Vulnerabilities > Debian
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-09 | CVE-2023-45364 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products An issue was discovered in includes/page/Article.php in MediaWiki 1.36.x through 1.39.x before 1.39.5 and 1.40.x before 1.40.1. | 5.3 |
2023-10-06 | CVE-2023-39928 | Use After Free vulnerability in multiple products A use-after-free vulnerability exists in the MediaRecorder API of Webkit WebKitGTK 2.40.5. | 8.8 |
2023-10-05 | CVE-2023-42755 | Out-of-bounds Read vulnerability in multiple products A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. | 5.5 |
2023-10-04 | CVE-2023-43804 | Information Exposure vulnerability in multiple products urllib3 is a user-friendly HTTP client library for Python. | 8.1 |
2023-10-03 | CVE-2023-4911 | Out-of-bounds Write vulnerability in multiple products A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. | 7.8 |
2023-09-30 | CVE-2023-44488 | Improper Handling of Exceptional Conditions vulnerability in multiple products VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding. | 7.5 |
2023-09-28 | CVE-2023-5186 | Use After Free vulnerability in multiple products Use after free in Passwords in Google Chrome prior to 117.0.5938.132 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. | 8.8 |
2023-09-28 | CVE-2023-5187 | Use After Free vulnerability in multiple products Use after free in Extensions in Google Chrome prior to 117.0.5938.132 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2023-09-28 | CVE-2023-5217 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2023-09-28 | CVE-2023-42756 | Race Condition vulnerability in multiple products A flaw was found in the Netfilter subsystem of the Linux kernel. | 4.7 |