| 2024-07-01 | CVE-2024-6387 | Race Condition vulnerability in multiple products
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). | 8.1 |
| 2024-06-05 | CVE-2024-5629 | Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read in the 'bson' module of PyMongo 4.6.2 or earlier allows deserialization of malformed BSON provided by a Server to raise an exception which may contain arbitrary application memory. | 8.1 |
| 2024-01-23 | CVE-2024-0750 | A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. | 8.8 |
| 2024-01-23 | CVE-2024-0751 | Improper Privilege Management vulnerability in multiple products
A malicious devtools extension could have been used to escalate privileges. | 8.8 |
| 2024-01-23 | CVE-2024-0755 | Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. | 8.8 |
| 2024-01-19 | CVE-2023-50447 | Code Injection vulnerability in multiple products
Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter). | 8.1 |
| 2024-01-16 | CVE-2024-20918 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). | 7.4 |
| 2024-01-16 | CVE-2024-20952 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). | 7.4 |
| 2024-01-16 | CVE-2024-0567 | Improper Verification of Cryptographic Signature vulnerability in multiple products
A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. | 7.5 |
| 2024-01-11 | CVE-2023-51780 | Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.6.8. | 7.0 |