12.0

DATE	CVE	VULNERABILITY TITLE	RISK
2023-11-01	CVE-2023-5859	Origin Validation Error vulnerability in multiple products Incorrect security UI in Picture In Picture in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted local HTML page. network low complexity google debian fedoraproject CWE-346	4.3
2023-10-27	CVE-2023-34058	Improper Verification of Cryptographic Signature vulnerability in multiple products VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html . high complexity vmware debian fedoraproject CWE-347	7.5
2023-10-27	CVE-2023-34059	open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs. local high complexity vmware debian	7.0
2023-10-26	CVE-2023-46234	Improper Verification of Cryptographic Signature vulnerability in multiple products browserify-sign is a package to duplicate the functionality of node's crypto public key functions, much of this is based on Fedor Indutny's work on indutny/tls.js. network low complexity browserify debian CWE-347	7.5
2023-10-25	CVE-2023-5367	Out-of-bounds Write vulnerability in multiple products A out-of-bounds write flaw was found in the xorg-x11-server. local low complexity x-org redhat fedoraproject debian CWE-787	7.8
2023-10-25	CVE-2023-5380	Use After Free vulnerability in multiple products A use-after-free flaw was found in the xorg-x11-server. local high complexity x-org redhat fedoraproject debian CWE-416	4.7
2023-10-25	CVE-2023-41983	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The issue was addressed with improved memory handling. network low complexity apple fedoraproject debian CWE-119	6.5
2023-10-25	CVE-2023-42852	A logic issue was addressed with improved checks. network low complexity apple fedoraproject debian	8.8
2023-10-25	CVE-2023-46316	In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines. local low complexity buc debian	5.5
2023-10-25	CVE-2023-5363	Issue summary: A bug has been identified in the processing of key and initialisation vector (IV) lengths. network low complexity openssl debian netapp	7.5