Vulnerabilities > Debian > Debian Linux
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-12 | CVE-2023-3618 | Classic Buffer Overflow vulnerability in multiple products A flaw was found in libtiff. | 6.5 |
| 2023-07-06 | CVE-2023-36823 | Cross-site Scripting vulnerability in multiple products Sanitize is an allowlist-based HTML and CSS sanitizer. | 6.1 |
| 2023-07-05 | CVE-2023-35936 | Improper Input Validation vulnerability in multiple products Pandoc is a Haskell library for converting from one markup format to another, and a command-line tool that uses this library. | 5.0 |
| 2023-07-05 | CVE-2023-31248 | Use After Free vulnerability in multiple products Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace | 7.8 |
| 2023-07-05 | CVE-2023-35001 | Out-of-bounds Write vulnerability in multiple products Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace | 7.8 |
| 2023-07-05 | CVE-2023-37211 | Out-of-bounds Write vulnerability in multiple products Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. | 8.8 |
| 2023-07-05 | CVE-2023-37201 | Use After Free vulnerability in multiple products An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. | 8.8 |
| 2023-07-05 | CVE-2023-37202 | Use After Free vulnerability in multiple products Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free. | 8.8 |
| 2023-07-05 | CVE-2023-37207 | Unsafe Reflection vulnerability in multiple products A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. | 6.5 |
| 2023-07-05 | CVE-2023-37208 | When opening Diagcab files, Firefox did not warn the user that these files may contain malicious code. | 7.8 |