Vulnerabilities > Debian > Debian Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-08-08 CVE-2023-20569 Information Exposure Through Discrepancy vulnerability in multiple products
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction.
local
high complexity
fedoraproject debian amd microsoft CWE-203
4.7
2023-08-08 CVE-2023-20588 Divide By Zero vulnerability in multiple products
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. 
local
low complexity
debian amd xen fedoraproject microsoft CWE-369
5.5
2023-08-07 CVE-2023-36054 Access of Uninitialized Pointer vulnerability in multiple products
lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer.
network
low complexity
mit debian netapp CWE-824
6.5
2023-08-07 CVE-2023-4194 Incorrect Authorization vulnerability in multiple products
A flaw was found in the Linux kernel's TUN/TAP functionality.
local
low complexity
linux redhat fedoraproject debian CWE-863
5.5
2023-08-03 CVE-2023-3180 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the QEMU virtual crypto device while handling data encryption/decryption requests in virtio_crypto_handle_sym_req.
local
low complexity
qemu fedoraproject debian CWE-787
6.5
2023-08-03 CVE-2023-4132 Use After Free vulnerability in multiple products
A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel.
local
low complexity
linux redhat fedoraproject debian CWE-416
5.5
2023-08-01 CVE-2023-38559 Classic Buffer Overflow vulnerability in multiple products
A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript.
local
low complexity
artifex redhat fedoraproject debian CWE-120
5.5
2023-08-01 CVE-2023-4045 Origin Validation Error vulnerability in multiple products
Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy.
network
low complexity
mozilla debian CWE-346
5.3
2023-08-01 CVE-2023-4046 In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis.
network
low complexity
mozilla debian
5.3
2023-08-01 CVE-2023-4049 Race Condition vulnerability in multiple products
Race conditions in reference counting code were found through code inspection.
network
high complexity
mozilla debian CWE-362
5.9