Vulnerabilities > Debian > Debian Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-04-25 CVE-2023-2269 Improper Locking vulnerability in multiple products
A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component.
local
low complexity
linux fedoraproject debian netapp CWE-667
4.4
2023-04-24 CVE-2023-28484 NULL Pointer Dereference vulnerability in multiple products
In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault.
network
low complexity
xmlsoft debian CWE-476
6.5
2023-04-24 CVE-2023-29469 Double Free vulnerability in multiple products
An issue was discovered in libxml2 before 2.10.4.
network
low complexity
xmlsoft debian CWE-415
6.5
2023-04-24 CVE-2023-31084 An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2.
local
low complexity
linux fedoraproject debian netapp
5.5
2023-04-21 CVE-2023-1998 Information Exposure Through Discrepancy vulnerability in multiple products
The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp.
local
high complexity
linux debian CWE-203
5.6
2023-04-18 CVE-2023-26049 Information Exposure vulnerability in multiple products
Jetty is a java based web server and servlet engine.
network
low complexity
eclipse debian netapp CWE-200
5.3
2023-04-18 CVE-2023-28856 Reachable Assertion vulnerability in multiple products
Redis is an open source, in-memory database that persists on disk.
network
low complexity
redis debian fedoraproject CWE-617
6.5
2023-04-18 CVE-2023-21939 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing).
network
low complexity
oracle netapp debian
5.3
2023-04-18 CVE-2023-21954 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot).
network
high complexity
oracle netapp debian
5.9
2023-04-18 CVE-2023-21967 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE).
network
high complexity
oracle netapp debian
5.9