Vulnerabilities > Debian > Debian Linux

DATE CVE VULNERABILITY TITLE RISK
2023-06-25 CVE-2023-36664 Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix).
local
low complexity
artifex debian fedoraproject
7.8
7.8
2023-06-23 CVE-2023-3212 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. 		4.4
4.4
2023-06-22 CVE-2023-34241 OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems.
local
low complexity
openprinting fedoraproject debian apple
7.1
7.1
2023-06-18 CVE-2023-35823 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.3.2.
local
high complexity
linux debian CWE-416
7.0
7.0
2023-06-18 CVE-2023-35824 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.3.2.
local
high complexity
linux debian CWE-416
7.0
7.0
2023-06-16 CVE-2023-35788 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7.
local
low complexity
linux debian netapp canonical CWE-787
7.8
7.8
2023-06-16 CVE-2023-3268 Out-of-bounds Read vulnerability in multiple products
An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs.
local
low complexity
linux debian CWE-125
7.1
7.1
2023-06-14 CVE-2022-47184 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: 8.0.0 to 9.2.0.
network
low complexity
apache debian
7.5
7.5
2023-06-14 CVE-2023-30631 Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server.  The configuration option proxy.config.http.push_method_enabled didn't function.  However, by default the PUSH method is blocked in the ip_allow configuration file.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0. 8.x users should upgrade to 8.1.7 or later versions 9.x users should upgrade to 9.2.1 or later versions
network
low complexity
apache debian fedoraproject
7.5
7.5
2023-06-13 CVE-2023-3214 Use After Free vulnerability in multiple products
Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-416
8.8
8.8