Vulnerabilities > Debian > Debian Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-06 | CVE-2023-52583 | Improper Locking vulnerability in multiple products In the Linux kernel, the following vulnerability has been resolved: ceph: fix deadlock or deadcode of misusing dget() The lock order is incorrect between denty and its parent, we should always make sure that the parent get the lock first. But since this deadcode is never used and the parent dir will always be set from the callers, let's just remove it. | 5.5 |
| 2024-02-28 | CVE-2024-27285 | Cross-site Scripting vulnerability in multiple products YARD is a Ruby Documentation tool. | 6.1 |
| 2024-02-22 | CVE-2023-52160 | Improper Authentication vulnerability in multiple products The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. | 6.5 |
| 2024-02-20 | CVE-2024-1547 | Through a series of API calls and redirects, an attacker-controlled alert dialog could have been displayed on another website (with the victim website's URL shown). | 6.5 |
| 2024-02-20 | CVE-2024-1550 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products A malicious website could have used a combination of exiting fullscreen mode and `requestPointerLock` to cause the user's mouse to be re-positioned unexpectedly, which could have led to user confusion and inadvertently granting permissions they did not intend to grant. | 6.1 |
| 2024-02-11 | CVE-2024-1151 | Out-of-bounds Write vulnerability in multiple products A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. | 5.5 |
| 2024-02-05 | CVE-2024-24857 | Integer Overflow or Wraparound vulnerability in multiple products A race condition was found in the Linux kernel's net/bluetooth device driver in conn_info_{min,max}_age_set() function. | 6.8 |
| 2024-02-05 | CVE-2024-24858 | Race Condition vulnerability in multiple products A race condition was found in the Linux kernel's net/bluetooth in {conn,adv}_{min,max}_interval_set() function. | 5.3 |
| 2024-01-23 | CVE-2024-0741 | Out-of-bounds Write vulnerability in multiple products An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. | 6.5 |
| 2024-01-23 | CVE-2024-0742 | It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after page load. | 4.3 |