VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Debian
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2023-10-11
CVE-2023-5486
Inappropriate implementation in Input in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page.
network
low complexity
google
debian
4.3
4.3
2023-10-11
CVE-2023-44981
Authorization Bypass Through User-Controlled Key vulnerability in Apache ZooKeeper.
network
low complexity
apache
debian
critical
9.1
9.1
2023-10-10
CVE-2023-45648
Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer headers.
network
low complexity
apache
debian
5.3
5.3
2023-10-10
CVE-2023-42795
Incomplete Cleanup vulnerability in Apache Tomcat.When recycling various internal objects in Apache Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.80 and from 8.5.0 through 8.5.93, an error could cause Tomcat to skip some parts of the recycling process leading to information leaking from the current request/response to the next. Users are recommended to upgrade to version 11.0.0-M12 onwards, 10.1.14 onwards, 9.0.81 onwards or 8.5.94 onwards, which fixes the issue.
network
low complexity
apache
debian
5.3
5.3
2023-10-10
CVE-2023-36478
Eclipse Jetty provides a web server and servlet container.
network
low complexity
eclipse
jenkins
debian
7.5
7.5
2023-10-10
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
network
low complexity
ietf
nghttp2
netty
envoyproxy
eclipse
caddyserver
golang
f5
apache
apple
grpc
microsoft
nodejs
dena
facebook
amazon
debian
kazu-yamamoto
istio
varnish-cache-project
traefik
projectcontour
linkerd
linecorp
redhat
fedoraproject
netapp
akka
konghq
jenkins
openresty
cisco
7.5
7.5
2023-10-09
CVE-2023-43641
libcue provides an API for parsing and extracting data from CUE sheets.
network
low complexity
lipnitsk
fedoraproject
debian
8.8
8.8
2023-10-09
CVE-2023-45363
Infinite Loop vulnerability in multiple products
An issue was discovered in ApiPageSet.php in MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1.
network
low complexity
mediawiki
debian
CWE-835
7.5
7.5
2023-10-09
CVE-2023-45364
Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
An issue was discovered in includes/page/Article.php in MediaWiki 1.36.x through 1.39.x before 1.39.5 and 1.40.x before 1.40.1.
network
low complexity
mediawiki
debian
CWE-732
5.3
5.3
2023-10-06
CVE-2023-39928
Use After Free vulnerability in multiple products
A use-after-free vulnerability exists in the MediaRecorder API of Webkit WebKitGTK 2.40.5.
network
low complexity
webkitgtk
debian
fedoraproject
CWE-416
8.8
8.8
«
Previous
1
2
...
15
16
17
(current)
18
19
...
758
759
»
Next