Debian

Debian Linux

9141 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2023-4569

  • EPSS 0.01%
  • Published 28.08.2023 22:15:10
  • Last modified 21.11.2024 08:35:26

A memory leak flaw was found in nft_set_catchall_flush in net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow a local attacker to cause double-deactivations of catchall elements, which can result in a memory leak.

8.8

CVE-2020-24165

  • EPSS 0.45%
  • Published 28.08.2023 21:15:07
  • Last modified 21.11.2024 05:14:27

An issue was discovered in TCG Accelerator in QEMU 4.2.0, allows local attackers to execute arbitrary code, escalate privileges, and cause a denial of service (DoS). Note: This is disputed as a bug and not a valid security issue by multiple third par...

6.1

CVE-2023-41080

  • EPSS 11.34%
  • Published 25.08.2023 21:15:09
  • Last modified 07.08.2025 11:15:27

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from ...

5.4

CVE-2023-40577

  • EPSS 1.99%
  • Published 25.08.2023 01:15:09
  • Last modified 21.11.2024 08:19:45

Alertmanager handles alerts sent by client applications such as the Prometheus server. An attacker with the permission to perform POST requests on the /api/v1/alerts endpoint could be able to execute arbitrary JavaScript code on the users of Promethe...

8.1

CVE-2023-4428

  • EPSS 8.92%
  • Published 23.08.2023 00:15:09
  • Last modified 01.07.2025 14:15:30

Out of bounds memory access in CSS in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2023-4429

  • EPSS 0.47%
  • Published 23.08.2023 00:15:09
  • Last modified 21.11.2024 08:35:07

Use after free in Loader in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2023-4430

  • EPSS 13.15%
  • Published 23.08.2023 00:15:09
  • Last modified 21.11.2024 08:35:08

Use after free in Vulkan in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.1

CVE-2023-4431

  • EPSS 0.15%
  • Published 23.08.2023 00:15:09
  • Last modified 21.11.2024 08:35:08

Out of bounds memory access in Fonts in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)

9.8

CVE-2022-48565

Exploit
  • EPSS 4.12%
  • Published 22.08.2023 19:16:32
  • Last modified 21.11.2024 07:33:30

An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities.

5.9

CVE-2022-48566

Exploit
  • EPSS 0.06%
  • Published 22.08.2023 19:16:32
  • Last modified 21.11.2024 07:33:31

An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1. Constant-time-defeating optimisations were possible in the accumulator variable in hmac.compare_digest.