CVE-2021-33454	An issue was discovered in yasm version 1.3.0. There is a NULL pointer ...	bookworm, bullseye, sid, trixie
	CVE-2021-33455	An issue was discovered in yasm version 1.3.0. There is a NULL pointer ...	bookworm, bullseye, sid, trixie
	CVE-2021-33456	An issue was discovered in yasm version 1.3.0. There is a NULL pointer ...	bookworm, bullseye, sid, trixie
	CVE-2021-33457	An issue was discovered in yasm version 1.3.0. There is a NULL pointer ...	bookworm, bullseye, sid, trixie
	CVE-2021-33458	An issue was discovered in yasm version 1.3.0. There is a NULL pointer ...	bookworm, bullseye, sid, trixie
	CVE-2021-33459	An issue was discovered in yasm version 1.3.0. There is a NULL pointer ...	bookworm, bullseye, sid, trixie
	CVE-2021-33460	An issue was discovered in yasm version 1.3.0. There is a NULL pointer ...	bookworm, bullseye, sid, trixie
	CVE-2021-33461	An issue was discovered in yasm version 1.3.0. There is a use-after-fr ...	bookworm, bullseye, sid, trixie
	CVE-2021-33462	An issue was discovered in yasm version 1.3.0. There is a use-after-fr ...	bookworm, bullseye, sid, trixie
	CVE-2021-33463	An issue was discovered in yasm version 1.3.0. There is a NULL pointer ...	bookworm, bullseye, sid, trixie
	CVE-2021-33465	An issue was discovered in yasm version 1.3.0. There is a NULL pointer ...	bookworm, bullseye, sid, trixie
	CVE-2021-33466	An issue was discovered in yasm version 1.3.0. There is a NULL pointer ...	bookworm, bullseye, sid, trixie
	CVE-2021-33467	An issue was discovered in yasm version 1.3.0. There is a use-after-fr ...	bookworm, bullseye, sid, trixie
	CVE-2021-33468	An issue was discovered in yasm version 1.3.0. There is a use-after-fr ...	bookworm, bullseye, sid, trixie
	CVE-2023-29580	yasm 1.3.0.55.g101bc was discovered to contain a segmentation violatio ...	bookworm, bullseye, sid, trixie
	CVE-2023-29581	yasm 1.3.0.55.g101bc has a segmentation violation in the function dele ...	bookworm, bullseye, sid, trixie
	CVE-2023-29582	yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via th ...	bookworm, bullseye, sid, trixie
	CVE-2023-29583	yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via th ...	bookworm, bullseye, sid, trixie
	CVE-2023-30402	YASM v1.3.0 was discovered to contain a heap overflow via the function ...	bookworm, bullseye, sid, trixie
	CVE-2023-31723	yasm 1.3.0.55.g101bc was discovered to contain a segmentation violatio ...	bookworm, bullseye, sid, trixie
	CVE-2023-31724	yasm 1.3.0.55.g101bc was discovered to contain a segmentation violatio ...	bookworm, bullseye, sid, trixie
	CVE-2023-31725	yasm 1.3.0.55.g101bc was discovered to contain a heap-use-after-free v ...	bookworm, bullseye, sid, trixie
	CVE-2023-31972	yasm v1.3.0 was discovered to contain a use after free via the functio ...	bookworm, bullseye, sid, trixie
	CVE-2023-31973	yasm v1.3.0 was discovered to contain a use after free via the functio ...	bookworm, bullseye, sid, trixie
	CVE-2023-31974	yasm v1.3.0 was discovered to contain a use after free via the functio ...	bookworm, bullseye, sid, trixie
	CVE-2023-31975	yasm v1.3.0 was discovered to contain a memory leak via the function y ...	bookworm, bullseye, sid, trixie
	CVE-2023-37732	Yasm v1.3.0.78 was found prone to NULL Pointer Dereference in /libyasm ...	bookworm, bullseye, sid, trixie
	CVE-2023-49554	Use After Free vulnerability in YASM 1.3.0.86.g9def allows a remote at ...	bookworm, bullseye, sid, trixie
	CVE-2023-49555	An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a de ...	bookworm, bullseye, sid, trixie
	CVE-2023-49556	Buffer Overflow vulnerability in YASM 1.3.0.86.g9def allows a remote a ...	bookworm, bullseye, sid, trixie
	CVE-2023-49557	An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a de ...	bookworm, bullseye, sid, trixie
	CVE-2023-49558	An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a de ...	bookworm, bullseye, sid, trixie
	CVE-2023-51258	A memory leak issue discovered in YASM v.1.3.0 allows a local attacker ...	bookworm, bullseye, sid, trixie
	CVE-2024-22653	yasm commit 9defefae was discovered to contain a NULL pointer derefere ...	bookworm, bullseye, sid, trixie
