Debian

Debian Linux

9947 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2023-5859

  • EPSS 0.67%
  • Veröffentlicht 01.11.2023 18:15:10
  • Zuletzt bearbeitet 21.11.2024 08:42:38

Incorrect security UI in Picture In Picture in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted local HTML page. (Chromium security severity: Low)

6.1

CVE-2023-5480

  • EPSS 0.23%
  • Veröffentlicht 01.11.2023 18:15:09
  • Zuletzt bearbeitet 21.11.2024 08:41:51

Inappropriate implementation in Payments in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to bypass XSS preventions via a malicious file. (Chromium security severity: High)

8.8

CVE-2023-5482

  • EPSS 13.86%
  • Veröffentlicht 01.11.2023 18:15:09
  • Zuletzt bearbeitet 30.04.2025 15:15:59

Insufficient data validation in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

9.8

CVE-2023-46604

Warnung Exploit
  • EPSS 94.44%
  • Veröffentlicht 27.10.2023 15:15:14
  • Zuletzt bearbeitet 04.11.2025 16:41:16

The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating seria...

7

CVE-2023-34059

  • EPSS 0.09%
  • Veröffentlicht 27.10.2023 05:15:39
  • Zuletzt bearbeitet 06.03.2025 16:15:42

open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs.

7.5

CVE-2023-34058

  • EPSS 0.03%
  • Veröffentlicht 27.10.2023 05:15:38
  • Zuletzt bearbeitet 06.03.2025 16:15:41

VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html  in a...

7.5

CVE-2023-46234

  • EPSS 0.47%
  • Veröffentlicht 26.10.2023 15:15:09
  • Zuletzt bearbeitet 10.04.2025 20:47:25

browserify-sign is a package to duplicate the functionality of node's crypto public key functions, much of this is based on Fedor Indutny's work on indutny/tls.js. An upper bound check issue in `dsaVerify` function allows an attacker to construct sig...

7.8

CVE-2023-5367

  • EPSS 0.06%
  • Veröffentlicht 25.10.2023 20:15:18
  • Zuletzt bearbeitet 04.11.2025 20:17:13

A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProp...

4.7

CVE-2023-5380

  • EPSS 0.08%
  • Veröffentlicht 25.10.2023 20:15:18
  • Zuletzt bearbeitet 04.11.2025 20:17:13

A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode) if the pointer is warped from within a wi...

6.5

CVE-2023-41983

  • EPSS 1.11%
  • Veröffentlicht 25.10.2023 19:15:10
  • Zuletzt bearbeitet 21.11.2024 08:22:02

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, Safari 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. Processing web content may lead to a denial-of-service.