Debian

Debian Linux

9979 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2023-6206

  • EPSS 0.43%
  • Veröffentlicht 21.11.2023 15:15:07
  • Zuletzt bearbeitet 21.11.2024 08:43:22

The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about t...

8.8

CVE-2023-6207

  • EPSS 0.41%
  • Veröffentlicht 21.11.2023 15:15:07
  • Zuletzt bearbeitet 21.11.2024 08:43:22

Ownership mismanagement led to a use-after-free in ReadableByteStreams This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.

8.8

CVE-2023-6208

  • EPSS 0.37%
  • Veröffentlicht 21.11.2023 15:15:07
  • Zuletzt bearbeitet 21.11.2024 08:43:22

When using X11, text selected by the page using the Selection API was erroneously copied into the primary selection, a temporary storage not unlike the clipboard. *This bug only affects Firefox on X11. Other systems are unaffected.* This vulnerabilit...

6.5

CVE-2023-6209

  • EPSS 0.38%
  • Veröffentlicht 21.11.2023 15:15:07
  • Zuletzt bearbeitet 21.11.2024 08:43:22

Relative URLs starting with three slashes were incorrectly parsed, and a path-traversal "/../" part in the path could be used to override the specified host. This could contribute to security problems in web sites. This vulnerability affects Firefox ...

6.5

CVE-2023-6174

  • EPSS 0.13%
  • Veröffentlicht 16.11.2023 12:15:07
  • Zuletzt bearbeitet 21.11.2024 08:43:17

SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file

8.8

CVE-2023-5997

  • EPSS 0.75%
  • Veröffentlicht 15.11.2023 18:15:06
  • Zuletzt bearbeitet 21.11.2024 08:42:56

Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2023-6112

  • EPSS 28.2%
  • Veröffentlicht 15.11.2023 18:15:06
  • Zuletzt bearbeitet 21.11.2024 08:43:09

Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

7.8

CVE-2023-23583

  • EPSS 0.26%
  • Veröffentlicht 14.11.2023 19:15:18
  • Zuletzt bearbeitet 07.01.2025 22:15:28

Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access.

7.5

CVE-2023-46849

  • EPSS 0.48%
  • Veröffentlicht 11.11.2023 01:15:07
  • Zuletzt bearbeitet 11.06.2025 15:15:26

Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service.

9.8

CVE-2023-46850

  • EPSS 3.73%
  • Veröffentlicht 11.11.2023 01:15:07
  • Zuletzt bearbeitet 21.11.2024 08:29:25

Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending network buffers to a remote peer.