yaws	CVE-2009-4495	Yaws 1.85 writes data to a log file without sanitizing non-printable c ...	bookworm, bullseye, sid, trixie
youtube-dl	CVE-2024-38519	`yt-dlp` and `youtube-dl` are command-line audio/video downloaders. Pr ...	bookworm, bullseye, bookworm
zabbix	CVE-2023-29453	Templates do not properly consider backticks (`) as Javascript string ...	bookworm, bullseye
zangband	CVE-2021-40589	ZAngband zangband-data 2.7.5 is affected by an integer underflow vulne ...	bookworm, bullseye, sid, trixie
zip	CVE-2018-13410	Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, a ...	bookworm, bullseye
zoneminder	CVE-2019-7350	Session fixation exists in ZoneMinder through 1.32.3, as an attacker c ...	bookworm, bullseye, sid, trixie
	CVE-2019-7351	Log Injection exists in ZoneMinder through 1.32.3, as an attacker can ...	bookworm, bullseye, sid, trixie
	CVE-2019-8423	ZoneMinder through 1.32.3 has SQL Injection via the skins/classic/view ...	bookworm, bullseye, sid, trixie
	CVE-2019-8425	includes/database.php in ZoneMinder before 1.32.3 has XSS in the const ...	bookworm, bullseye, sid, trixie
	CVE-2019-8427	daemonControl in includes/functions.php in ZoneMinder before 1.32.3 al ...	bookworm, bullseye, sid, trixie
	CVE-2019-8429	ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php fil ...	bookworm, bullseye, sid, trixie
	CVE-2022-1726	Bootstrap Tables XSS vulnerability with Table Export plug-in when expo ...	bookworm, bullseye, sid, trixie
	CVE-2022-29806	ZoneMinder before 1.36.13 allows remote code execution via an invalid ...	bullseye
	CVE-2022-30768	A Stored Cross Site Scripting (XSS) issue in ZoneMinder 1.36.12 allows ...	bookworm, bullseye, sid, trixie
	CVE-2022-30769	Session fixation exists in ZoneMinder through 1.36.12 as an attacker c ...	bookworm, bullseye, sid, trixie
	CVE-2022-39285	ZoneMinder is a free, open source Closed-circuit television software a ...	bullseye
	CVE-2022-39289	ZoneMinder is a free, open source Closed-circuit television software a ...	bullseye
	CVE-2022-39290	ZoneMinder is a free, open source Closed-circuit television software a ...	bullseye
	CVE-2022-39291	ZoneMinder is a free, open source Closed-circuit television software a ...	bullseye
	CVE-2023-25825	ZoneMinder is a free, open source Closed-circuit television software a ...	bullseye
	CVE-2023-26032	ZoneMinder is a free, open source Closed-circuit television software a ...	bullseye
	CVE-2023-26034	ZoneMinder is a free, open source Closed-circuit television software a ...	bullseye
	CVE-2023-26035	ZoneMinder is a free, open source Closed-circuit television software a ...	bullseye
	CVE-2023-26036	ZoneMinder is a free, open source Closed-circuit television software a ...	bullseye
	CVE-2023-26037	ZoneMinder is a free, open source Closed-circuit television software a ...	bullseye
	CVE-2023-26038	ZoneMinder is a free, open source Closed-circuit television software a ...	bullseye
	CVE-2023-26039	ZoneMinder is a free, open source Closed-circuit television software a ...	bullseye
	CVE-2023-31493	RCE (Remote Code Execution) exists in ZoneMinder through 1.36.33 as an ...	bookworm, bullseye, sid, trixie
	CVE-2023-41884	ZoneMinder is a free, open source Closed-circuit television software a ...	bookworm, bullseye
	CVE-2024-43358	ZoneMinder is a free, open source closed-circuit television software a ...	bookworm, bullseye
	CVE-2024-43359	ZoneMinder is a free, open source closed-circuit television software a ...	bookworm, bullseye
	CVE-2024-43360	ZoneMinder is a free, open source closed-circuit television software a ...	bookworm, bullseye
zoph	CVE-2014-9235	Multiple SQL injection vulnerabilities in Zoph (aka Zoph Organizes Pho ...	bookworm, bullseye, sid, trixie
	CVE-2014-9236	Cross-site scripting (XSS) vulnerability in php/edit_photos.php in Zop ...	bookworm, bullseye, sid, trixie
zziplib	CVE-2018-6542	In ZZIPlib 0.13.67, there is a bus error (when handling a disk64_trail ...	bookworm, bullseye, sid, trixie
	CVE-2018-7727	An issue was discovered in ZZIPlib 0.13.68. There is a memory leak tri ...	bookworm, bullseye, sid, trixie
zziplib	CVE-2018-17828	Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers ...	bookworm, bullseye, sid, trixie