Debian Security Vulnerabilities (CVEs)
Track 1,405 security vulnerabilities affecting Debian products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This CVE describes a double-free vulnerability in the Linux kernel's NVMe driver that occurs when discard requests are retried. If exploited, it could...
Jul 29, 2024This CVE describes a signed integer overflow vulnerability in the Linux kernel's block/ioctl.c file. The vulnerability occurs during overflow checking...
Jul 12, 2024This vulnerability in MIT Kerberos 5 allows attackers to trigger invalid memory reads by sending specially crafted GSS message tokens with invalid len...
Jun 28, 2024urllib3's CVE-2024-37891 allows the Proxy-Authorization header to leak during cross-origin redirects when configured incorrectly without using urllib3...
Jun 17, 2024This CVE describes a use-after-free vulnerability in the Linux kernel's networking subsystem where __dst_negative_advice() improperly handles RCU rule...
Jun 10, 2024This Cross-Site Scripting (XSS) vulnerability in Roundcube Webmail allows attackers to inject malicious scripts via SVG animate attributes. When explo...
Jun 7, 2024This CVE describes integer overflow vulnerabilities in libvpx (VP8/VP9 video codec library) that can occur when processing large image dimensions or a...
Jun 3, 2024This CVE describes an out-of-bounds read vulnerability in the Linux kernel's VMware graphics driver (vmwgfx). The flaw occurs when the kernel incorrec...
Jun 3, 2024A NULL pointer dereference vulnerability in the Linux kernel's KVM (Kernel-based Virtual Machine) subsystem for ARM64 architecture. When handling GICv...
May 30, 2024This CVE describes an off-by-one read vulnerability in the Linux kernel's octeontx2-af driver. An attacker with local access could exploit this to rea...
May 30, 2024This CVE describes a double-free vulnerability in the Linux kernel's pinctrl subsystem. The pinctrl_enable() function incorrectly frees a devm-managed...
May 30, 2024A vulnerability in the Linux kernel's NSH (Network Service Header) GSO segmentation handler could cause kernel memory corruption when processing speci...
May 30, 2024This CVE-2024-36934 is a Linux kernel vulnerability in the bna driver where improper memory handling allows out-of-bounds read. Attackers could exploi...
May 30, 2024This CVE-2024-36916 is a Linux kernel vulnerability in the blk-iocost subsystem where an out-of-bounds shift operation can cause undefined behavior. I...
May 30, 2024A race condition vulnerability in the Linux kernel's TCP implementation allows a use-after-free condition when reusing TIME-WAIT sockets. This can lea...
May 30, 2024This CVE describes a use-after-free vulnerability in the Linux kernel's TIPC (Transparent Inter-Process Communication) protocol implementation. When e...
May 30, 2024This is a Linux kernel race condition vulnerability in network subsystem initialization that allows out-of-bounds memory access. It affects Linux syst...
May 30, 2024This CVE describes an out-of-bounds write vulnerability in the AMD GPU driver (amdgpu) debugfs interface in the Linux kernel. Attackers with local acc...
May 22, 2024This CVE describes an array index out-of-bounds vulnerability in the AMD GPU driver within the Linux kernel. When running in SR-IOV (Single Root I/O V...
May 21, 2024This CVE describes a potential deadlock vulnerability in the Linux kernel's SMB client implementation. When releasing message IDs (mids) during SMB op...
May 21, 2024A use-after-free vulnerability in the Linux kernel's mlx5e network driver allows attackers to cause kernel crashes or potentially execute arbitrary co...
May 21, 2024This CVE addresses a kernel panic vulnerability in the Linux kernel's netfilter subsystem when handling network device removal events. The issue occur...
May 20, 2024This vulnerability in the Linux kernel's mlxsw driver causes a kernel warning during Access Control List (ACL) rehashing operations. It affects system...
May 20, 2024A vulnerability in the Linux kernel's GENEVE (Generic Network Virtualization Encapsulation) implementation allows uninitialized memory access when pro...
May 20, 2024A NULL pointer dereference vulnerability in the Linux kernel's mlx5 network driver allows local attackers to cause a kernel crash (denial of service) ...
