Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2023-06-14 CVE-2023-30631 Improper Input Validation vulnerability in multiple products
Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server.  The configuration option proxy.config.http.push_method_enabled didn't function.  However, by default the PUSH method is blocked in the ip_allow configuration file.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0. 8.x users should upgrade to 8.1.7 or later versions 9.x users should upgrade to 9.2.1 or later versions
network
low complexity
apache debian fedoraproject CWE-20
7.5
2023-06-13 CVE-2023-3214 Use After Free vulnerability in multiple products
Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-416
8.8
2023-06-13 CVE-2023-3215 Use After Free vulnerability in multiple products
Use after free in WebRTC in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-416
8.8
2023-06-13 CVE-2023-3216 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-843
8.8
2023-06-13 CVE-2023-3217 Use After Free vulnerability in multiple products
Use after free in WebXR in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-416
8.8
2023-06-09 CVE-2023-3141 Use After Free vulnerability in multiple products
A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel.
local
low complexity
linux netapp debian CWE-416
7.1
2023-06-06 CVE-2023-2603 Integer Overflow or Wraparound vulnerability in multiple products
A vulnerability was found in libcap.
7.8
2023-06-05 CVE-2023-3079 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian couchbase CWE-843
8.8
2023-06-05 CVE-2023-3111 Use After Free vulnerability in multiple products
A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel.
local
low complexity
linux debian netapp CWE-416
7.8
2023-05-26 CVE-2023-32307 Heap-based Buffer Overflow vulnerability in multiple products
Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. Referring to [GHSA-8599-x7rq-fr54](https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8599-x7rq-fr54), several other potential heap-over-flow and integer-overflow in stun_parse_attr_error_code and stun_parse_attr_uint32 were found because the lack of attributes length check when Sofia-SIP handles STUN packets.
network
low complexity
signalwire debian CWE-122
7.5