Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2023-10-11 CVE-2023-5218 Use After Free vulnerability in multiple products
Use after free in Site Isolation in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-416
8.8
2023-10-11 CVE-2023-5474 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in PDF in Google Chrome prior to 118.0.5993.70 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted PDF file.
network
low complexity
google debian CWE-787
8.8
2023-10-11 CVE-2023-5476 Use After Free vulnerability in multiple products
Use after free in Blink History in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian CWE-416
8.8
2023-10-10 CVE-2023-36478 Resource Exhaustion vulnerability in multiple products
Eclipse Jetty provides a web server and servlet container.
network
low complexity
eclipse jenkins debian CWE-400
7.5
2023-10-10 CVE-2023-44487 The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. 7.5
2023-10-09 CVE-2023-43641 Out-of-bounds Write vulnerability in multiple products
libcue provides an API for parsing and extracting data from CUE sheets.
network
low complexity
lipnitsk fedoraproject debian CWE-787
8.8
2023-10-09 CVE-2023-45363 Infinite Loop vulnerability in multiple products
An issue was discovered in ApiPageSet.php in MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1.
network
low complexity
mediawiki debian CWE-835
7.5
2023-10-06 CVE-2023-39928 Use After Free vulnerability in multiple products
A use-after-free vulnerability exists in the MediaRecorder API of Webkit WebKitGTK 2.40.5.
network
low complexity
webkitgtk debian fedoraproject CWE-416
8.8
2023-10-04 CVE-2023-43804 Information Exposure vulnerability in multiple products
urllib3 is a user-friendly HTTP client library for Python.
network
low complexity
python debian fedoraproject CWE-200
8.1
2023-10-03 CVE-2023-4911 Out-of-bounds Write vulnerability in multiple products
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable.
7.8