Debian

Debian Linux

9142 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2023-35788

Exploit
  • EPSS 0.01%
  • Veröffentlicht 16.06.2023 21:15:09
  • Zuletzt bearbeitet 05.05.2025 16:15:41

An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service o...

7.1

CVE-2023-3268

  • EPSS 0.01%
  • Veröffentlicht 16.06.2023 19:15:14
  • Zuletzt bearbeitet 11.03.2025 15:15:39

An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information.

7.5

CVE-2023-30631

  • EPSS 0.54%
  • Veröffentlicht 14.06.2023 08:15:09
  • Zuletzt bearbeitet 13.02.2025 17:16:25

Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server.  The configuration option proxy.config.http.push_method_enabled didn't function.  However, by default the PUSH method is blocked in the ip_allow configuratio...

7.5

CVE-2022-47184

  • EPSS 0.21%
  • Veröffentlicht 14.06.2023 08:15:08
  • Zuletzt bearbeitet 13.02.2025 17:15:48

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: 8.0.0 to 9.2.0.

8.8

CVE-2023-3214

  • EPSS 1.52%
  • Veröffentlicht 13.06.2023 18:15:22
  • Zuletzt bearbeitet 05.05.2025 16:15:44

Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

8.8

CVE-2023-3215

  • EPSS 19.98%
  • Veröffentlicht 13.06.2023 18:15:22
  • Zuletzt bearbeitet 05.05.2025 16:15:44

Use after free in WebRTC in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2023-3216

  • EPSS 0.76%
  • Veröffentlicht 13.06.2023 18:15:22
  • Zuletzt bearbeitet 05.05.2025 16:15:44

Type confusion in V8 in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2023-3217

  • EPSS 16.59%
  • Veröffentlicht 13.06.2023 18:15:22
  • Zuletzt bearbeitet 05.05.2025 16:15:44

Use after free in WebXR in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

3.9

CVE-2023-20867

Warnung
  • EPSS 0.98%
  • Veröffentlicht 13.06.2023 17:15:14
  • Zuletzt bearbeitet 10.03.2025 20:43:28

A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine.

7.1

CVE-2023-3141

  • EPSS 0.01%
  • Veröffentlicht 09.06.2023 20:15:10
  • Zuletzt bearbeitet 11.03.2025 15:15:38

A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.