Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Debian Number Of NVD 8839 CRITICAL 973 HIGH 3883 MEDIUM 3640 LOW 343
URL https://www.debian.org/
Explanation It will be supported for about 5 years after release, including the LTS period.
After 5 years, you will need to use a company that provides paid support or update to a newer version.
Tag
  • Linux

Add Information URL
No Type Name URL
1 https://www.debian.org/releases/index.en.html
2 https://wiki.debian.org/LTS
3 https://www.debian.org/lts/security/
4 https://wiki.debian.org/DebianReleases
5 https://wiki.debian.org/LTS/Extended
6 https://www.debian.org/security/

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
1 Debian 12 12.7 Aug. 31, 2024 Jan. 1, 2023 July 11, 2026 June 30, 2028 June 30, 2033 7 149 116 10
2 Debian 11 11.11 Aug. 31, 2024 Aug. 14, 2021 Aug. 14, 2024 Aug. 31, 2026 June 30, 2031 124 641 478 23
3 Debian 10 10.13 Sept. 10, 2022 July 6, 2019 Aug. 31, 2022 326 1404 1210 111
4 Debian 9 9.13 July 18, 2020 June 17, 2017 June 30, 2022 569 1739 1553 134
5 Debian 8 8.0 April 25, 2015 June 17, 2018 June 30, 2020 498 1437 1431 106
6 Debian 7 7.1 May 4, 2013 April 25, 2016 May 31, 2018 112 494 587 62
7 Debian 5 5.0.9 Feb. 14, 2009 Feb. 6, 2012 5 70 85 25
8 Debian 4 4.0 April 8, 2007 Feb. 15, 2010 5 92 72 10
9 Debian 3 3.0.23 July 19, 2002 March 31, 2008 7 86 74 24
10 Debian 2 2.5.3-3 July 24, 1998 June 30, 2003 0 48 27 15
11 Debian 1 1.3.1 May 17, 1996 Jan. 1, 2000 365 1656 1389 115
12 Debian 0 0.93 Jan. 1, 1900 Jan. 1, 2000 0 8 1 1
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
1 5.3
-
MEDIUM
Network
In PHP versions 8.2.* before 8.2.32, 8.3.* before 8.3.32, 8.4.* before 8.4.23, 8.5.* before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. Th… CWE-122
Heap-based Buffer Overflow
CVE-2026-14355 cpe:2.3:o:debian:debian_linux:12.0:* 2026-07-9 05:11
2026-07-4
Show GitHub Exploit DB Packet Storm
2 5.3
-
MEDIUM
Network
GNU SASL before 2.2.4 lacks sanitization of a short challenge in _gsasl_ntlm_client_step in the NTLM client, which could result in memory disclosure via a crafted server. CWE-839
CWE-908
 Numeric Range Comparison Without Minimum Check
 Use of Uninitialized Resource
CVE-2026-56968 cpe:2.3:o:debian:debian_linux:13.0:* 2026-06-30 08:00
2026-06-24
Show GitHub Exploit DB Packet Storm
3 7.5
-
HIGH
Network
Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads to denial of service via malicious HTTP requests. This issue affects Apache HTTP Server: from 2.4.17 … CWE-789
 Memory Allocation with Excessive Size Value
CVE-2026-49975 cpe:2.3:o:debian:debian_linux:11.0:* 2026-06-11 04:36
2026-06-9
Show GitHub Exploit DB Packet Storm
4 7.8
-
HIGH
Local
A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. T… CWE-190
 Integer Overflow or Wraparound
CVE-2026-4775 cpe:2.3:o:debian:debian_linux:11.0:* 2026-04-22 01:34
2026-03-25
Show GitHub Exploit DB Packet Storm
5 7.8
-
HIGH
Local
AWStats 8.0 is vulnerable to Command Injection via the open function CWE-78
OS Command 
CVE-2025-63261 cpe:2.3:o:debian:debian_linux:11.0:* 2026-04-8 01:08
2026-03-21
Show GitHub Exploit DB Packet Storm
6 7.5
-
HIGH
Network
eprosima Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to 2.6.11, 2.14.6, 3.2.4, 3.3.1, and 3.4.1, when the security mod… CWE-190
CWE-789
 Integer Overflow or Wraparound
 Memory Allocation with Excessive Size Value
CVE-2025-62600 cpe:2.3:o:debian:debian_linux:13.0:*
cpe:2.3:o:debian:debian_linux:12.0:*
cpe:2.3:o:debian:debian_linux:11.0:*
2026-04-15 01:16
2026-02-4
Show GitHub Exploit DB Packet Storm
7 7.5
-
HIGH
Network
eprosima Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to 2.6.11, 2.14.6, 3.2.4, 3.3.1, and 3.4.1, when the security mod… CWE-190
CWE-789
 Integer Overflow or Wraparound
 Memory Allocation with Excessive Size Value
CVE-2025-62599 cpe:2.3:o:debian:debian_linux:13.0:*
cpe:2.3:o:debian:debian_linux:12.0:*
cpe:2.3:o:debian:debian_linux:11.0:*
2026-04-10 03:16
2026-02-4
Show GitHub Exploit DB Packet Storm
8 8.1
-
HIGH
Network
An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variab… CWE-787
 Out-of-bounds Write
CVE-2025-27363 cpe:2.3:o:debian:debian_linux:11.0:* 2026-04-20 22:15
2025-03-11
Show GitHub Exploit DB Packet Storm
9 6.8
-
MEDIUM
Network
A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occur… - CVE-2025-26465 cpe:2.3:o:debian:debian_linux:12.0:*
cpe:2.3:o:debian:debian_linux:11.0:*
2025-03-6 03:54
2025-02-19
Show GitHub Exploit DB Packet Storm
10 9.8
-
CRITICAL
Network
GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemux_parse_theora_extension within qtdemux.c. The vulnerability … CWE-191
 Integer Underflow (Wrap or Wraparound)
CVE-2024-47606 cpe:2.3:o:debian:debian_linux:11.0:* 2024-12-19 06:35
2024-12-12
Show GitHub Exploit DB Packet Storm