Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2023-04-18 CVE-2023-30608 sqlparse is a non-validating SQL parser module for Python.
network
low complexity
sqlparse-project debian
7.5
2023-04-18 CVE-2023-21930 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE).
network
high complexity
oracle netapp debian
7.4
2023-04-14 CVE-2023-2033 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject couchbase CWE-843
8.8
2023-04-12 CVE-2023-1992 Resource Exhaustion vulnerability in multiple products
RPCoRDMA dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark debian fedoraproject CWE-400
7.5
2023-04-12 CVE-2023-1872 Use After Free vulnerability in multiple products
A use-after-free vulnerability in the Linux Kernel io_uring system can be exploited to achieve local privilege escalation. The io_file_get_fixed function lacks the presence of ctx->uring_lock which can lead to a Use-After-Free vulnerability due a race condition with fixed files getting unregistered. We recommend upgrading past commit da24142b1ef9fd5d36b76e36bab328a5b27523e8.
local
high complexity
linux debian CWE-416
7.0
2023-04-11 CVE-2023-1989 Use After Free vulnerability in multiple products
A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel.
local
high complexity
linux netapp debian CWE-416
7.0
2023-04-10 CVE-2023-1668 Always-Incorrect Control Flow Implementation vulnerability in multiple products
A flaw was found in openvswitch (OVS).
network
low complexity
cloudbase debian redhat CWE-670
8.2
2023-04-04 CVE-2023-1810 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in Visuals in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-787
8.8
2023-04-04 CVE-2023-1811 Use After Free vulnerability in multiple products
Use after free in Frames in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-416
8.8
2023-04-04 CVE-2023-1812 Out-of-bounds Write vulnerability in multiple products
Out of bounds memory access in DOM Bindings in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-787
8.8