Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2023-6377
A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is inv...
Redhat Enterprise Linux Eus 9.2
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
X.org X Server
X.org Xwayland
Tigervnc Tigervnc -
7.5
CVSSv3
CVE-2023-6478
A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information.
X.org X Server
X.org Xwayland
Redhat Enterprise Linux Eus 9.2
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Tigervnc Tigervnc -
5.5
CVSSv3
CVE-2023-42883
The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2, tvOS 17.2, iOS 16.7.3 and iPadOS 16.7.3. Processing an image may lead to a denial-of-service.
Apple Macos
Apple Safari
Apple Watchos
Apple Tvos
Apple Ipados
Apple Iphone Os
Debian Debian Linux 11.0
Debian Debian Linux 12.0
8.8
CVSSv3
CVE-2023-6185
Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an malicious user to execute arbitrary GStreamer plugins. In affected versions the filename of the embedded video is not sufficiently escaped when passed to GStreamer en...
Libreoffice Libreoffice
Fedoraproject Fedora 38
Debian Debian Linux 11.0
Debian Debian Linux 12.0
8.8
CVSSv3
CVE-2023-6186
Insufficient macro permission validation of The Document Foundation LibreOffice allows an malicious user to execute built-in macros without warning. In affected versions LibreOffice supports hyperlinks with macro or similar built-in command targets that can be executed when activ...
Libreoffice Libreoffice
Fedoraproject Fedora 38
Debian Debian Linux 11.0
Debian Debian Linux 12.0
6.3
CVSSv3
CVE-2023-45866
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to ...
Google Android 4.2.2
Google Android 6.0.1
Google Android 10.0
Google Android 11.0
Google Android 13.0
Google Android 14.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 22.04
Canonical Ubuntu Linux 23.10
Apple Iphone Os 16.6
Apple Macos 12.6.7
Apple Macos 13.3.3
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Apple Macos
Apple Iphone Os
Apple Ipad Os
Debian Debian Linux 10.0
4 Github repositories
1 Article
8.8
CVSSv3
CVE-2023-6508
Use after free in Media Stream in Google Chrome before 120.0.6099.62 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Google Chrome
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 38
Fedoraproject Fedora 39
8.8
CVSSv3
CVE-2023-6509
Use after free in Side Panel Search in Google Chrome before 120.0.6099.62 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: High)
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Google Chrome
8.8
CVSSv3
CVE-2023-6510
Use after free in Media Capture in Google Chrome before 120.0.6099.62 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium)
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Google Chrome
4.3
CVSSv3
CVE-2023-6511
Inappropriate implementation in Autofill in Google Chrome before 120.0.6099.62 allowed a remote malicious user to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low)
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Google Chrome
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »