Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2024-02-20 CVE-2024-1550 Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products
A malicious website could have used a combination of exiting fullscreen mode and `requestPointerLock` to cause the user's mouse to be re-positioned unexpectedly, which could have led to user confusion and inadvertently granting permissions they did not intend to grant.
network
low complexity
mozilla debian CWE-1021
6.1
6.1
2024-02-20 CVE-2024-1552 Incorrect Conversion between Numeric Types vulnerability in multiple products
Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior.*Note:* This issue only affects 32-bit ARM devices.
network
low complexity
mozilla debian CWE-681
7.5
7.5
2024-02-20 CVE-2024-26581 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that has been just added in this transactions, skip end interval elements that are not yet active.
local
low complexity
debian linux
7.8
7.8
2024-02-13 CVE-2024-24814 mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality.
network
low complexity
openidc debian fedoraproject
7.5
7.5
2024-02-11 CVE-2024-1151 Out-of-bounds Write vulnerability in multiple products
A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel.
local
low complexity
debian redhat fedoraproject linux CWE-787
5.5
5.5
2024-02-11 CVE-2024-25714 Information Exposure Through Discrepancy vulnerability in multiple products
In Rhonabwy through 1.1.13, HMAC signature verification uses a strcmp function that is vulnerable to side-channel attacks, because it stops the comparison when the first difference is spotted in the two signatures.
network
low complexity
rhonabwy-project debian CWE-203
critical
 9.8
9.8
2024-02-07 CVE-2023-6356 A flaw was found in the Linux kernel's NVMe driver.
network
low complexity
redhat linux debian
7.5
7.5
2024-02-07 CVE-2023-6536 A flaw was found in the Linux kernel's NVMe driver.
network
low complexity
linux redhat debian
7.5
7.5
2024-02-05 CVE-2024-24857 Integer Overflow or Wraparound vulnerability in multiple products
A race condition was found in the Linux kernel's net/bluetooth device driver in conn_info_{min,max}_age_set() function.
high complexity
debian linux CWE-190
6.8
6.8
2024-02-05 CVE-2024-24858 Race Condition vulnerability in multiple products
A race condition was found in the Linux kernel's net/bluetooth in {conn,adv}_{min,max}_interval_set() function.
high complexity
debian linux CWE-362
5.3
5.3