Debian Security Vulnerabilities (CVEs)
Track 1,410 security vulnerabilities affecting Debian products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This vulnerability is a heap buffer overflow in WebRTC within Google Chrome that allows remote attackers to potentially exploit heap corruption via a ...
Dec 21, 2023CVE-2023-6873 is a memory corruption vulnerability in Firefox that could allow an attacker to execute arbitrary code on a victim's system. It affects ...
Dec 19, 2023This CVE-2023-6932 is a use-after-free vulnerability in the Linux kernel's IGMP (Internet Group Management Protocol) component that allows local attac...
Dec 19, 2023This CVE describes a heap buffer overflow vulnerability in Firefox's WebGL DrawElementsInstanced method when used with Mesa VM driver. An attacker cou...
Dec 19, 2023CVE-2023-6858 is a heap buffer overflow vulnerability in Firefox's nsTextFragment component caused by insufficient out-of-memory handling. Attackers c...
Dec 19, 2023This vulnerability allows remote attackers to execute arbitrary code via a heap buffer overflow in Firefox's nsWindow::PickerOpen method when running ...
Dec 19, 2023This vulnerability in Firefox, Firefox ESR, and Thunderbird involves undefined behavior in the ShutdownObserver() function due to missing virtual dest...
Dec 19, 2023This vulnerability in xorg-server allows out-of-bounds memory reads and writes when querying or changing XKB button actions, such as switching from to...
Dec 13, 2023This vulnerability in LibreOffice allows attackers to execute built-in macros without user warnings by exploiting insufficient permission validation i...
Dec 11, 2023This is a use-after-free vulnerability in Google Chrome's Media Stream component that allows remote attackers to potentially exploit heap corruption v...
Dec 6, 2023This is a use-after-free vulnerability in Google Chrome's Media Capture component that could allow heap corruption. Attackers can exploit it by tricki...
Dec 6, 2023This vulnerability in Sierra Wireless ALEOS ACEManager allows unauthenticated attackers to cause a temporary denial of service by sending malformed au...
Dec 4, 2023This is a memory corruption vulnerability in Apple's WebKit browser engine that allows arbitrary code execution when processing malicious web content....
Nov 30, 2023This CVE describes an integer overflow vulnerability in Skia (Chrome's graphics engine) that allows an attacker who has already compromised Chrome's r...
Nov 29, 2023This is a use-after-free vulnerability in Chrome's Mojo IPC system that allows remote attackers to potentially exploit heap corruption. Attackers can ...
Nov 29, 2023This is a use-after-free vulnerability in Chrome's libavif library that allows remote attackers to potentially exploit heap corruption via crafted AVI...
Nov 29, 2023This CVE describes memory safety bugs in Firefox, Firefox ESR, and Thunderbird that could lead to memory corruption. With sufficient effort, attackers...
Nov 21, 2023This vulnerability is a use-after-free memory corruption flaw in Firefox, Firefox ESR, and Thunderbird's ReadableByteStreams implementation. It allows...
Nov 21, 2023This is a use-after-free vulnerability in Google Chrome's garbage collection that allows remote attackers to potentially exploit heap corruption. Atta...
Nov 15, 2023CVE-2023-23583 is a hardware vulnerability in certain Intel processors where specific instruction sequences can cause unexpected behavior, potentially...
Nov 14, 2023CVE-2023-46850 is a use-after-free vulnerability in OpenVPN that can lead to memory corruption, information disclosure, or remote code execution when ...
Nov 11, 2023This is a use-after-free vulnerability in Chrome's WebAudio component that allows remote attackers to potentially exploit heap corruption. Attackers c...
Nov 8, 2023This CVE describes an integer overflow vulnerability in Chrome's USB component that could allow heap corruption. Attackers could exploit this via a ma...
Nov 1, 2023This is a use-after-free vulnerability in Google Chrome's printing component that allows heap corruption when users perform specific UI gestures. Atta...
Nov 1, 2023This is a use-after-free vulnerability in Google Chrome's Profiles feature that could allow heap corruption. Attackers can exploit it by tricking user...
Nov 1, 2023This is a use-after-free vulnerability in Google Chrome's Side Panel feature that could allow remote attackers to exploit heap corruption. Attackers c...
