Vulnerabilities > Debian > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-09-27 CVE-2023-5176 Out-of-bounds Write vulnerability in multiple products
Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2.
network
low complexity
mozilla debian CWE-787
critical
9.8
2023-09-20 CVE-2023-42464 Type Confusion vulnerability in multiple products
A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x before 3.1.17.
network
low complexity
netatalk debian CWE-843
critical
9.8
2023-09-20 CVE-2019-19450 XML Injection (aka Blind XPath Injection) vulnerability in multiple products
paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with '<unichar code="' followed by arbitrary Python code, a similar issue to CVE-2019-17626.
network
low complexity
reportlab debian CWE-91
critical
9.8
2023-08-31 CVE-2023-40181 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.
network
low complexity
freerdp debian fedoraproject
critical
9.1
2023-08-31 CVE-2023-40186 Integer Overflow or Wraparound vulnerability in multiple products
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.
network
low complexity
freerdp debian fedoraproject CWE-190
critical
9.8
2023-08-31 CVE-2023-40188 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.
network
low complexity
freerdp debian fedoraproject
critical
9.1
2023-08-31 CVE-2023-40567 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.
network
low complexity
freerdp debian fedoraproject
critical
9.8
2023-08-31 CVE-2023-40569 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.
network
low complexity
freerdp debian fedoraproject
critical
9.8
2023-08-31 CVE-2023-39352 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.
network
low complexity
freerdp debian fedoraproject
critical
9.8
2023-08-31 CVE-2023-39353 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license.
network
low complexity
freerdp debian fedoraproject
critical
9.1