Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2023-06-05 CVE-2023-3079 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian couchbase CWE-843
8.8
2023-06-05 CVE-2023-3111 Use After Free vulnerability in multiple products
A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel.
local
low complexity
linux debian netapp CWE-416
7.8
2023-06-01 CVE-2023-32324 Out-of-bounds Write vulnerability in multiple products
OpenPrinting CUPS is an open source printing system.
local
low complexity
openprinting debian CWE-787
5.5
2023-05-31 CVE-2023-34256 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.3.3.
local
low complexity
linux suse debian CWE-125
5.5
2023-05-30 CVE-2023-2952 Infinite Loop vulnerability in multiple products
XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark debian CWE-835
6.5
2023-05-30 CVE-2023-2650 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience notable to very long delays when processing those messages, which may lead to a Denial of Service. An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - most of which have no size limit.
network
low complexity
openssl debian CWE-770
6.5
2023-05-26 CVE-2023-32307 Heap-based Buffer Overflow vulnerability in multiple products
Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. Referring to [GHSA-8599-x7rq-fr54](https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8599-x7rq-fr54), several other potential heap-over-flow and integer-overflow in stun_parse_attr_error_code and stun_parse_attr_uint32 were found because the lack of attributes length check when Sofia-SIP handles STUN packets.
network
low complexity
signalwire debian CWE-122
7.5
2023-05-26 CVE-2023-2898 NULL Pointer Dereference vulnerability in multiple products
There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel.
local
high complexity
linux debian netapp CWE-476
4.7
2023-05-26 CVE-2023-28321 Improper Certificate Validation vulnerability in multiple products
An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates.
network
high complexity
haxx debian fedoraproject netapp apple CWE-295
5.9
2023-05-26 CVE-2023-2854 Out-of-bounds Write vulnerability in multiple products
BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
network
low complexity
wireshark debian CWE-787
6.5