Nov 1, 2023This vulnerability allows remote attackers to perform out-of-bounds memory access in Google Chrome's USB component via a crafted HTML page. Attackers ...
Nov 1, 2023CVE-2023-46604 is a critical remote code execution vulnerability in Apache ActiveMQ's Java OpenWire protocol marshaller. It allows remote attackers wi...
Oct 27, 2023CVE-2023-34059 is a file descriptor hijack vulnerability in open-vm-tools' vmware-user-suid-wrapper that allows non-root users to hijack the /dev/uinp...
Oct 27, 2023This CVE-2023-5367 is an out-of-bounds write vulnerability in xorg-x11-server that allows attackers to write beyond allocated heap buffers. It could l...
Oct 25, 2023This is a logic vulnerability in Apple's WebKit browser engine that allows arbitrary code execution when processing malicious web content. Attackers c...
Oct 25, 2023This vulnerability in Mozilla graphics drivers allows attackers to cause denial of service through large draw calls. It affects Firefox versions befor...
Oct 25, 2023A use-after-free vulnerability in Firefox, Firefox ESR, and Thunderbird garbage collection could allow attackers to cause a crash or potentially execu...
Oct 25, 2023This CVE describes memory safety bugs in Firefox, Firefox ESR, and Thunderbird that could lead to memory corruption. With sufficient effort, attackers...
Oct 25, 2023This is a use-after-free vulnerability in Google Chrome's Profiles component that allows remote attackers to potentially exploit heap corruption. Atta...
Oct 25, 2023An out-of-bounds read vulnerability in the mod_macro module of Apache HTTP Server allows attackers to read memory beyond allocated buffers. This affec...
Oct 23, 2023A buffer overflow vulnerability exists in the Intel IGB Ethernet driver in Linux kernels before 6.5.3. When processing frames larger than the configur...
Oct 15, 2023This vulnerability in Babel's @babel/traverse allows arbitrary code execution during JavaScript compilation when processing maliciously crafted code. ...
Oct 12, 2023This critical vulnerability in Google Chrome's Site Isolation feature allows remote attackers to trigger use-after-free conditions via crafted HTML pa...
Oct 11, 2023A heap buffer overflow vulnerability in Chrome's PDF renderer allows remote attackers to potentially exploit heap corruption via a crafted PDF file. U...
Oct 11, 2023This is a use-after-free vulnerability in Chrome's Blink History component that allows remote attackers to potentially exploit heap corruption via a c...
Oct 11, 2023This CVE describes an authorization bypass vulnerability in Apache ZooKeeper when SASL Quorum Peer authentication is enabled. An attacker can join the...
Oct 11, 2023This CVE describes an integer overflow vulnerability in Eclipse Jetty's HTTP/2 HPACK header processing. Attackers can send specially crafted HTTP/2 re...
Oct 10, 2023CVE-2023-44487 is an HTTP/2 protocol vulnerability that allows attackers to cause denial of service by rapidly resetting streams, consuming server res...
Oct 10, 2023CVE-2023-43641 is a critical out-of-bounds array access vulnerability in libcue that allows remote code execution. Attackers can exploit this by trick...
Oct 9, 2023This vulnerability in MediaWiki's ApiPageSet.php allows attackers to trigger an infinite loop when querying pages with specific redirect and title con...
Oct 9, 2023A use-after-free vulnerability in WebKitGTK's MediaRecorder API allows memory corruption when processing malicious web content. This could lead to arb...
Oct 6, 2023CVE-2023-4911 is a buffer overflow vulnerability in the GNU C Library's dynamic loader (ld.so) that allows local attackers to exploit SUID binaries. B...
Oct 3, 2023This is a use-after-free vulnerability in Chrome's extension system that allows heap corruption. Attackers can exploit it by tricking users into insta...
Sep 28, 2023This CVE describes a use-after-free vulnerability in the Linux kernel's netfilter nf_tables component. It allows local attackers to escalate privilege...
Sep 27, 2023Why Monitor Debian Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 1,410+ known vulnerabilities affecting Debian products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Debian packages in under 60 seconds. No agents required - completely agentless scanning that works across Debian deployments.
Free vulnerability database: Access detailed information about every Debian CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Debian CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
