Vulnerabilities > Debian > Debian Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-24 | CVE-2023-3863 | Use After Free vulnerability in multiple products A use-after-free flaw was found in nfc_llcp_find_local in net/nfc/llcp_core.c in NFC in the Linux kernel. | 4.1 |
| 2023-07-22 | CVE-2023-38633 | Path Traversal vulnerability in multiple products A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as demonstrated by href=".?../../../../../../../../../../etc/passwd" in an xi:include element. | 5.5 |
| 2023-07-20 | CVE-2022-2127 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbindd_pam_auth_crap.c. | 5.9 |
| 2023-07-20 | CVE-2023-34967 | Type Confusion vulnerability in multiple products A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight. | 5.3 |
| 2023-07-20 | CVE-2023-34968 | A path disclosure vulnerability was found in Samba. | 5.3 |
| 2023-07-18 | CVE-2023-22041 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). | 5.1 |
| 2023-07-13 | CVE-2023-21400 | Improper Locking vulnerability in multiple products In multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking. | 6.7 |
| 2023-07-12 | CVE-2023-3618 | Classic Buffer Overflow vulnerability in multiple products A flaw was found in libtiff. | 6.5 |
| 2023-07-06 | CVE-2023-36823 | Cross-site Scripting vulnerability in multiple products Sanitize is an allowlist-based HTML and CSS sanitizer. | 6.1 |
| 2023-07-05 | CVE-2023-35936 | Improper Input Validation vulnerability in multiple products Pandoc is a Haskell library for converting from one markup format to another, and a command-line tool that uses this library. | 5.0 |