VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Debian
>
Debian Linux
> Medium
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-06-11
CVE-2024-5690
Information Exposure Through Discrepancy vulnerability in multiple products
By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system.
network
low complexity
mozilla
debian
CWE-203
4.3
4.3
2024-06-07
CVE-2024-37383
Cross-site Scripting vulnerability in multiple products
Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes.
network
low complexity
roundcube
debian
CWE-79
6.1
6.1
2024-02-22
CVE-2023-52160
Improper Authentication vulnerability in multiple products
The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass.
network
low complexity
debian
redhat
fedoraproject
w1-fi
CWE-287
6.5
6.5
2024-02-11
CVE-2024-1151
Out-of-bounds Write vulnerability in multiple products
A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel.
local
low complexity
debian
redhat
fedoraproject
linux
CWE-787
5.5
5.5
2024-01-23
CVE-2024-0741
Out-of-bounds Write vulnerability in multiple products
An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash.
network
low complexity
mozilla
debian
CWE-787
6.5
6.5
2024-01-23
CVE-2024-0742
It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after page load.
network
low complexity
mozilla
debian
4.3
4.3
2024-01-23
CVE-2024-0746
A Linux user opening the print preview dialog could have caused the browser to crash.
network
low complexity
mozilla
debian
6.5
6.5
2024-01-23
CVE-2024-0747
When a parent page loaded a child in an iframe with `unsafe-inline`, the parent Content Security Policy could have overridden the child Content Security Policy.
network
low complexity
mozilla
debian
6.5
6.5
2024-01-23
CVE-2024-0749
Origin Validation Error vulnerability in multiple products
A phishing site could have repurposed an `about:` dialog to show phishing content with an incorrect origin in the address bar.
network
low complexity
mozilla
debian
CWE-346
4.3
4.3
2024-01-23
CVE-2024-0753
In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain.
network
low complexity
mozilla
debian
6.5
6.5
«
1
(current)
2
3
4
5
...
415
416
»
Next