Vulnerabilities > Debian > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-04-19 CVE-2023-2136 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-190
critical
 9.6
9.6
2023-03-31 CVE-2023-28879 Out-of-bounds Write vulnerability in multiple products
In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c.
network
low complexity
artifex debian CWE-787
critical
 9.8
9.8
2023-03-28 CVE-2022-0194 Out-of-bounds Write vulnerability in multiple products
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk.
network
low complexity
netatalk debian CWE-787
critical
 9.8
9.8
2023-03-28 CVE-2022-23121 Improper Handling of Exceptional Conditions vulnerability in multiple products
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk.
network
low complexity
netatalk debian CWE-755
critical
 9.8
9.8
2023-03-28 CVE-2022-23122 Out-of-bounds Write vulnerability in multiple products
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk.
network
low complexity
netatalk debian CWE-787
critical
 9.8
9.8
2023-03-28 CVE-2022-23123 Out-of-bounds Read vulnerability in multiple products
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk.
network
low complexity
netatalk debian CWE-125
critical
 9.8
9.8
2023-03-28 CVE-2022-23124 Out-of-bounds Read vulnerability in multiple products
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk.
network
low complexity
netatalk debian CWE-125
critical
 9.8
9.8
2023-03-28 CVE-2022-23125 Out-of-bounds Write vulnerability in multiple products
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk.
network
low complexity
netatalk debian CWE-787
critical
 9.8
9.8
2023-02-28 CVE-2023-27372 SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled.
network
low complexity
spip debian
critical
 9.8
9.8
2023-02-20 CVE-2022-48337 OS Command Injection vulnerability in multiple products
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program.
network
low complexity
gnu debian CWE-78
critical
 9.8
9.8