Vulnerabilities > Debian > Debian Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-08-03 CVE-2023-3180 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the QEMU virtual crypto device while handling data encryption/decryption requests in virtio_crypto_handle_sym_req.
local
low complexity
qemu fedoraproject debian CWE-787
6.5
6.5
2023-08-03 CVE-2023-4132 Use After Free vulnerability in multiple products
A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel.
local
low complexity
linux redhat fedoraproject debian CWE-416
5.5
5.5
2023-08-01 CVE-2023-38559 Classic Buffer Overflow vulnerability in multiple products
A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript.
local
low complexity
artifex redhat fedoraproject debian CWE-120
5.5
5.5
2023-08-01 CVE-2023-4045 Origin Validation Error vulnerability in multiple products
Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy.
network
low complexity
mozilla debian CWE-346
5.3
5.3
2023-08-01 CVE-2023-4046 In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis.
network
low complexity
mozilla debian
5.3
5.3
2023-08-01 CVE-2023-4049 Race Condition vulnerability in multiple products
Race conditions in reference counting code were found through code inspection.
network
high complexity
mozilla debian CWE-362
5.9
5.9
2023-07-25 CVE-2023-3772 NULL Pointer Dereference vulnerability in multiple products
A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem).
local
low complexity
redhat fedoraproject linux debian CWE-476
4.4
4.4
2023-07-25 CVE-2023-3773 Out-of-bounds Read vulnerability in multiple products
A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem).
local
low complexity
redhat fedoraproject linux debian CWE-125
4.4
4.4
2023-07-25 CVE-2023-38745 Pandoc before 3.1.6 allows arbitrary file write: this can be triggered by providing a crafted image element in the input when generating files via the --extract-media option or outputting to PDF format.
local
high complexity
pandoc debian
6.3
6.3
2023-07-24 CVE-2023-20593 An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.
local
low complexity
xen debian amd
5.5
5.5