debian

10,127 tracked vulnerabilities.

CVE-2026-31431 HIGH KEV
crypto: algif_aead - Revert to operating out-of-place
Apr 22, 2026
CVSS 7.8
EPSS 0.03
CVE-2026-34757 MEDIUM
LIBPNG has a yse-after-free in png_set_PLTE, png_set_tRNS and png_set_hIST leading to corrupted chunk data and potential heap information disclosure
Apr 09, 2026
CVSS 5.1
EPSS 0.00
CVE-2026-4775 HIGH
Libtiff: libtiff: arbitrary code execution or denial of service via signed integer overflow in tiff file processing
Mar 24, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-1940 MEDIUM
Gstreamer: incomplete fix of cve-2026-1940
Mar 23, 2026
CVSS 5.1
EPSS 0.00
CVE-2026-2219 HIGH
dpkg 1.21.18-1.23.6 - Denial of Service via Zstd Decompression Infinite Loop
Mar 07, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-25506 HIGH
munge 0.5-0.5.17 - Buffer Overflow via Oversized Address Length Field
Feb 10, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-25061 HIGH
tcpflow <= 1.61 - Out-of-bounds Write in 802.11 Management Frame TIM Element Parsing
Jan 29, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-24765 HIGH
PHPUnit < 8.5.52 - Remote Code Execution via Unsafe Deserialization in PHPT Coverage Cleanup
Jan 27, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-24061 CRITICAL KEVNUCLEI
GNU Inetutils Telnet Authentication Bypass Exploit CVE-2026-24061
Jan 21, 2026
CVSS 9.8
EPSS 0.91
CVE-2026-23490 HIGH
pyasn1 < 0.6.2 - Denial of Service via Malformed RELATIVE-OID
Jan 16, 2026
CVSS 7.5
EPSS 0.00
CVE-2025-63261 HIGH
AWStats 8.0 - OS Command Injection via Open Function
Mar 20, 2026
CVSS 7.8
EPSS 0.00
CVE-2025-64098 MEDIUM
Fast DDS < 2.6.11 - Denial of Service via Tampered DATA Submessage in SPDP Packet
Feb 03, 2026
CVSS 5.9
EPSS 0.00
CVE-2025-62799 CRITICAL
Fast DDS <3.4.1-2.6.11 - Buffer Overflow
Feb 03, 2026
CVSS 9.8
EPSS 0.00
CVE-2025-62603 HIGH
Fast DDS < 2.6.11 - Out-of-bounds Read in ParticipantGenericMessage CDR Parser
Feb 03, 2026
CVSS 7.5
EPSS 0.00
CVE-2025-62602 HIGH
Fast DDS <3.4.1, <3.3.1, <2.6.11 - Buffer Overflow
Feb 03, 2026
CVSS 7.5
EPSS 0.00
CVE-2025-62600 HIGH
eProsima Fast DDS <2.6.11, 2.7.0-2.14.5, 3.0.0-3.2.3, 3.3.0, 3.4.0-3.4.1 - Remote DoS via SPDP Packet Tampering
Feb 03, 2026
CVSS 8.6
EPSS 0.00
CVE-2025-62599 HIGH
eProsima Fast DDS < 2.6.11, 2.7.0-2.14.5, 3.0.0-3.2.3, 3.3.0, 3.4.0 - Remote DoS via SPDP Packet Tampering
Feb 03, 2026
CVSS 8.6
EPSS 0.00
CVE-2025-68670 CRITICAL
xrdp < 0.10.5 - Unauthenticated Stack-based Buffer Overflow via User Domain Processing
Jan 27, 2026
CVSS 9.1
EPSS 0.00
CVE-2025-68615 CRITICAL
net-snmp <5.9.5-5.10.pre2 - Buffer Overflow
Dec 23, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-68462 LOW
Freedombox <25.17.1 - Info Disclosure
Dec 18, 2025
CVSS 3.2
EPSS 0.00
CVE-2025-6966 MEDIUM
python-apt - Denial of Service via Malformed Non-UTF-8 Key in TagSection.keys()
Dec 05, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-63498 MEDIUM
alinto SOGo 5.12.3 - Cross-Site Scripting via userName Parameter
Nov 24, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-64512 HIGH
pdfminer.six < 20251107 - Remote Code Execution via Malicious Pickle File Deserialization
Nov 10, 2025
CVSS 8.6
EPSS 0.00
CVE-2025-10934 HIGH
GIMP - Heap-based Buffer Overflow in XWD File Parser
Oct 29, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-10922 HIGH
GIMP - Heap-based Buffer Overflow in DCM File Parser
Oct 29, 2025
CVSS 7.8
EPSS 0.00
Products
debian_linux 9,979 advanced_package_tool 21 dpkg 14 shadow 8 lintian 6 apt 5 devscripts 3 horde 3 reportbug 3 apt-cacher 2 aptlinex 2 cifs-utils 2 dpkg-dev 2 fsp 2 horde_groupware 2 mime-support 2 netkit 2 python-apt 2 python-dns 2 qpopper 2 xsabre 2 yubiserver 2 FreedomBox 1 adequate 1 amaya 1 apache 1 apache2 1 apt-listchanges 1 apt-setup 1 axiom 1
Quick Filters
Critical CVEs With Exploits In CISA KEV