Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-11-01 CVE-2023-5850 Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted domain name.
network
low complexity
google debian fedoraproject
4.3
2023-11-01 CVE-2023-5851 Origin Validation Error vulnerability in multiple products
Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-346
4.3
2023-11-01 CVE-2023-5853 Origin Validation Error vulnerability in multiple products
Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-346
4.3
2023-11-01 CVE-2023-5858 Origin Validation Error vulnerability in multiple products
Inappropriate implementation in WebApp Provider in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-346
4.3
2023-11-01 CVE-2023-5859 Origin Validation Error vulnerability in multiple products
Incorrect security UI in Picture In Picture in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted local HTML page.
network
low complexity
google debian fedoraproject CWE-346
4.3
2023-10-25 CVE-2023-5380 Use After Free vulnerability in multiple products
A use-after-free flaw was found in the xorg-x11-server.
local
high complexity
x-org redhat fedoraproject debian CWE-416
4.7
2023-10-25 CVE-2023-41983 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The issue was addressed with improved memory handling.
network
low complexity
apple fedoraproject debian CWE-119
6.5
2023-10-25 CVE-2023-46316 In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines.
local
low complexity
buc debian
5.5
2023-10-25 CVE-2023-5721 Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products
It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient activation-delay.
network
low complexity
mozilla debian CWE-1021
4.3
2023-10-25 CVE-2023-5725 A malicious installed WebExtension could open arbitrary URLs, which under the right circumstance could be leveraged to collect sensitive user data.
network
low complexity
mozilla debian
4.3