Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2023-08-07 CVE-2023-4147 Use After Free vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID.
local
low complexity
linux fedoraproject redhat debian CWE-416
7.8
2023-08-07 CVE-2023-4194 Incorrect Authorization vulnerability in multiple products
A flaw was found in the Linux kernel's TUN/TAP functionality.
local
low complexity
linux redhat fedoraproject debian CWE-863
5.5
2023-08-03 CVE-2023-3180 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the QEMU virtual crypto device while handling data encryption/decryption requests in virtio_crypto_handle_sym_req.
local
low complexity
qemu fedoraproject debian CWE-787
6.5
2023-08-03 CVE-2023-4132 Use After Free vulnerability in multiple products
A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel.
local
low complexity
linux redhat fedoraproject debian CWE-416
5.5
2023-08-03 CVE-2023-4073 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-119
8.8
2023-08-01 CVE-2023-38559 Classic Buffer Overflow vulnerability in multiple products
A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript.
local
low complexity
artifex redhat fedoraproject debian CWE-120
5.5
2023-08-01 CVE-2023-4055 When the number of cookies per domain was exceeded in `document.cookie`, the actual cookie jar sent to the host was no longer consistent with expected cookie jar state.
network
low complexity
mozilla debian
7.5
2023-08-01 CVE-2023-4056 Out-of-bounds Write vulnerability in multiple products
Memory safety bugs present in Firefox 115, Firefox ESR 115.0, Firefox ESR 102.13, Thunderbird 115.0, and Thunderbird 102.13.
network
low complexity
mozilla debian CWE-787
critical
9.8
2023-08-01 CVE-2023-4045 Origin Validation Error vulnerability in multiple products
Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy.
network
low complexity
mozilla debian CWE-346
5.3
2023-08-01 CVE-2023-4046 In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis.
network
low complexity
mozilla debian
5.3