Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2023-11-29 CVE-2023-6347 Use After Free vulnerability in multiple products
Use after free in Mojo in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-416
8.8
2023-11-29 CVE-2023-6348 Type Confusion vulnerability in multiple products
Type Confusion in Spellcheck in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-843
8.8
2023-11-29 CVE-2023-6350 Use After Free vulnerability in multiple products
Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file.
network
low complexity
google debian fedoraproject CWE-416
8.8
2023-11-29 CVE-2023-6351 Use After Free vulnerability in multiple products
Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file.
network
low complexity
google debian fedoraproject CWE-416
8.8
2023-11-21 CVE-2023-6207 Use After Free vulnerability in multiple products
Ownership mismanagement led to a use-after-free in ReadableByteStreams This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.
network
low complexity
mozilla debian CWE-416
8.8
2023-11-21 CVE-2023-6208 When using X11, text selected by the page using the Selection API was erroneously copied into the primary selection, a temporary storage not unlike the clipboard. *This bug only affects Firefox on X11.
network
low complexity
mozilla debian
8.8
2023-11-21 CVE-2023-6212 Out-of-bounds Write vulnerability in multiple products
Memory safety bugs present in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4.
network
low complexity
mozilla debian CWE-787
8.8
2023-11-15 CVE-2023-5997 Use After Free vulnerability in multiple products
Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-416
8.8
2023-11-15 CVE-2023-6112 Use After Free vulnerability in multiple products
Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-416
8.8
2023-11-14 CVE-2023-23583 Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access.
local
low complexity
intel debian netapp
7.8