Debian Security Vulnerabilities (CVEs)
Track 1,860 security vulnerabilities affecting Debian products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This CVE describes a use-after-free vulnerability in WebKitGTK's ImageLoader that can be exploited via malicious web pages. Attackers could potentiall...
Jul 7, 2021This vulnerability in the Linux kernel allows loading of unsigned kernel modules even when module signature enforcement is requested via the module.si...
Jul 7, 2021CVE-2021-32566 is an improper input validation vulnerability in Apache Traffic Server's HTTP/2 implementation that allows attackers to cause a denial-...
Jun 30, 2021A stack-based buffer overflow vulnerability in Apache Traffic Server's cachekey plugin allows remote attackers to execute arbitrary code or cause deni...
Jun 30, 2021Apache Traffic Server incorrectly handles URL fragments, allowing attackers to poison the cache by manipulating fragment identifiers. This affects Apa...
Jun 29, 2021CVE-2020-13950 is a NULL pointer dereference vulnerability in Apache HTTP Server's mod_proxy_http module that allows remote attackers to cause a denia...
Jun 10, 2021CVE-2021-26690 is a NULL pointer dereference vulnerability in Apache HTTP Server's mod_session module that can be triggered by a specially crafted Coo...
Jun 10, 2021CVE-2021-26691 is a critical heap overflow vulnerability in Apache HTTP Server that allows remote attackers to execute arbitrary code or cause denial ...
Jun 10, 2021This vulnerability in Intel VT-d (Virtualization Technology for Directed I/O) allows an authenticated attacker with local access to potentially escala...
Jun 9, 2021CVE-2021-33833 is a critical stack-based buffer overflow vulnerability in ConnMan's DNS proxy component. Attackers can exploit this by sending special...
Jun 9, 2021This vulnerability in Libgcrypt allows side-channel attacks against ElGamal encryption due to missing exponent blinding and inappropriate window size ...
Jun 8, 2021This vulnerability is a buffer overflow in NGINX's autoindex module when processing file modification dates with years exceeding four digits. It affec...
Jun 6, 2021CVE-2021-28091 is a signature verification bypass vulnerability in Lasso, an open-source library for SAML authentication. Attackers can forge SAML ass...
Jun 4, 2021This vulnerability in xdg-open allows remote attackers to execute arbitrary commands by tricking users into opening a malicious file. It affects Debia...
Jun 2, 2021This vulnerability allows a privileged guest user in QEMU virtual machines to trigger an out-of-bounds write in the virtio vhost-user GPU device. It c...
Jun 2, 2021This vulnerability in lrzsz (a file transfer tool) allows information leakage to the receiving side due to an integer overflow in the zsdata function....
Jun 2, 2021This is a heap-based buffer overflow vulnerability in FFmpeg's filter_intra function that could allow attackers to execute arbitrary code or cause den...
Jun 1, 2021CVE-2021-3516 is a use-after-free vulnerability in libxml2's xmllint tool that allows attackers to execute arbitrary code or cause denial of service b...
Jun 1, 2021This vulnerability in the trim-newlines Node.js package allows attackers to cause a denial-of-service (DoS) condition through a regular expression den...
May 28, 2021CVE-2020-25710 is an assertion failure vulnerability in OpenLDAP's csnNormalize23() function that allows remote attackers to crash the LDAP service by...
May 28, 2021This vulnerability allows remote attackers to execute arbitrary commands on MariaDB Galera cluster nodes through command injection in the wsrep_sst_me...
May 27, 2021This heap-based buffer overflow vulnerability in FFmpeg's drawutils.c allows attackers to corrupt memory by sending specially crafted media files. It ...
May 27, 2021A heap-based buffer overflow vulnerability in FFmpeg's bitplanenoise filter allows attackers to cause memory corruption by processing specially crafte...
May 27, 2021A heap-based buffer overflow vulnerability in FFmpeg's neighbor filter allows attackers to execute arbitrary code or cause denial of service by proces...
May 27, 2021A heap-based buffer overflow vulnerability in FFmpeg's floodfill filter allows attackers to execute arbitrary code or cause denial of service by proce...