May 20, 2024This CVE addresses a missing input validation vulnerability in the Linux kernel's netfilter subsystem. Attackers could exploit this to cause kernel me...
May 20, 2024This CVE-2024-35967 is a Linux kernel Bluetooth SCO socket vulnerability where the kernel fails to validate user input length in setsockopt calls, all...
May 20, 2024A race condition in the Linux kernel's IPv6 implementation allows a use-after-free vulnerability when ipv6_get_ifaddr and ipv6_del_addr execute concur...
May 20, 2024This CVE addresses a race condition in the Linux kernel's Direct Rendering Manager (DRM) client subsystem where the modes[] array lacks proper mutex p...
May 20, 2024A use-after-free vulnerability in the Linux kernel's kprobes subsystem allows attackers to potentially execute arbitrary code with kernel privileges. ...
May 20, 2024This CVE describes a memory corruption vulnerability in the Linux kernel's VMCI driver where a memcpy() operation can write beyond the bounds of a str...
May 19, 2024This CVE describes a Linux kernel vulnerability in the SMC (Shared Memory Communications) subsystem where excessive rtnl (routing netlink) lock acquis...
May 19, 2024This CVE addresses a Linux kernel Btrfs filesystem corruption vulnerability where an unhandled error in chunk tree lookup could cause system instabili...
May 19, 2024This CVE addresses a NULL pointer dereference vulnerability in the Linux kernel's RDS (Reliable Datagram Sockets) subsystem. When cp (connection point...
May 19, 2024This CVE addresses an integer overflow vulnerability in the Linux kernel's BPF verifier that could allow out-of-bounds memory access. Attackers could ...
May 19, 2024A vulnerability in the Linux kernel's NFC (Near Field Communication) subsystem allows reading uninitialized memory when processing packets with zero-l...
May 19, 2024This CVE describes a kernel memory corruption vulnerability in the Linux netfilter subsystem where setsockopt() fails to validate user input length be...
May 19, 2024This CVE describes a race condition vulnerability in the Linux kernel's netfilter subsystem, specifically in the nf_tables component. It allows concur...
May 19, 2024A race condition vulnerability in the Linux kernel's netfilter nf_tables subsystem allows inconsistent state when adding new basechains after toggling...
May 19, 2024This CVE describes a memory leak vulnerability in the Linux kernel's device tree (OF) subsystem during overlay removal operations. It affects systems ...
May 19, 2024A Linux kernel vulnerability in UDP packet handling can cause kernel crashes or packet corruption when UDP Generic Segmentation Offload (GSO) packets ...
May 19, 2024A stack overflow vulnerability in the Linux kernel's IPv6 routing table dump functionality allows local attackers to trigger infinite recursion during...
May 19, 2024A Linux kernel vulnerability in ERSPAN (Encapsulated Remote SPAN) packet processing allows attackers to trigger kernel memory corruption by sending sp...
May 19, 2024This CVE describes a use-after-free vulnerability in the Linux kernel's SMB client implementation. Attackers could potentially exploit this to crash t...
May 19, 2024This CVE-2024-35871 vulnerability in the Linux kernel's RISC-V architecture allows kernel pointer leakage to user space. It affects systems running Li...
May 19, 2024A memory management vulnerability in the Linux kernel's x86 Page Attribute Table (PAT) handling for Copy-On-Write (COW) mappings. This can cause kerne...
May 19, 2024This CVE describes a memory leak vulnerability in the Linux kernel's mlxsw driver for Mellanox Spectrum switches. When ACL TCAM region rehashing fails...
May 17, 2024A use-after-free vulnerability in the Linux kernel's mlxsw driver allows attackers to potentially execute arbitrary code or crash the system. This aff...
May 17, 2024This CVE-2024-35845 is a buffer overflow vulnerability in the Linux kernel's iwlwifi driver where debug information strings lack proper null terminati...
May 17, 2024A double-free vulnerability in the Linux kernel's GIC-V3 interrupt controller allows local attackers to potentially crash the system or execute arbitr...
May 17, 2024Why Monitor Debian Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 1,405+ known vulnerabilities affecting Debian products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Debian packages in under 60 seconds. No agents required - completely agentless scanning that works across Debian deployments.
Free vulnerability database: Access detailed information about every Debian CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Debian CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
