Debian

Debian Linux

9979 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2023-5857

  • EPSS 1.25%
  • Veröffentlicht 01.11.2023 18:15:10
  • Zuletzt bearbeitet 21.11.2024 08:42:38

Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially execute arbitrary code via a malicious file. (Chromium security severity: Medium)

4.3

CVE-2023-5858

  • EPSS 0.71%
  • Veröffentlicht 01.11.2023 18:15:10
  • Zuletzt bearbeitet 12.06.2025 15:15:35

Inappropriate implementation in WebApp Provider in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low)

4.3

CVE-2023-5859

  • EPSS 0.67%
  • Veröffentlicht 01.11.2023 18:15:10
  • Zuletzt bearbeitet 21.11.2024 08:42:38

Incorrect security UI in Picture In Picture in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted local HTML page. (Chromium security severity: Low)

6.1

CVE-2023-5480

  • EPSS 0.23%
  • Veröffentlicht 01.11.2023 18:15:09
  • Zuletzt bearbeitet 21.11.2024 08:41:51

Inappropriate implementation in Payments in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to bypass XSS preventions via a malicious file. (Chromium security severity: High)

8.8

CVE-2023-5482

  • EPSS 14.8%
  • Veröffentlicht 01.11.2023 18:15:09
  • Zuletzt bearbeitet 30.04.2025 15:15:59

Insufficient data validation in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

9.8

CVE-2023-46604

Warnung Medienbericht Exploit
  • EPSS 94.44%
  • Veröffentlicht 27.10.2023 15:15:14
  • Zuletzt bearbeitet 04.11.2025 16:41:16

The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating seria...

7

CVE-2023-34059

  • EPSS 0.08%
  • Veröffentlicht 27.10.2023 05:15:39
  • Zuletzt bearbeitet 06.03.2025 16:15:42

open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs.

7.5

CVE-2023-34058

  • EPSS 0.04%
  • Veröffentlicht 27.10.2023 05:15:38
  • Zuletzt bearbeitet 06.03.2025 16:15:41

VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html  in a...

7.5

CVE-2023-46234

  • EPSS 0.47%
  • Veröffentlicht 26.10.2023 15:15:09
  • Zuletzt bearbeitet 10.04.2025 20:47:25

browserify-sign is a package to duplicate the functionality of node's crypto public key functions, much of this is based on Fedor Indutny's work on indutny/tls.js. An upper bound check issue in `dsaVerify` function allows an attacker to construct sig...

7.8

CVE-2023-5367

  • EPSS 0.06%
  • Veröffentlicht 25.10.2023 20:15:18
  • Zuletzt bearbeitet 04.11.2025 20:17:13

A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProp...