Software Detail

Software Informaton Top

Operating Systems

Software Detail

Debian

Number Of NVD

8836

CRITICAL

973

HIGH

3882

MEDIUM

3638

LOW

343

URL	https://www.debian.org/
Explanation	It will be supported for about 5 years after release, including the LTS period. After 5 years, you will need to use a company that provides paid support or update to a newer version.
Tag	Linux

Add Information URL

No	Type	Name	URL
1			https://www.debian.org/releases/index.en.html
2			https://wiki.debian.org/LTS
3			https://www.debian.org/lts/security/
4			https://wiki.debian.org/DebianReleases
5			https://wiki.debian.org/LTS/Extended
6			https://www.debian.org/security/

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Normal Support	Security Support Service Pack Support	Critical	High	Medium	Low
81	Debian 12	12.7	Aug. 31, 2024	Jan. 1, 2023			7	149	115	10
82	Debian 11	11.11	Aug. 31, 2024	Aug. 14, 2021			124	640	478	23
83	Debian 10	10.13	Sept. 10, 2022	July 6, 2019	Aug. 31, 2022		326	1404	1210	111
84	Debian 9	9.13	July 18, 2020	June 17, 2017	June 30, 2022		569	1739	1553	134
85	Debian 8	8.0		April 25, 2015	June 17, 2018	June 30, 2020	498	1437	1431	106
86	Debian 7	7.1		May 4, 2013	April 25, 2016	May 31, 2018	112	494	587	62
87	Debian 5	5.0.9		Feb. 14, 2009	Feb. 6, 2012		5	70	85	25
88	Debian 4	4.0		April 8, 2007	Feb. 15, 2010		5	92	72	10
89	Debian 3	3.0.23		July 19, 2002	March 31, 2008		7	86	74	24
90	Debian 2	2.5.3-3		July 24, 1998	June 30, 2003		0	48	27	15
91	Debian 1	1.3.1		May 17, 1996	Jan. 1, 2000		365	1655	1387	115
92	Debian 0	0.93		Jan. 1, 1900	Jan. 1, 2000		0	8	1	1

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	Update date Published date	Show Affected	Exploit PoC Search
81	7.0 -	HIGH Local	A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escalation. A perf_event's read_size can overflow, lead…	CWE-787 Out-of-bounds Write	CVE-2023-6931	cpe:2.3:o:debian:debian_linux:10.0:*	2024-11-21 17:44 2023-12-19	Show	GitHub Exploit DB Packet Storm

82	8.8 -	HIGH Network	Memory safety bugs present in Firefox 120. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code…	CWE-787 Out-of-bounds Write	CVE-2023-6873	cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:* cpe:2.3:o:debian:debian_linux:10.0:*	2024-11-21 17:44 2023-12-19	Show	GitHub Exploit DB Packet Storm

83	6.1 -	MEDIUM Network	The timing of a button click causing a popup to disappear was approximately the same length as the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by…	CWE-1021 Improper Restriction of Rendered UI Layers or Frames	CVE-2023-6867	cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:* cpe:2.3:o:debian:debian_linux:10.0:*	2024-11-21 17:44 2023-12-19	Show	GitHub Exploit DB Packet Storm

84	6.5 -	MEDIUM Network	`EncryptingOutputStream` was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode.…	NVD-CWE-noinfo	CVE-2023-6865	cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:* cpe:2.3:o:debian:debian_linux:10.0:*	2024-11-21 17:44 2023-12-19	Show	GitHub Exploit DB Packet Storm

85	8.8 -	HIGH Network	The `ShutdownObserver()` was susceptible to potentially undefined behavior due to its reliance on a dynamic type that lacked a virtual destructor. This vulnerability affects Firefox ESR < 115.6, Thun…	NVD-CWE-noinfo	CVE-2023-6863	cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:* cpe:2.3:o:debian:debian_linux:10.0:*	2024-11-21 17:44 2023-12-19	Show	GitHub Exploit DB Packet Storm

86	8.8 -	HIGH Network	A use-after-free was identified in the `nsDNSService::Init`. This issue appears to manifest rarely during start-up. This vulnerability affects Firefox ESR < 115.6 and Thunderbird < 115.6.	CWE-416 Use After Free	CVE-2023-6862	cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:* cpe:2.3:o:debian:debian_linux:10.0:*	2024-11-21 17:44 2023-12-19	Show	GitHub Exploit DB Packet Storm

87	8.8 -	HIGH Network	The `nsWindow::PickerOpen(void)` method was susceptible to a heap buffer overflow when running in headless mode. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.	CWE-787 Out-of-bounds Write	CVE-2023-6861	cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:* cpe:2.3:o:debian:debian_linux:10.0:*	2024-11-21 17:44 2023-12-19	Show	GitHub Exploit DB Packet Storm

88	6.5 -	MEDIUM Network	The `VideoBridge` allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 1…	NVD-CWE-noinfo	CVE-2023-6860	cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:* cpe:2.3:o:debian:debian_linux:10.0:*	2024-11-21 17:44 2023-12-19	Show	GitHub Exploit DB Packet Storm

89	8.8 -	HIGH Network	A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.	CWE-416 Use After Free	CVE-2023-6859	cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:* cpe:2.3:o:debian:debian_linux:10.0:*	2024-11-21 17:44 2023-12-19	Show	GitHub Exploit DB Packet Storm

90	8.8 -	HIGH Network	Firefox was susceptible to a heap buffer overflow in `nsTextFragment` due to insufficient OOM handling. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.	CWE-787 Out-of-bounds Write	CVE-2023-6858	cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:* cpe:2.3:o:debian:debian_linux:10.0:*	2024-11-21 17:44 2023-12-19	Show	GitHub Exploit DB Packet Storm