Dashboard

Package : tcpdf CVE ID : CVE-2024-22640 CVE-2024-22641 CVE-2024-32489 CVE-2024-51058 CVE-2024-56519 CVE-2024-56520 CVE-2024-56522 CVE-2024-56527 Multiple security issues were discovered in TCPDF, a PHP class for generating PDF files on-the-fly, which may result in denial of service, cross-site scripting or information disclosure. For the stable distribution (bookworm), these problems have been fixed in version 6.6.2+dfsg1-1+deb12u1. We recommend that you upgrade your…

Package : thunderbird CVE ID : CVE-2025-4918 CVE-2025-4919 CVE-2025-5263 CVE-2025-5264 CVE-2025-5266 CVE-2025-5267 CVE-2025-5268 CVE-2025-5269 CVE-2025-5283 Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code. For the stable distribution (bookworm), these problems have been fixed in version 1:128.11.0esr-1~deb12u1. We recommend that you upgrade your thunderbird packages. For the detailed security status of…

Package : systemd CVE ID : CVE-2025-4598 Debian Bug : 1106785 The Qualys Threat Research Unit (TRU) discovered that systemd-coredump is prone to a kill-and-replace race condition which may allow a local attacker to gain sensitive information from crashed SUID processes. Additionally systemd-coredump does not specify %d (the kernel's per- process "dumpable" flag) in /proc/sys/kernel/core_pattern allowing a local attacker to crash root daemons that fork() and setuid() to…

Package : libavif CVE ID : CVE-2025-48174 CVE-2025-48175 Debian Bug : 1105883 1105885 Multiple vulnerabilities were discovered in libavif, a library for handling .avif files, which could result in denial of service or potentially the execution of arbitrary code. For the stable distribution (bookworm), these problems have been fixed in version 0.11.1-1+deb12u1. We recommend that you upgrade your libavif packages. For the detailed security status of libavif please…

Package : chromium CVE ID : CVE-2025-5063 CVE-2025-5064 CVE-2025-5065 CVE-2025-5066 CVE-2025-5067 CVE-2025-5280 CVE-2025-5281 CVE-2025-5283 Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the stable distribution (bookworm), these problems have been fixed in version 137.0.7151.55-3~deb12u1. We recommend that you upgrade your chromium packages. For the detailed…

Package : net-tools Debian Bug : 1106147 The update for net-tools announced in DSA 5923-1 introduced a regression for ifconfig always showing zero value packet counters. Updated packages are now available to correct this issue. Two additional stack-based buffer overflow flaws are addressed in this update. For the stable distribution (bookworm), this problem has been fixed in version 2.10-0.1+deb12u2. We recommend that you upgrade your net-tools packages. For the detailed…

Package : libvpx CVE ID : CVE-2025-5283 Debian Bug : 1106689 It was discovered that a double-free in the encoder of libvpx, a multimedia library for the VP8 and VP9 video codecs, may result in denial of service and potentially the execution of arbitrary code. For the stable distribution (bookworm), this problem has been fixed in version 1.12.0-1+deb12u4. We recommend that you upgrade your libvpx packages. For the detailed security status of libvpx please refer…

Package : yelp CVE ID : CVE-2025-3155 It was discovered that Yelp, the help browser for the GNOME desktop, allowed help files to execute arbitrary scripts. Opening a malformed help file could have resulted in data exfiltration. For the stable distribution (bookworm), this problem has been fixed in version 42.2-1+deb12u1 of yelp and version 42.1-2+deb12u1 of yelp-xsl. We recommend that you upgrade your yelp packages. For the detailed security status of yelp please…

Package : firefox-esr CVE ID : CVE-2025-5263 CVE-2025-5264 CVE-2025-5266 CVE-2025-5267 CVE-2025-5268 CVE-2025-5269 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or cross-origin leaks. For the stable distribution (bookworm), these problems have been fixed in version 128.11.0esr-1~deb12u1. We recommend that you upgrade your firefox-esr packages. For the detailed security…

Package : linux CVE ID : CVE-2024-26618 CVE-2024-26783 CVE-2024-26807 CVE-2024-28956 CVE-2024-35790 CVE-2024-36903 CVE-2024-36927 CVE-2024-43840 CVE-2024-46751 CVE-2024-53203 CVE-2024-53209 CVE-2024-57945 CVE-2025-21645 CVE-2025-21839 CVE-2025-21931 CVE-2025-22062 CVE-2025-37819 CVE-2025-37890 CVE-2025-37897 CVE-2025-37901 CVE-2025-37902 CVE-2025-37903 CVE-2025-37905 CVE-2025-37909 CVE-2025-37911 CVE-2025-37912 CVE-2025-37913 CVE-2025-37914 CVE-2025-37915 CVE-2025-37917…