Filtered by vendor Debian
Subscribe
Total
10211 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-1872 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2026-06-17 | N/A | 7.8 HIGH |
| A use-after-free vulnerability in the Linux Kernel io_uring system can be exploited to achieve local privilege escalation. The io_file_get_fixed function lacks the presence of ctx->uring_lock which can lead to a Use-After-Free vulnerability due a race condition with fixed files getting unregistered. We recommend upgrading past commit da24142b1ef9fd5d36b76e36bab328a5b27523e8. | |||||
| CVE-2023-1855 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2026-06-17 | N/A | 6.3 MEDIUM |
| A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due to a race problem. This vulnerability could even lead to a kernel information leak problem. | |||||
| CVE-2023-1823 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2026-06-17 | N/A | 6.5 MEDIUM |
| Inappropriate implementation in FedCM in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low) | |||||
| CVE-2023-1822 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2026-06-17 | N/A | 6.5 MEDIUM |
| Incorrect security UI in Navigation in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low) | |||||
| CVE-2023-1821 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2026-06-17 | N/A | 6.5 MEDIUM |
| Inappropriate implementation in WebShare in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially hide the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low) | |||||
| CVE-2023-1820 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2026-06-17 | N/A | 8.8 HIGH |
| Heap buffer overflow in Browser History in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2023-1819 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2026-06-17 | N/A | 6.5 MEDIUM |
| Out of bounds read in Accessibility in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2023-1818 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2026-06-17 | N/A | 8.8 HIGH |
| Use after free in Vulkan in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2023-1817 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2026-06-17 | N/A | 6.5 MEDIUM |
| Insufficient policy enforcement in Intents in Google Chrome on Android prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2023-1816 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2026-06-17 | N/A | 6.5 MEDIUM |
| Incorrect security UI in Picture In Picture in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially perform navigation spoofing via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2023-1815 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2026-06-17 | N/A | 8.8 HIGH |
| Use after free in Networking APIs in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2023-1814 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2026-06-17 | N/A | 6.5 MEDIUM |
| Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass download checking via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2023-1813 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2026-06-17 | N/A | 6.5 MEDIUM |
| Inappropriate implementation in Extensions in Google Chrome prior to 112.0.5615.49 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2023-1812 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2026-06-17 | N/A | 8.8 HIGH |
| Out of bounds memory access in DOM Bindings in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2023-1811 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2026-06-17 | N/A | 8.8 HIGH |
| Use after free in Frames in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2023-1810 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2026-06-17 | N/A | 8.8 HIGH |
| Heap buffer overflow in Visuals in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2023-1668 | 3 Cloudbase, Debian, Redhat | 7 Open Vswitch, Debian Linux, Enterprise Linux and 4 more | 2026-06-17 | N/A | 8.2 HIGH |
| A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildcarded) for this flow, but with an incorrect action, possibly causing incorrect handling of other IP packets with a != 0 IP protocol that matches this dp flow. | |||||
| CVE-2023-1667 | 4 Debian, Fedoraproject, Libssh and 1 more | 4 Debian Linux, Fedora, Libssh and 1 more | 2026-06-17 | N/A | 6.5 MEDIUM |
| A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service. | |||||
| CVE-2023-1380 | 5 Canonical, Debian, Linux and 2 more | 14 Ubuntu Linux, Debian Linux, Linux Kernel and 11 more | 2026-06-17 | N/A | 7.1 HIGH |
| A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service. | |||||
| CVE-2023-1161 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2026-06-17 | N/A | 6.3 MEDIUM |
| ISO 15765 and ISO 10681 dissector crash in Wireshark 4.0.0 to 4.0.3 and 3.6.0 to 3.6.11 allows denial of service via packet injection or crafted capture file | |||||
