Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2023-08-11 CVE-2023-3823 XXE vulnerability in multiple products
In PHP versions 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities are loaded.
network
low complexity
php fedoraproject debian CWE-611
7.5
7.5
2023-08-11 CVE-2023-3824 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In PHP version 8.0.* before 8.0.30,  8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE.
network
low complexity
php fedoraproject debian CWE-119
critical
 9.8
9.8
2023-08-11 CVE-2022-27635 Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.
local
low complexity
intel fedoraproject debian
6.7
6.7
2023-08-11 CVE-2022-36351 Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an unauthenticated user to potentially enable denial of service via adjacent access.
low complexity
intel fedoraproject debian
6.5
6.5
2023-08-11 CVE-2022-38076 Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel fedoraproject debian
7.8
7.8
2023-08-11 CVE-2022-40964 Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.
local
low complexity
intel fedoraproject debian
6.7
6.7
2023-08-11 CVE-2022-40982 Information Exposure Through Discrepancy vulnerability in multiple products
Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
local
low complexity
redhat xen intel debian netapp CWE-203
6.5
6.5
2023-08-11 CVE-2022-41804 Unauthorized error injection in Intel(R) SGX or Intel(R) TDX for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
local
low complexity
debian fedoraproject intel
6.7
6.7
2023-08-11 CVE-2022-46329 Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.
local
low complexity
intel fedoraproject debian
6.7
6.7
2023-08-11 CVE-2023-23908 Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local access.
local
low complexity
intel debian fedoraproject
4.4
4.4