Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-09	CVE-2023-45364	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products An issue was discovered in includes/page/Article.php in MediaWiki 1.36.x through 1.39.x before 1.39.5 and 1.40.x before 1.40.1. network low complexity mediawiki debian CWE-732	5.3
2023-10-05	CVE-2023-42755	Out-of-bounds Read vulnerability in multiple products A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. local low complexity linux redhat debian CWE-125	5.5
2023-09-28	CVE-2023-42756	Race Condition vulnerability in multiple products A flaw was found in the Netfilter subsystem of the Linux kernel. local high complexity linux redhat debian fedoraproject CWE-362	4.7
2023-09-27	CVE-2023-5169	Out-of-bounds Write vulnerability in multiple products A compromised content process could have provided malicious data in a `PathRecording` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. network low complexity mozilla debian fedoraproject CWE-787	6.5
2023-09-27	CVE-2023-5171	Use After Free vulnerability in multiple products During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a potentially exploitable crash. network low complexity mozilla debian fedoraproject CWE-416	6.5
2023-09-22	CVE-2023-43770	Cross-site Scripting vulnerability in multiple products Roundcube before 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3 allows XSS via text/plain e-mail messages with crafted links because of program/lib/Roundcube/rcube_string_replacer.php behavior. network low complexity roundcube debian CWE-79	6.1
2023-09-15	CVE-2023-41900	Improper Authentication vulnerability in multiple products Jetty is a Java based web server and servlet engine. network low complexity eclipse debian CWE-287	4.3
2023-09-15	CVE-2023-40167	Improper Handling of Length Parameter Inconsistency vulnerability in multiple products Jetty is a Java based web server and servlet engine. network low complexity eclipse debian CWE-130	5.3
2023-09-15	CVE-2023-36479	Improper Neutralization of Quoting Syntax vulnerability in multiple products Eclipse Jetty Canonical Repository is the canonical repository for the Jetty project. network low complexity eclipse debian CWE-149	4.3
2023-09-12	CVE-2023-4900	Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to obfuscate a permission prompt via a crafted HTML page. network low complexity google fedoraproject debian	4.3