Debian Security Vulnerabilities (CVEs)
Track 1,405 security vulnerabilities affecting Debian products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This CVE describes a NULL pointer dereference vulnerability in the Linux kernel's DWC2 USB host controller driver. An attacker could potentially cause...
May 1, 2024A race condition in the Linux kernel's pmac_zilog serial driver can cause a kernel panic or system crash when used as a serial console. This affects L...
May 1, 2024A memory overflow vulnerability in the Linux kernel's initialization code could allow attackers to corrupt kernel memory by providing specially crafte...
May 1, 2024This CVE describes an out-of-bounds (OOB) read vulnerability in the Linux kernel's nilfs2 filesystem driver. When a specially crafted filesystem is mo...
May 1, 2024This CVE describes a use-after-free vulnerability in the Linux kernel's Intel QAT crypto driver during PCI AER error recovery. A race condition occurs...
May 1, 2024This vulnerability in the Linux kernel's KVM subsystem could allow an attacker to cause a denial-of-service (DoS) condition or potentially execute arb...
May 1, 2024This CVE-2024-26969 is a buffer overflow vulnerability in the Linux kernel's Qualcomm GCC IPQ8074 clock driver. Missing termination in frequency table...
May 1, 2024This vulnerability in the Linux kernel's FAT filesystem driver leaks uninitialized memory when generating file handles without parent directories. It ...
May 1, 2024This CVE describes an out-of-bounds memory access vulnerability in the Linux kernel's SCMI (System Control and Management Interface) reset domains sub...
Apr 28, 2024This vulnerability allows arbitrary code execution through incorrect type conversion when processing specially crafted DICOM files in OFFIS DCMTK. Att...
Apr 23, 2024This is a use-after-free vulnerability in the Linux kernel's wilc1000 WiFi driver that occurs during network interface cleanup. When removing WiFi int...
Apr 17, 2024A use-after-free vulnerability in the Linux kernel's RDMA/srpt subsystem allows attackers to potentially crash the kernel or execute arbitrary code. T...
Apr 17, 2024This is a use-after-free vulnerability in the Linux kernel's IPv6 routing subsystem, specifically in the ip6_route_mpath_notify() function. Attackers ...
Apr 17, 2024CVE-2024-32487 is a command injection vulnerability in the 'less' pager utility that allows attackers to execute arbitrary OS commands via specially c...
Apr 13, 2024CVE-2023-38709 is an input validation vulnerability in Apache HTTP Server that allows malicious backend applications or content generators to split HT...
Apr 4, 2024A race condition vulnerability in the Linux kernel's dm-crypt subsystem when using authenticated encryption (AEAD) allows data corruption. Attackers w...
Apr 3, 2024This CVE describes a buffer overflow vulnerability in the Linux kernel's AFS (Andrew File System) implementation. An attacker could exploit this to ca...
Apr 3, 2024This CVE describes a use-after-free vulnerability in the Linux kernel's net/sched: act_mirred component. When redirecting network packets, improper ha...
Apr 3, 2024This CVE describes a stack overflow vulnerability in the Linux kernel's virtio crypto asymmetric cipher (akcipher) driver. A memory copy operation cop...
Apr 3, 2024A double-free vulnerability in the Linux kernel's ext4 filesystem can lead to kernel panic and system crashes. This occurs when moving extents with ov...
Apr 3, 2024A use-after-free vulnerability in the Linux kernel's Ceph filesystem driver allows attackers to potentially crash the kernel or execute arbitrary code...
Apr 3, 2024This is a use-after-free vulnerability in the Linux kernel's CAN J1939 subsystem that allows local attackers to potentially crash the kernel or execut...
Apr 3, 2024This CVE-2024-26664 is an out-of-bounds memory access vulnerability in the Linux kernel's coretemp hardware monitoring driver. It allows attackers wit...
Apr 2, 2024This vulnerability in Emacs Org mode allows remote file contents to be executed as trusted code when opened in Org mode. It affects Emacs versions bef...
Mar 25, 2024This CVE describes memory safety bugs in Firefox, Firefox ESR, and Thunderbird that could lead to memory corruption. With sufficient effort, attackers...
