Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2023-06-13 CVE-2023-3217 Use After Free vulnerability in multiple products
Use after free in WebXR in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-416
8.8
2023-06-09 CVE-2023-3141 Use After Free vulnerability in multiple products
A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel.
local
low complexity
linux netapp debian CWE-416
7.1
2023-06-06 CVE-2023-2603 Integer Overflow or Wraparound vulnerability in multiple products
A vulnerability was found in libcap.
7.8
2023-06-05 CVE-2023-3079 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian couchbase CWE-843
8.8
2023-06-05 CVE-2023-3111 Use After Free vulnerability in multiple products
A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel.
local
low complexity
linux debian netapp CWE-416
7.8
2023-05-26 CVE-2023-32307 Heap-based Buffer Overflow vulnerability in multiple products
Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. Referring to [GHSA-8599-x7rq-fr54](https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8599-x7rq-fr54), several other potential heap-over-flow and integer-overflow in stun_parse_attr_error_code and stun_parse_attr_uint32 were found because the lack of attributes length check when Sofia-SIP handles STUN packets.
network
low complexity
signalwire debian CWE-122
7.5
2023-05-26 CVE-2023-2879 Infinite Loop vulnerability in multiple products
GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark debian CWE-835
7.5
2023-05-25 CVE-2023-32067 c-ares is an asynchronous resolver library.
network
low complexity
c-ares-project fedoraproject debian
7.5
2023-05-25 CVE-2023-0950 Improper Validation of Array Index vulnerability in multiple products
Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded.
local
low complexity
libreoffice debian CWE-129
7.8
2023-05-22 CVE-2023-28709 Off-by-one Error vulnerability in multiple products
The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87.
network
low complexity
apache debian netapp CWE-193
7.5