Vulnerabilities > Debian > Debian Linux

DATE CVE VULNERABILITY TITLE RISK
2023-06-22 CVE-2023-34241 Use After Free vulnerability in multiple products
OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems.
7.1
2023-06-21 CVE-2023-2828 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Every `named` instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers.
network
low complexity
isc debian fedoraproject netapp CWE-770
7.5
2023-06-21 CVE-2023-2911 Out-of-bounds Write vulnerability in multiple products
If the `recursive-clients` quota is reached on a BIND 9 resolver configured with both `stale-answer-enable yes;` and `stale-answer-client-timeout 0;`, a sequence of serve-stale-related lookups could cause `named` to loop and terminate unexpectedly due to a stack overflow. This issue affects BIND 9 versions 9.16.33 through 9.16.41, 9.18.7 through 9.18.15, 9.16.33-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1.
network
low complexity
isc debian fedoraproject netapp CWE-787
7.5
2023-06-18 CVE-2023-35823 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.3.2.
local
high complexity
linux debian CWE-416
7.0
2023-06-18 CVE-2023-35824 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.3.2.
local
high complexity
linux debian CWE-416
7.0
2023-06-16 CVE-2023-35788 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7.
local
low complexity
linux debian netapp canonical CWE-787
7.8
2023-06-16 CVE-2023-3268 Out-of-bounds Read vulnerability in multiple products
An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs.
local
low complexity
linux debian CWE-125
7.1
2023-06-14 CVE-2022-47184 Information Exposure vulnerability in multiple products
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: 8.0.0 to 9.2.0.
network
low complexity
apache debian CWE-200
7.5
2023-06-14 CVE-2023-30631 Improper Input Validation vulnerability in multiple products
Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server.  The configuration option proxy.config.http.push_method_enabled didn't function.  However, by default the PUSH method is blocked in the ip_allow configuration file.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0. 8.x users should upgrade to 8.1.7 or later versions 9.x users should upgrade to 9.2.1 or later versions
network
low complexity
apache debian fedoraproject CWE-20
7.5
2023-06-13 CVE-2023-3214 Use After Free vulnerability in multiple products
Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-416
8.8