Filtered by vendor Debian
Subscribe
Total
8487 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-40394 | 2 Debian, Gerbv Project | 2 Debian Linux, Gerbv | 2023-09-30 | 7.5 HIGH | 9.8 CRITICAL |
| An out-of-bounds write vulnerability exists in the RS-274X aperture macro variables handling functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and the forked version of Gerbv (commit 71493260). A specially-crafted gerber file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2021-40393 | 2 Debian, Gerbv Project | 2 Debian Linux, Gerbv | 2023-09-30 | 7.5 HIGH | 9.8 CRITICAL |
| An out-of-bounds write vulnerability exists in the RS-274X aperture macro variables handling functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and the forked version of Gerbv (commit 71493260). A specially-crafted gerber file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2023-2721 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2023-09-30 | N/A | 8.8 HIGH |
| Use after free in Navigation in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) | |||||
| CVE-2023-2724 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2023-09-30 | N/A | 8.8 HIGH |
| Type confusion in V8 in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2023-2464 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2023-09-30 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to perform an origin spoof in the security UI via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2023-2461 | 3 Debian, Fedoraproject, Google | 4 Debian Linux, Fedora, Chrome and 1 more | 2023-09-30 | N/A | 8.8 HIGH |
| Use after free in OS Inputs in Google Chrome on ChromeOS prior to 113.0.5672.63 allowed a remote attacker who convinced a user to enage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: Medium) | |||||
| CVE-2023-2467 | 3 Debian, Fedoraproject, Google | 4 Debian Linux, Fedora, Android and 1 more | 2023-09-30 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in Prompts in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to bypass permissions restrictions via a crafted HTML page. (Chromium security severity: Low) | |||||
| CVE-2023-2725 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2023-09-30 | N/A | 8.8 HIGH |
| Use after free in Guest View in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2023-2136 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2023-09-30 | N/A | 9.6 CRITICAL |
| Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2023-2133 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2023-09-30 | N/A | 8.8 HIGH |
| Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2023-2468 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2023-09-30 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed a remote attacker who had compromised the renderer process to obfuscate the security UI via a crafted HTML page. (Chromium security severity: Low) | |||||
| CVE-2023-2033 | 2 Debian, Google | 2 Debian Linux, Chrome | 2023-09-30 | N/A | 8.8 HIGH |
| Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2023-2137 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2023-09-30 | N/A | 8.8 HIGH |
| Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2023-2462 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2023-09-30 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to obfuscate main origin data via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2023-2726 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2023-09-30 | N/A | 8.8 HIGH |
| Inappropriate implementation in WebApp Installs in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious web app to bypass install dialog via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2023-2465 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2023-09-30 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in CORS in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2023-2466 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2023-09-30 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to spoof the contents of the security UI via a crafted HTML page. (Chromium security severity: Low) | |||||
| CVE-2023-2463 | 3 Debian, Fedoraproject, Google | 4 Debian Linux, Fedora, Android and 1 more | 2023-09-30 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2023-2460 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2023-09-30 | N/A | 7.1 HIGH |
| Insufficient validation of untrusted input in Extensions in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to bypass file access checks via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2023-2134 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2023-09-30 | N/A | 8.8 HIGH |
| Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||