Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Debian Number Of NVD 8838 CRITICAL 973 HIGH 3883 MEDIUM 3639 LOW 343
URL https://www.debian.org/
Explanation It will be supported for about 5 years after release, including the LTS period.
After 5 years, you will need to use a company that provides paid support or update to a newer version.
Tag
  • Linux

Add Information URL
No Type Name URL
1 https://www.debian.org/releases/index.en.html
2 https://wiki.debian.org/LTS
3 https://www.debian.org/lts/security/
4 https://wiki.debian.org/DebianReleases
5 https://wiki.debian.org/LTS/Extended
6 https://www.debian.org/security/

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
211 Debian 12 12.7 Aug. 31, 2024 Jan. 1, 2023 7 149 115 10
212 Debian 11 11.11 Aug. 31, 2024 Aug. 14, 2021 124 641 478 23
213 Debian 10 10.13 Sept. 10, 2022 July 6, 2019 Aug. 31, 2022 326 1404 1210 111
214 Debian 9 9.13 July 18, 2020 June 17, 2017 June 30, 2022 569 1739 1553 134
215 Debian 8 8.0 April 25, 2015 June 17, 2018 June 30, 2020 498 1437 1431 106
216 Debian 7 7.1 May 4, 2013 April 25, 2016 May 31, 2018 112 494 587 62
217 Debian 5 5.0.9 Feb. 14, 2009 Feb. 6, 2012 5 70 85 25
218 Debian 4 4.0 April 8, 2007 Feb. 15, 2010 5 92 72 10
219 Debian 3 3.0.23 July 19, 2002 March 31, 2008 7 86 74 24
220 Debian 2 2.5.3-3 July 24, 1998 June 30, 2003 0 48 27 15
221 Debian 1 1.3.1 May 17, 1996 Jan. 1, 2000 365 1656 1388 115
222 Debian 0 0.93 Jan. 1, 1900 Jan. 1, 2000 0 8 1 1
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
211 9.8
-
CRITICAL
Network
A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x before 3.1.17. When parsing Spotlight RPC packets, one encoded data structure is a key-value style di… CWE-843
Type Confusion
CVE-2023-42464 cpe:2.3:o:debian:debian_linux:11.0:*
cpe:2.3:o:debian:debian_linux:10.0:*
2024-11-21 17:22
2023-09-21
Show GitHub Exploit DB Packet Storm
212 9.8
-
CRITICAL
Network
paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with '<unichar … CWE-91
Blind XPath Injection
CVE-2019-19450 cpe:2.3:o:debian:debian_linux:10.0:* 2024-11-21 13:34
2023-09-20
Show GitHub Exploit DB Packet Storm
213 7.5
-
HIGH
Network
A flaw in the networking code handling DNS-over-TLS queries may cause `named` to terminate unexpectedly due to an assertion failure. This happens when internal data structures are incorrectly reused … CWE-617
 Reachable Assertion
CVE-2023-4236 cpe:2.3:o:debian:debian_linux:11.0:*
cpe:2.3:o:debian:debian_linux:10.0:*
2024-11-21 17:34
2023-09-20
Show GitHub Exploit DB Packet Storm
214 7.5
-
HIGH
Network
The code that processes control channel messages sent to `named` calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depend… CWE-787
 Out-of-bounds Write
CVE-2023-3341 cpe:2.3:o:debian:debian_linux:11.0:*
cpe:2.3:o:debian:debian_linux:10.0:*
2024-11-21 17:17
2023-09-20
Show GitHub Exploit DB Packet Storm
215 4.3
-
MEDIUM
Network
Jetty is a Java based web server and servlet engine. Versions 9.4.21 through 9.4.51, 10.0.15, and 11.0.15 are vulnerable to weak authentication. If a Jetty `OpenIdAuthenticator` uses the optional nes… CWE-287
Improper Authentication
CVE-2023-41900 cpe:2.3:o:debian:debian_linux:12.0:*
cpe:2.3:o:debian:debian_linux:11.0:*
2024-11-21 17:21
2023-09-16
Show GitHub Exploit DB Packet Storm
216 5.3
-
MEDIUM
Network
Jetty is a Java based web server and servlet engine. Prior to versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1, Jetty accepts the `+` character proceeding the content-length value in a HTTP/1 header fie… - CVE-2023-40167 cpe:2.3:o:debian:debian_linux:12.0:*
cpe:2.3:o:debian:debian_linux:11.0:*
cpe:2.3:o:debian:debian_linux:10.0:*
2024-11-21 17:18
2023-09-16
Show GitHub Exploit DB Packet Storm
217 4.3
-
MEDIUM
Network
Eclipse Jetty Canonical Repository is the canonical repository for the Jetty project. Users of the CgiServlet with a very specific command structure may have the wrong command executed. If a user sen… - CVE-2023-36479 cpe:2.3:o:debian:debian_linux:12.0:*
cpe:2.3:o:debian:debian_linux:11.0:*
cpe:2.3:o:debian:debian_linux:10.0:*
2024-11-21 17:09
2023-09-16
Show GitHub Exploit DB Packet Storm
218 4.3
-
MEDIUM
Network
Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to obfuscate a permission prompt via a crafted HTML page. (Chromium security s… NVD-CWE-noinfo
CVE-2023-4900 cpe:2.3:o:debian:debian_linux:12.0:*
cpe:2.3:o:debian:debian_linux:11.0:*
2024-11-21 17:36
2023-09-13
Show GitHub Exploit DB Packet Storm
219 4.3
-
MEDIUM
Network
Inappropriate implementation in Interstitials in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low) NVD-CWE-noinfo
CVE-2023-4909 cpe:2.3:o:debian:debian_linux:12.0:*
cpe:2.3:o:debian:debian_linux:11.0:*
2024-11-21 17:36
2023-09-13
Show GitHub Exploit DB Packet Storm
220 4.3
-
MEDIUM
Network
Inappropriate implementation in Picture in Picture in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Low) NVD-CWE-noinfo
CVE-2023-4908 cpe:2.3:o:debian:debian_linux:12.0:*
cpe:2.3:o:debian:debian_linux:11.0:*
2024-11-21 17:36
2023-09-13
Show GitHub Exploit DB Packet Storm