Debian Security Vulnerabilities (CVEs)
Track 1,979 security vulnerabilities affecting Debian products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
A buffer overflow vulnerability in the Skia graphics library allows attackers to cause memory corruption through specially crafted 2D canvas operation...
Feb 28, 2019This vulnerability is an integer overflow in image buffer size calculations in Mozilla products, which can lead to out-of-bounds writes. Attackers cou...
Feb 28, 2019This is a critical memory corruption vulnerability in Mozilla Firefox, Firefox ESR, and Thunderbird that could allow attackers to execute arbitrary co...
Feb 28, 2019This vulnerability allows attackers to trigger a potentially exploitable crash in Firefox, Firefox ESR, and Thunderbird by manipulating user events in...
Feb 28, 2019CVE-2019-9215 is a critical memory corruption vulnerability in Live555 media streaming server where malformed authorization headers cause invalid memo...
Feb 28, 2019This vulnerability in PHP's xmlrpc_decode() function allows attackers to trigger invalid memory access (heap out-of-bounds read or read-after-free) by...
Feb 22, 2019This CVE describes heap-based buffer over-read vulnerabilities in PHP's mbstring regular expression functions when processing invalid multibyte data. ...
Feb 22, 2019CVE-2019-7164 is a SQL injection vulnerability in SQLAlchemy that allows attackers to inject malicious SQL code via the order_by parameter. This affec...
Feb 20, 2019This vulnerability in Google Chrome allowed attackers to escape the browser's security sandbox via specially crafted HTML pages. It affected Chrome on...
Feb 19, 2019This vulnerability allows local code injection in Debian's python-rdflib-tools package. Attackers can execute arbitrary Python code by placing malicio...
Feb 9, 2019This CVE describes memory safety bugs in Mozilla Firefox and Thunderbird that could lead to memory corruption. With sufficient effort, attackers could...
Feb 5, 2019CVE-2018-8793 is a critical heap-based buffer overflow vulnerability in rdesktop RDP client that allows remote attackers to execute arbitrary code on ...
Feb 5, 2019CVE-2018-8795 is a critical integer overflow vulnerability in rdesktop RDP client that leads to heap-based buffer overflow and remote code execution. ...
Feb 5, 2019CVE-2018-8797 is a critical heap-based buffer overflow vulnerability in rdesktop RDP client that allows remote attackers to execute arbitrary code on ...
Feb 5, 2019CVE-2018-8800 is a critical heap-based buffer overflow vulnerability in rdesktop RDP client that allows remote attackers to execute arbitrary code on ...
Feb 5, 2019This vulnerability allows attackers to bypass authentication on coTURN servers via SQL injection in the administrator web portal login. By sending a s...
Feb 5, 2019CVE-2019-7314 is a use-after-free vulnerability in Live555's liblivemedia library that occurs when RTSP streams are terminated after RTP/RTCP-over-RTS...
Feb 4, 2019CVE-2018-20748 is a critical heap out-of-bounds write vulnerability in LibVNC client library that allows remote code execution. Attackers can exploit ...
Jan 30, 2019CVE-2018-20750 is a heap out-of-bounds write vulnerability in LibVNC server versions through 0.9.12. This allows remote attackers to execute arbitrary...
Jan 30, 2019CVE-2019-6978 is a double-free vulnerability in LibGD graphics library that allows attackers to execute arbitrary code or cause denial of service by p...
Jan 28, 2019This vulnerability in uriparser library allows out-of-bounds memory reads when parsing incomplete IPv6 addresses containing embedded IPv4 addresses. A...
Jan 16, 2019This vulnerability allows remote attackers to cause a denial of service (crash) in LIVE555 Media Server by sending specially crafted HTTP headers in R...
Jan 14, 2019This vulnerability allows a remote attacker who has already compromised Chrome's renderer process to escape the browser sandbox and execute arbitrary ...
Jan 9, 2019This vulnerability in Google Chrome's Mojo IPC framework allows a remote attacker to escape the browser sandbox via a malicious HTML page. It affects ...
Jan 9, 2019CVE-2018-14719 is a remote code execution vulnerability in FasterXML jackson-databind versions 2.x before 2.9.7. It allows attackers to execute arbitr...
Jan 2, 2019CVE-2018-14721 is a Server-Side Request Forgery (SSRF) vulnerability in FasterXML jackson-databind versions 2.x before 2.9.7. It allows attackers to m...
Jan 2, 2019This vulnerability in FasterXML jackson-databind allows remote code execution through polymorphic deserialization of untrusted data. Attackers can exp...
Jan 2, 2019This vulnerability in FasterXML jackson-databind allows remote code execution through polymorphic deserialization attacks targeting the jboss-common-c...
Jan 2, 2019CVE-2018-1160 is a critical vulnerability in Netatalk that allows remote unauthenticated attackers to execute arbitrary code due to an out-of-bounds w...
Dec 20, 2018Why Monitor Debian Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 1,979+ known vulnerabilities affecting Debian products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Debian packages in under 60 seconds. No agents required - completely agentless scanning that works across Debian deployments.
Free vulnerability database: Access detailed information about every Debian CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Debian CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
