Vulnerabilities (CVE)

Filtered by vendor Debian Subscribe
Total 10211 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-1872 2 Debian, Linux 2 Debian Linux, Linux Kernel 2026-06-17 N/A 7.8 HIGH
A use-after-free vulnerability in the Linux Kernel io_uring system can be exploited to achieve local privilege escalation. The io_file_get_fixed function lacks the presence of ctx->uring_lock which can lead to a Use-After-Free vulnerability due a race condition with fixed files getting unregistered. We recommend upgrading past commit da24142b1ef9fd5d36b76e36bab328a5b27523e8.
CVE-2023-1855 2 Debian, Linux 2 Debian Linux, Linux Kernel 2026-06-17 N/A 6.3 MEDIUM
A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due to a race problem. This vulnerability could even lead to a kernel information leak problem.
CVE-2023-1823 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2026-06-17 N/A 6.5 MEDIUM
Inappropriate implementation in FedCM in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)
CVE-2023-1822 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2026-06-17 N/A 6.5 MEDIUM
Incorrect security UI in Navigation in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2023-1821 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2026-06-17 N/A 6.5 MEDIUM
Inappropriate implementation in WebShare in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially hide the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low)
CVE-2023-1820 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2026-06-17 N/A 8.8 HIGH
Heap buffer overflow in Browser History in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-1819 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2026-06-17 N/A 6.5 MEDIUM
Out of bounds read in Accessibility in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-1818 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2026-06-17 N/A 8.8 HIGH
Use after free in Vulkan in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-1817 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2026-06-17 N/A 6.5 MEDIUM
Insufficient policy enforcement in Intents in Google Chrome on Android prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-1816 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2026-06-17 N/A 6.5 MEDIUM
Incorrect security UI in Picture In Picture in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially perform navigation spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-1815 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2026-06-17 N/A 8.8 HIGH
Use after free in Networking APIs in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-1814 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2026-06-17 N/A 6.5 MEDIUM
Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass download checking via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-1813 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2026-06-17 N/A 6.5 MEDIUM
Inappropriate implementation in Extensions in Google Chrome prior to 112.0.5615.49 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-1812 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2026-06-17 N/A 8.8 HIGH
Out of bounds memory access in DOM Bindings in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-1811 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2026-06-17 N/A 8.8 HIGH
Use after free in Frames in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-1810 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2026-06-17 N/A 8.8 HIGH
Heap buffer overflow in Visuals in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-1668 3 Cloudbase, Debian, Redhat 7 Open Vswitch, Debian Linux, Enterprise Linux and 4 more 2026-06-17 N/A 8.2 HIGH
A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildcarded) for this flow, but with an incorrect action, possibly causing incorrect handling of other IP packets with a != 0 IP protocol that matches this dp flow.
CVE-2023-1667 4 Debian, Fedoraproject, Libssh and 1 more 4 Debian Linux, Fedora, Libssh and 1 more 2026-06-17 N/A 6.5 MEDIUM
A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service.
CVE-2023-1380 5 Canonical, Debian, Linux and 2 more 14 Ubuntu Linux, Debian Linux, Linux Kernel and 11 more 2026-06-17 N/A 7.1 HIGH
A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service.
CVE-2023-1161 2 Debian, Wireshark 2 Debian Linux, Wireshark 2026-06-17 N/A 6.3 MEDIUM
ISO 15765 and ISO 10681 dissector crash in Wireshark 4.0.0 to 4.0.3 and 3.6.0 to 3.6.11 allows denial of service via packet injection or crafted capture file