Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Debian Number Of NVD 8838 CRITICAL 973 HIGH 3883 MEDIUM 3639 LOW 343
URL https://www.debian.org/
Explanation It will be supported for about 5 years after release, including the LTS period.
After 5 years, you will need to use a company that provides paid support or update to a newer version.
Tag
  • Linux

Add Information URL
No Type Name URL
1 https://www.debian.org/releases/index.en.html
2 https://wiki.debian.org/LTS
3 https://www.debian.org/lts/security/
4 https://wiki.debian.org/DebianReleases
5 https://wiki.debian.org/LTS/Extended
6 https://www.debian.org/security/

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
91 Debian 12 12.7 Aug. 31, 2024 Jan. 1, 2023 7 149 115 10
92 Debian 11 11.11 Aug. 31, 2024 Aug. 14, 2021 124 641 478 23
93 Debian 10 10.13 Sept. 10, 2022 July 6, 2019 Aug. 31, 2022 326 1404 1210 111
94 Debian 9 9.13 July 18, 2020 June 17, 2017 June 30, 2022 569 1739 1553 134
95 Debian 8 8.0 April 25, 2015 June 17, 2018 June 30, 2020 498 1437 1431 106
96 Debian 7 7.1 May 4, 2013 April 25, 2016 May 31, 2018 112 494 587 62
97 Debian 5 5.0.9 Feb. 14, 2009 Feb. 6, 2012 5 70 85 25
98 Debian 4 4.0 April 8, 2007 Feb. 15, 2010 5 92 72 10
99 Debian 3 3.0.23 July 19, 2002 March 31, 2008 7 86 74 24
100 Debian 2 2.5.3-3 July 24, 1998 June 30, 2003 0 48 27 15
101 Debian 1 1.3.1 May 17, 1996 Jan. 1, 2000 365 1656 1388 115
102 Debian 0 0.93 Jan. 1, 1900 Jan. 1, 2000 0 8 1 1
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
91 8.8
-
HIGH
Network
A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121. CWE-416
 Use After Free
CVE-2023-6859 cpe:2.3:o:debian:debian_linux:12.0:*
cpe:2.3:o:debian:debian_linux:11.0:*
cpe:2.3:o:debian:debian_linux:10.0:*
2024-11-21 17:44
2023-12-19
Show GitHub Exploit DB Packet Storm
92 8.8
-
HIGH
Network
Firefox was susceptible to a heap buffer overflow in `nsTextFragment` due to insufficient OOM handling. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121. CWE-787
 Out-of-bounds Write
CVE-2023-6858 cpe:2.3:o:debian:debian_linux:12.0:*
cpe:2.3:o:debian:debian_linux:11.0:*
cpe:2.3:o:debian:debian_linux:10.0:*
2024-11-21 17:44
2023-12-19
Show GitHub Exploit DB Packet Storm
93 5.3
-
MEDIUM
Network
When resolving a symlink, a race may occur where the buffer passed to `readlink` may actually be smaller than necessary. *This bug only affects Firefox on Unix-based operating systems (Android, Linu… CWE-362
Race Condition
CVE-2023-6857 cpe:2.3:o:debian:debian_linux:12.0:*
cpe:2.3:o:debian:debian_linux:11.0:*
cpe:2.3:o:debian:debian_linux:10.0:*
2024-11-21 17:44
2023-12-19
Show GitHub Exploit DB Packet Storm
94 8.8
-
HIGH
Network
The WebGL `DrawElementsInstanced` method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution a… CWE-787
 Out-of-bounds Write
CVE-2023-6856 cpe:2.3:o:debian:debian_linux:12.0:*
cpe:2.3:o:debian:debian_linux:11.0:*
cpe:2.3:o:debian:debian_linux:10.0:*
2024-11-21 17:44
2023-12-19
Show GitHub Exploit DB Packet Storm
95 4.3
-
MEDIUM
Network
When processing a PGP/MIME payload that contains digitally signed text, the first paragraph of the text was never shown to the user. This is because the text was interpreted as a MIME message and the… NVD-CWE-noinfo
CVE-2023-50762 cpe:2.3:o:debian:debian_linux:12.0:*
cpe:2.3:o:debian:debian_linux:11.0:*
2024-11-21 17:37
2023-12-19
Show GitHub Exploit DB Packet Storm
96 4.3
-
MEDIUM
Network
The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time. If present, Thunderbird did not compare the signature creation date with the mess… NVD-CWE-noinfo
CVE-2023-50761 cpe:2.3:o:debian:debian_linux:12.0:*
cpe:2.3:o:debian:debian_linux:11.0:*
2024-11-21 17:37
2023-12-19
Show GitHub Exploit DB Packet Storm
97 6.5
-
MEDIUM
Network
In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For examp… CWE-78
OS Command 
CVE-2023-51385 cpe:2.3:o:debian:debian_linux:12.0:*
cpe:2.3:o:debian:debian_linux:11.0:*
cpe:2.3:o:debian:debian_linux:10.0:*
2024-11-21 17:37
2023-12-19
Show GitHub Exploit DB Packet Storm
98 5.5
-
MEDIUM
Local
In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these const… NVD-CWE-noinfo
CVE-2023-51384 cpe:2.3:o:debian:debian_linux:12.0:*
cpe:2.3:o:debian:debian_linux:11.0:*
2024-11-21 17:37
2023-12-19
Show GitHub Exploit DB Packet Storm
99 5.9
-
MEDIUM
Network
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from… CWE-354
 Improper Validation of Integrity Check Value
CVE-2023-48795 cpe:2.3:o:debian:debian_linux:10.0:* 2024-11-21 17:32
2023-12-19
Show GitHub Exploit DB Packet Storm
100 6.3
-
MEDIUM
Network
An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used… CWE-22
Path Traversal
CVE-2023-5115 cpe:2.3:o:debian:debian_linux:10.0:* 2024-11-21 17:41
2023-12-18
Show GitHub Exploit DB Packet Storm