Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2023-08-14 CVE-2023-40283 Use After Free vulnerability in multiple products
An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10.
local
low complexity
linux debian canonical CWE-416
7.8
7.8
2023-08-11 CVE-2023-39534 eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group.
network
low complexity
eprosima debian
7.5
7.5
2023-08-11 CVE-2023-39945 eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group.
network
low complexity
eprosima debian
7.5
7.5
2023-08-11 CVE-2023-39946 Out-of-bounds Write vulnerability in multiple products
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group.
network
low complexity
eprosima debian CWE-787
7.5
7.5
2023-08-11 CVE-2023-39947 Out-of-bounds Write vulnerability in multiple products
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group.
network
low complexity
eprosima debian CWE-787
7.5
7.5
2023-08-11 CVE-2023-39948 eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group.
network
low complexity
eprosima debian
7.5
7.5
2023-08-11 CVE-2023-39949 eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group.
network
low complexity
eprosima debian
7.5
7.5
2023-08-11 CVE-2023-39417 SQL Injection vulnerability in multiple products
IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or "").
network
low complexity
postgresql redhat debian CWE-89
8.8
8.8
2023-08-11 CVE-2023-39418 Insufficient Granularity of Access Control vulnerability in multiple products
A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT.
network
low complexity
postgresql redhat debian CWE-1220
4.3
4.3
2023-08-11 CVE-2023-3823 XXE vulnerability in multiple products
In PHP versions 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities are loaded.
network
low complexity
php fedoraproject debian CWE-611
7.5
7.5