Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2023-12-06 CVE-2023-6512 Inappropriate implementation in Web Browser UI in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to potentially spoof the contents of an iframe dialog context menu via a crafted HTML page.
network
low complexity
debian fedoraproject google
6.5
2023-12-04 CVE-2023-40462 Reachable Assertion vulnerability in multiple products
The ACEManager component of ALEOS 4.16 and earlier does not perform input sanitization during authentication, which could potentially result in a Denial of Service (DoS) condition for ACEManager without impairing other router functions.
network
low complexity
sierrawireless debian CWE-617
7.5
2023-11-30 CVE-2023-42916 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read was addressed with improved input validation.
network
low complexity
apple fedoraproject debian webkitgtk CWE-125
6.5
2023-11-30 CVE-2023-42917 Out-of-bounds Write vulnerability in multiple products
A memory corruption vulnerability was addressed with improved locking.
network
low complexity
apple debian fedoraproject webkitgtk CWE-787
8.8
2023-11-29 CVE-2023-6345 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file.
network
low complexity
google debian fedoraproject microsoft CWE-190
critical
9.6
2023-11-29 CVE-2023-6346 Use After Free vulnerability in multiple products
Use after free in WebAudio in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-416
8.8
2023-11-29 CVE-2023-6347 Use After Free vulnerability in multiple products
Use after free in Mojo in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-416
8.8
2023-11-29 CVE-2023-6348 Type Confusion vulnerability in multiple products
Type Confusion in Spellcheck in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-843
8.8
2023-11-29 CVE-2023-6350 Use After Free vulnerability in multiple products
Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file.
network
low complexity
google debian fedoraproject CWE-416
8.8
2023-11-29 CVE-2023-6351 Use After Free vulnerability in multiple products
Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file.
network
low complexity
google debian fedoraproject CWE-416
8.8