Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2023-12-21 CVE-2023-7024 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in WebRTC in Google Chrome prior to 120.0.6099.129 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-787
8.8
2023-12-19 CVE-2023-6856 Out-of-bounds Write vulnerability in multiple products
The WebGL `DrawElementsInstanced` method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver.
network
low complexity
mozilla debian CWE-787
8.8
2023-12-19 CVE-2023-6858 Out-of-bounds Write vulnerability in multiple products
Firefox was susceptible to a heap buffer overflow in `nsTextFragment` due to insufficient OOM handling.
network
low complexity
mozilla debian CWE-787
8.8
2023-12-19 CVE-2023-6859 Use After Free vulnerability in multiple products
A use-after-free condition affected TLS socket creation when under memory pressure.
network
low complexity
mozilla debian CWE-416
8.8
2023-12-19 CVE-2023-6861 Out-of-bounds Write vulnerability in multiple products
The `nsWindow::PickerOpen(void)` method was susceptible to a heap buffer overflow when running in headless mode.
network
low complexity
mozilla debian CWE-787
8.8
2023-12-19 CVE-2023-6862 Use After Free vulnerability in multiple products
A use-after-free was identified in the `nsDNSService::Init`.
network
low complexity
mozilla debian CWE-416
8.8
2023-12-19 CVE-2023-6863 The `ShutdownObserver()` was susceptible to potentially undefined behavior due to its reliance on a dynamic type that lacked a virtual destructor.
network
low complexity
mozilla debian
8.8
2023-12-19 CVE-2023-6864 Out-of-bounds Write vulnerability in multiple products
Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5.
network
low complexity
mozilla debian CWE-787
8.8
2023-12-19 CVE-2023-6873 Out-of-bounds Write vulnerability in multiple products
Memory safety bugs present in Firefox 120.
network
low complexity
mozilla debian CWE-787
8.8
2023-12-19 CVE-2023-6931 Out-of-bounds Write vulnerability in multiple products
A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escalation. A perf_event's read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group(). We recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b.
local
high complexity
linux debian CWE-787
7.0