High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-09	CVE-2023-45363	Infinite Loop vulnerability in multiple products An issue was discovered in ApiPageSet.php in MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. network low complexity mediawiki debian CWE-835	7.5
2023-10-06	CVE-2023-39928	Use After Free vulnerability in multiple products A use-after-free vulnerability exists in the MediaRecorder API of Webkit WebKitGTK 2.40.5. network low complexity webkitgtk debian fedoraproject CWE-416	8.8
2023-10-04	CVE-2023-43804	Information Exposure vulnerability in multiple products urllib3 is a user-friendly HTTP client library for Python. network low complexity python debian fedoraproject CWE-200	8.1
2023-10-03	CVE-2023-4911	Out-of-bounds Write vulnerability in multiple products A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. local low complexity gnu fedoraproject redhat debian canonical CWE-787	7.8
2023-09-30	CVE-2023-44488	Improper Handling of Exceptional Conditions vulnerability in multiple products VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding. network low complexity webmproject redhat debian fedoraproject CWE-755	7.5
2023-09-28	CVE-2023-5186	Use After Free vulnerability in multiple products Use after free in Passwords in Google Chrome prior to 117.0.5938.132 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. network low complexity google debian fedoraproject CWE-416	8.8
2023-09-28	CVE-2023-5187	Use After Free vulnerability in multiple products Use after free in Extensions in Google Chrome prior to 117.0.5938.132 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject CWE-416	8.8
2023-09-28	CVE-2023-5217	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity webmproject microsoft mozilla fedoraproject debian apple CWE-787	8.8
2023-09-27	CVE-2023-41074	The issue was addressed with improved checks. network low complexity apple debian fedoraproject	8.8
2023-09-25	CVE-2023-42753	Out-of-bounds Write vulnerability in multiple products An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. local low complexity linux redhat debian CWE-787	7.8