Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2023-10-09 CVE-2023-45364 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
An issue was discovered in includes/page/Article.php in MediaWiki 1.36.x through 1.39.x before 1.39.5 and 1.40.x before 1.40.1.
network
low complexity
mediawiki debian CWE-732
5.3
2023-10-06 CVE-2023-39928 Use After Free vulnerability in multiple products
A use-after-free vulnerability exists in the MediaRecorder API of Webkit WebKitGTK 2.40.5.
network
low complexity
webkitgtk debian fedoraproject CWE-416
8.8
2023-10-05 CVE-2023-42755 Out-of-bounds Read vulnerability in multiple products
A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel.
local
low complexity
linux redhat debian CWE-125
5.5
2023-10-04 CVE-2023-43804 Information Exposure vulnerability in multiple products
urllib3 is a user-friendly HTTP client library for Python.
network
low complexity
python debian fedoraproject CWE-200
8.1
2023-10-03 CVE-2023-4911 Out-of-bounds Write vulnerability in multiple products
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable.
7.8
2023-09-30 CVE-2023-44488 Improper Handling of Exceptional Conditions vulnerability in multiple products
VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding.
network
low complexity
webmproject redhat debian fedoraproject CWE-755
7.5
2023-09-28 CVE-2023-5186 Use After Free vulnerability in multiple products
Use after free in Passwords in Google Chrome prior to 117.0.5938.132 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction.
network
low complexity
google debian fedoraproject CWE-416
8.8
2023-09-28 CVE-2023-5187 Use After Free vulnerability in multiple products
Use after free in Extensions in Google Chrome prior to 117.0.5938.132 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-416
8.8
2023-09-28 CVE-2023-5217 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
8.8
2023-09-28 CVE-2023-42756 Race Condition vulnerability in multiple products
A flaw was found in the Netfilter subsystem of the Linux kernel.
local
high complexity
linux redhat debian fedoraproject CWE-362
4.7