Vulnerabilities > Debian > Debian Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-08-01 CVE-2023-4046 In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis.
network
low complexity
mozilla debian
5.3
2023-08-01 CVE-2023-4049 Race Condition vulnerability in multiple products
Race conditions in reference counting code were found through code inspection.
network
high complexity
mozilla debian CWE-362
5.9
2023-07-25 CVE-2023-3772 NULL Pointer Dereference vulnerability in multiple products
A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem).
local
low complexity
redhat fedoraproject linux debian CWE-476
4.4
2023-07-25 CVE-2023-3773 Out-of-bounds Read vulnerability in multiple products
A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem).
local
low complexity
redhat fedoraproject linux debian CWE-125
4.4
2023-07-25 CVE-2023-38745 Pandoc before 3.1.6 allows arbitrary file write: this can be triggered by providing a crafted image element in the input when generating files via the --extract-media option or outputting to PDF format.
local
high complexity
pandoc debian
6.3
2023-07-24 CVE-2023-20593 An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.
local
low complexity
xen debian amd
5.5
2023-07-24 CVE-2023-3863 Use After Free vulnerability in multiple products
A use-after-free flaw was found in nfc_llcp_find_local in net/nfc/llcp_core.c in NFC in the Linux kernel.
local
high complexity
linux debian CWE-416
4.1
2023-07-22 CVE-2023-38633 Path Traversal vulnerability in multiple products
A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as demonstrated by href=".?../../../../../../../../../../etc/passwd" in an xi:include element.
local
low complexity
gnome fedoraproject debian CWE-22
5.5
2023-07-20 CVE-2022-2127 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbindd_pam_auth_crap.c.
network
high complexity
samba redhat fedoraproject debian CWE-125
5.9
2023-07-20 CVE-2023-34967 Type Confusion vulnerability in multiple products
A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight.
network
low complexity
samba fedoraproject redhat debian CWE-843
5.3