Search for packages
| purl | pkg:deb/debian/systemd@241-7~deb10u8 |
| Next non-vulnerable version | 254.26-1~bpo12+1 |
| Latest non-vulnerable version | 260.1-1 |
| Risk | 8.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-2nq3-t67f-57ha
Aliases: CVE-2019-20386 |
systemd: memory leak in button_open() in login/logind-button.c when udev events are received |
Affected by 8 other vulnerabilities. |
|
VCID-4eyp-2xve-qugd
Aliases: CVE-2026-40226 |
In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file. |
Affected by 4 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-4n47-ffax-sbdu
Aliases: CVE-2026-4105 |
systemd: systemd: Privilege escalation via improper access control in RegisterMachine D-Bus method |
Affected by 4 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-552s-n3yf-fkgq
Aliases: CVE-2023-7008 |
systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes |
Affected by 4 other vulnerabilities. |
|
VCID-66sa-bc5p-jqde
Aliases: CVE-2023-50387 |
Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service. |
Affected by 4 other vulnerabilities. |
|
VCID-71xj-3x1z-6kh4
Aliases: CVE-2020-1712 |
A heap use-after-free flaw in systemd at worst might allow an attacker to execute arbitrary code. |
Affected by 8 other vulnerabilities. |
|
VCID-7mtw-85gb-vyfz
Aliases: CVE-2021-33910 |
Multiple vulnerabilities have been found in systemd, the worst of which could result in a Denial of Service condition. |
Affected by 8 other vulnerabilities. |
|
VCID-86qy-wkqz-5qam
Aliases: CVE-2025-4598 |
systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump |
Affected by 4 other vulnerabilities. |
|
VCID-8sva-z329-ekcr
Aliases: CVE-2019-15718 |
systemd: systemd-resolved allows unprivileged users to configure DNS |
Affected by 8 other vulnerabilities. |
|
VCID-94hk-2ehw-bqds
Aliases: CVE-2019-3844 |
systemd: services with DynamicUser can get new privileges and create SGID binaries |
Affected by 8 other vulnerabilities. |
|
VCID-dvhg-mcz2-r3f5
Aliases: CVE-2021-3997 |
Multiple vulnerabilities have been discovered in systemd, the worst of which could result in denial of service. |
Affected by 8 other vulnerabilities. |
|
VCID-e9ng-ewvh-kqeq
Aliases: CVE-2022-3821 |
Multiple vulnerabilities have been discovered in systemd, the worst of which could result in denial of service. |
Affected by 8 other vulnerabilities. |
|
VCID-fp54-ff23-vbb5
Aliases: CVE-2026-29111 |
systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data |
Affected by 4 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-hwg6-vaus-cfa2
Aliases: CVE-2026-40225 |
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output. |
Affected by 4 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-sdnj-avfk-7bch
Aliases: CVE-2018-21029 |
systemd: incorrect certificate validation results in acceptance of any certificate signed by a trusted certificate authority for DNS over TLS |
Affected by 8 other vulnerabilities. |
|
VCID-sn1e-9p1f-1fen
Aliases: CVE-2019-3843 |
systemd: services with DynamicUser can create SUID/SGID binaries |
Affected by 8 other vulnerabilities. |
|
VCID-tv9q-bzvp-sqb5
Aliases: CVE-2023-26604 |
systemd: privilege escalation via the less pager |
Affected by 8 other vulnerabilities. |
|
VCID-vprj-j7u6-zbe7
Aliases: CVE-2023-50868 |
Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service. |
Affected by 4 other vulnerabilities. |
|
VCID-w7ys-gs9d-m3f5
Aliases: CVE-2020-13776 |
systemd: Mishandles numerical usernames beginning with decimal digits or 0x followed by hexadecimal digits |
Affected by 8 other vulnerabilities. |
|
VCID-yk9j-tm66-eyev
Aliases: CVE-2022-4415 |
Multiple vulnerabilities have been discovered in systemd, the worst of which can lead to a denial of service. |
Affected by 8 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-1mej-gstk-pfbs | Multiple vulnerabilities have been found in systemd, the worst of which may allow execution of arbitrary code. |
CVE-2018-15686
|
| VCID-4dq5-84vh-u3bz | systemd: Out-of-bounds write in systemd-resolved due to allocating too small buffer in dns_packet_new |
CVE-2017-9445
|
| VCID-5j51-kyj4-gkag | systemd: Mishandled symlinks in systemd-tmpfiles allows local users to obtain ownership of arbitrary files |
CVE-2018-6954
|
| VCID-7mtw-85gb-vyfz | Multiple vulnerabilities have been found in systemd, the worst of which could result in a Denial of Service condition. |
CVE-2021-33910
|
| VCID-7p2k-q6vr-3kf5 | systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c |
CVE-2022-2526
|
| VCID-7war-ne2h-wkej | security update |
CVE-2019-3842
|
| VCID-8x92-ah94-47f7 | systemd: Unsafe handling of hard links allowing privilege escalation |
CVE-2017-18078
|
| VCID-cmbj-869t-c3e3 | Multiple vulnerabilities have been found in systemd, the worst of which may allow execution of arbitrary code. |
CVE-2018-15687
|
| VCID-e7km-pysq-hqe2 | systemd: Infinite loop in the dns_packet_read_type_window() function |
CVE-2017-15908
|
| VCID-fdkt-299k-vufa | systemd: fails to parse usernames that start with digits |
CVE-2017-1000082
|
| VCID-mgcn-uevn-13c3 | Multiple vulnerabilities have been found in systemd, the worst of which may allow execution of arbitrary code. |
CVE-2018-16865
|
| VCID-nuf5-cg89-8bb7 | Multiple vulnerabilities have been found in systemd, the worst of which may allow execution of arbitrary code. |
CVE-2018-16866
|
| VCID-q4kr-rg2c-f7ad | Multiple vulnerabilities have been found in systemd, the worst of which may allow execution of arbitrary code. |
CVE-2018-15688
|
| VCID-sn9x-3yp1-2ke4 | Multiple vulnerabilities have been found in systemd, the worst of which may allow execution of arbitrary code. |
CVE-2018-16864
|
| VCID-t3bf-3486-wqh1 | systemd: kills privileged process if unprivileged PIDFile was tampered |
CVE-2018-16888
|
| VCID-vrsm-6j4m-cka4 | Multiple vulnerabilities have been found in systemd, the worst of which may allow execution of arbitrary code. |
CVE-2019-6454
|
| VCID-z5kr-1k65-hyh3 | systemd: automount: access to automounted volumes can lock up |
CVE-2018-1049
|