Vulnerabilities > Debian > Debian Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-11-10 CVE-2024-46955 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0.
local
low complexity
artifex debian suse CWE-125
5.5
2024-10-03 CVE-2024-8508 Improper Validation of Specified Quantity in Input vulnerability in multiple products
NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for.
network
low complexity
nlnetlabs debian CWE-1284
5.3
2024-06-11 CVE-2024-5690 Information Exposure Through Discrepancy vulnerability in multiple products
By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system.
network
low complexity
mozilla debian CWE-203
4.3
2024-06-07 CVE-2024-37383 Cross-site Scripting vulnerability in multiple products
Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes.
network
low complexity
roundcube debian CWE-79
6.1
2024-02-22 CVE-2023-52160 Improper Authentication vulnerability in multiple products
The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass.
network
low complexity
debian redhat fedoraproject w1-fi CWE-287
6.5
2024-02-20 CVE-2024-1547 Through a series of API calls and redirects, an attacker-controlled alert dialog could have been displayed on another website (with the victim website's URL shown).
network
low complexity
mozilla debian
6.5
2024-02-20 CVE-2024-1550 Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products
A malicious website could have used a combination of exiting fullscreen mode and `requestPointerLock` to cause the user's mouse to be re-positioned unexpectedly, which could have led to user confusion and inadvertently granting permissions they did not intend to grant.
network
low complexity
mozilla debian CWE-1021
6.1
2024-02-11 CVE-2024-1151 Out-of-bounds Write vulnerability in multiple products
A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel.
local
low complexity
debian redhat fedoraproject linux CWE-787
5.5
2024-01-23 CVE-2024-0741 Out-of-bounds Write vulnerability in multiple products
An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash.
network
low complexity
mozilla debian CWE-787
6.5
2024-01-23 CVE-2024-0742 It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after page load.
network
low complexity
mozilla debian
4.3