Vulnerabilities > Debian > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-12 | CVE-2023-3618 | Classic Buffer Overflow vulnerability in multiple products A flaw was found in libtiff. | 6.5 |
| 2023-07-06 | CVE-2023-36823 | Cross-site Scripting vulnerability in multiple products Sanitize is an allowlist-based HTML and CSS sanitizer. | 6.1 |
| 2023-07-05 | CVE-2023-35936 | Improper Input Validation vulnerability in multiple products Pandoc is a Haskell library for converting from one markup format to another, and a command-line tool that uses this library. | 5.0 |
| 2023-07-05 | CVE-2023-37207 | Unsafe Reflection vulnerability in multiple products A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. | 6.5 |
| 2023-06-30 | CVE-2023-3338 | NULL Pointer Dereference vulnerability in multiple products A null pointer dereference flaw was found in the Linux kernel's DECnet networking protocol. | 6.5 |
| 2023-06-23 | CVE-2023-3212 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. | 4.4 |
| 2023-06-08 | CVE-2023-34969 | D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. | 6.5 |
| 2023-06-07 | CVE-2023-0666 | Out-of-bounds Write vulnerability in multiple products Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark. | 6.5 |
| 2023-06-07 | CVE-2023-0668 | Out-of-bounds Write vulnerability in multiple products Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark. | 6.5 |
| 2023-06-06 | CVE-2023-33460 | Memory Leak vulnerability in multiple products There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse function. | 6.5 |