Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2023-04-24 CVE-2023-28484 NULL Pointer Dereference vulnerability in multiple products
In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault.
network
low complexity
xmlsoft debian CWE-476
6.5
6.5
2023-04-24 CVE-2023-29469 Double Free vulnerability in multiple products
An issue was discovered in libxml2 before 2.10.4.
network
low complexity
xmlsoft debian CWE-415
6.5
6.5
2023-04-24 CVE-2023-31084 An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2.
local
low complexity
linux fedoraproject debian netapp
5.5
5.5
2023-04-21 CVE-2023-1998 Information Exposure Through Discrepancy vulnerability in multiple products
The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp.
local
high complexity
linux debian CWE-203
5.6
5.6
2023-04-19 CVE-2023-2133 Out-of-bounds Write vulnerability in multiple products
Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-787
8.8
8.8
2023-04-19 CVE-2023-2134 Out-of-bounds Write vulnerability in multiple products
Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-787
8.8
8.8
2023-04-19 CVE-2023-2135 Use After Free vulnerability in multiple products
Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page.
network
high complexity
google debian fedoraproject CWE-416
7.5
7.5
2023-04-19 CVE-2023-2136 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-190
critical
 9.6
9.6
2023-04-19 CVE-2023-2137 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-787
8.8
8.8
2023-04-18 CVE-2023-30608 sqlparse is a non-validating SQL parser module for Python.
network
low complexity
sqlparse-project debian
7.5
7.5