Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2023-05-26 CVE-2023-2879 Infinite Loop vulnerability in multiple products
GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark debian CWE-835
7.5
2023-05-25 CVE-2023-32067 c-ares is an asynchronous resolver library.
network
low complexity
c-ares-project fedoraproject debian
7.5
2023-05-25 CVE-2023-0950 Improper Validation of Array Index vulnerability in multiple products
Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded.
local
low complexity
libreoffice debian CWE-129
7.8
2023-05-22 CVE-2023-28709 Off-by-one Error vulnerability in multiple products
The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87.
network
low complexity
apache debian netapp CWE-193
7.5
2023-05-18 CVE-2023-33204 Integer Overflow or Wraparound vulnerability in multiple products
sysstat through 12.7.2 allows a multiplication integer overflow in check_overflow in common.c.
7.8
2023-05-17 CVE-2023-24805 OS Command Injection vulnerability in multiple products
cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos.
network
low complexity
linuxfoundation fedoraproject debian CWE-78
8.8
2023-05-16 CVE-2023-2721 Use After Free vulnerability in multiple products
Use after free in Navigation in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-416
8.8
2023-05-16 CVE-2023-2722 Use After Free vulnerability in multiple products
Use after free in Autofill UI in Google Chrome on Android prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-416
8.8
2023-05-16 CVE-2023-2723 Use After Free vulnerability in multiple products
Use after free in DevTools in Google Chrome prior to 113.0.5672.126 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-416
8.8
2023-05-16 CVE-2023-2724 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-843
8.8