May 27, 2021This is a heap-based buffer overflow vulnerability in FFmpeg's colorconstancy filter that allows attackers to cause memory corruption by processing sp...
May 27, 2021A heap-based buffer overflow vulnerability in FFmpeg's w3fdif video filter allows attackers to cause memory corruption by processing specially crafted...
May 27, 2021This vulnerability in Ruby on Rails Action Pack allows attackers to perform information disclosure or unintended method execution when using redirect_...
May 27, 2021CVE-2021-3561 is an out-of-bounds memory access vulnerability in fig2dev's read_objects() function that allows attackers to crash the application or p...
May 26, 2021A memory corruption vulnerability in ISC DHCP allows attackers to cause denial of service by crashing dhclient or dhcpd processes when they parse mali...
May 26, 2021This buffer overflow vulnerability in FFmpeg's MOV file handling allows attackers to execute arbitrary code, cause denial of service, or leak sensitiv...
May 26, 2021This vulnerability in HyperKitty exposes private mailing list archives to public access during import operations. When migrating from Mailman 2 to Mai...
May 26, 2021This CVE describes a use-after-free vulnerability in the Linux kernel's Sun keyboard driver (sunkbd). An attacker with local access can potentially ex...
May 26, 2021This CVE describes a use-after-free vulnerability in the Linux kernel's NFC LLCP (Logical Link Control Protocol) implementation. An attacker could exp...
May 26, 2021This CVE-2021-22543 vulnerability in Linux KVM allows attackers with VM control privileges to bypass read-only memory checks, potentially leading to m...
May 26, 2021This CVE describes a use-after-free vulnerability in the GNU C Library (glibc) mq_notify function affecting versions 2.32 and 2.33. Attackers could ex...
May 25, 2021CVE-2020-25672 is a memory leak vulnerability in the Linux kernel's llcp_sock_connect function. This vulnerability allows attackers to cause denial of...
May 25, 2021CVE-2020-20450 is a null pointer dereference vulnerability in FFmpeg 4.2's libavformat/aviobuf.c component that can cause a denial of service. Attacke...
May 25, 2021CVE-2020-36329 is a use-after-free vulnerability in libwebp that allows attackers to execute arbitrary code or cause denial of service. This affects a...
May 21, 2021CVE-2020-36330 is an out-of-bounds read vulnerability in libwebp versions before 1.0.1, allowing attackers to read sensitive memory data or cause deni...
May 21, 2021CVE-2020-36332 is a memory exhaustion vulnerability in libwebp library versions before 1.0.1. When processing specially crafted WebP images, libwebp a...
May 21, 2021This is a heap-based buffer overflow vulnerability in Netatalk's DSI structure processing that allows unauthenticated attackers on the same network to...
May 21, 2021This vulnerability allows remote code execution in multiple terminal emulators (rxvt-unicode, rxvt, mrxvt, Eterm) through improper handling of ESC G Q...
May 20, 2021A use-after-free vulnerability in libxml2 versions before 2.9.11 allows attackers to submit crafted XML files to applications using this library, pote...
May 18, 2021CVE-2020-25709 is an assertion failure vulnerability in OpenLDAP's slapd server that allows remote attackers to crash the service by sending specially...
May 18, 2021This vulnerability in Prosody XMPP servers allows remote attackers to cause denial-of-service via memory exhaustion without authentication. It affects...
May 13, 2021CVE-2021-32920 is a denial-of-service vulnerability in Prosody XMPP server where an attacker can cause uncontrolled CPU consumption by flooding the se...
May 13, 2021This vulnerability in OpenJPEG's encoder allows attackers to pass specially crafted x,y offset input during encoding, potentially leading to memory co...
May 13, 2021This CVE describes a Use After Free vulnerability in NFC sockets in the Linux Kernel that allows local attackers with CAP_NET_RAW capability to escala...
May 12, 2021This vulnerability in Samba allows attackers to cause a denial-of-service by sending specially crafted domain name strings with spaces. When Samba pro...
May 12, 2021Why Monitor Debian Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 1,860+ known vulnerabilities affecting Debian products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Debian packages in under 60 seconds. No agents required - completely agentless scanning that works across Debian deployments.
Free vulnerability database: Access detailed information about every Debian CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Debian CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