Mar 19, 2024This vulnerability allows attackers to execute arbitrary code on affected systems by overwriting return registers. It specifically impacts Armv7-A sys...
Mar 19, 2024This CVE describes a buffer overflow vulnerability in the Linux kernel's crypto scomp subsystem. Attackers could exploit this to write beyond allocate...
Mar 18, 2024This vulnerability in Apache Tomcat allows denial-of-service attacks via HTTP/2 requests. Attackers can send specially crafted HTTP/2 requests that ex...
Mar 13, 2024This is a use-after-free vulnerability in the Linux kernel's LLC (Logical Link Control) subsystem. When a closed LLC socket is improperly handled, it ...
Mar 6, 2024This CVE describes a slab-out-of-bounds read vulnerability in the JFS filesystem implementation within the Linux kernel. An attacker could exploit thi...
Mar 6, 2024This vulnerability in Thunderbird allows encrypted email subjects to be incorrectly assigned to other cached emails. When replying to contaminated ema...
Mar 4, 2024This vulnerability in phpseclib allows attackers to cause denial of service by providing a malformed certificate with an extremely large prime number,...
Mar 1, 2024This CVE addresses a speculative return stack overflow (SRSO) vulnerability in the Linux kernel affecting Hygon processors. It allows attackers to pot...
Feb 29, 2024This CVE-2023-52434 is an out-of-bounds read vulnerability in the Linux kernel's SMB client implementation. It allows attackers to trigger kernel cras...
Feb 20, 2024This vulnerability allows attackers to read memory outside the intended buffer boundaries when Firefox, Firefox ESR, or Thunderbird processes network ...
Feb 20, 2024This vulnerability involves incorrect code generation in Mozilla products that could cause unexpected numeric conversions and undefined behavior on 32...
Feb 20, 2024A race condition vulnerability in the Linux kernel's netfilter nft_set_rbtree garbage collection could cause kernel memory corruption. This affects Li...
Feb 20, 2024CVE-2024-24814 is a denial-of-service vulnerability in mod_auth_openidc where attackers can send specially crafted cookies with large integer values t...
Feb 13, 2024CVE-2024-25714 is a critical timing side-channel vulnerability in Rhonabwy's HMAC signature verification that allows attackers to potentially forge va...
Feb 11, 2024This vulnerability in Xen's virtual network protocol allows a NULL pointer dereference in Linux kernel networking code when processing specially craft...
Jan 29, 2024This vulnerability is an integer underflow in Chrome's WebUI that allows remote attackers to trigger heap corruption via malicious files. It affects G...
Jan 24, 2024A timing vulnerability in Firefox, Firefox ESR, and Thunderbird allows attackers to manipulate popup notification delays, tricking users into granting...
Jan 23, 2024This CVE describes memory safety bugs in Firefox, Firefox ESR, and Thunderbird that could lead to memory corruption. With sufficient effort, attackers...
Jan 23, 2024This vulnerability in X.Org server allows heap overflow when button mapping exceeds allocated memory space. Attackers could exploit this to execute ar...
Jan 18, 2024This Java security vulnerability allows attackers to bypass sandbox protections in client-side Java deployments. It affects Java SE, GraalVM for JDK, ...
Jan 16, 2024A vulnerability in GnuTLS causes Cockpit to reject certificate chains with distributed trust when using cockpit-certificate-ensure, allowing unauthent...
Jan 16, 2024This vulnerability allows attackers to achieve out-of-bounds memory access by creating netfilter tables with invalid protocol family values. It affect...
Jan 12, 2024This CVE describes a use-after-free vulnerability in the Linux kernel's AppleTalk protocol implementation. Attackers can exploit a race condition in a...
Jan 11, 2024CVE-2023-7101 is an arbitrary code execution vulnerability in Spreadsheet::ParseExcel Perl module version 0.65. Attackers can execute arbitrary Perl c...
Dec 24, 2023This vulnerability is an integer overflow in the HPack table implementation of Qt's HTTP/2 component. It allows remote attackers to cause a denial of ...
Dec 24, 2023Why Monitor Debian Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 1,405+ known vulnerabilities affecting Debian products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Debian packages in under 60 seconds. No agents required - completely agentless scanning that works across Debian deployments.
Free vulnerability database: Access detailed information about every Debian CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Debian CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
