|
101
|
7.5
-
|
HIGH
Network
|
A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive informat…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2023-6478
|
cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:* cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2024-11-21 17:43
2023-12-13
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
102
|
7.8
-
|
HIGH
Local
|
A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege …
|
CWE-125
Out-of-bounds Read
|
CVE-2023-6377
|
cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:* cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2024-11-21 17:43
2023-12-13
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
103
|
5.5
-
|
MEDIUM
Local
|
The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2, tvOS 17.2, iOS 16.7.3 and iPadOS 16.7.3. Processi…
|
NVD-CWE-noinfo
|
CVE-2023-42883
|
cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:*
|
|
|
|
|
2024-11-21 17:23
2023-12-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
104
|
8.8
-
|
HIGH
Network
|
Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning.
In affected versions LibreOffice supports hyperlinks wi…
|
CWE-281
Improper Preservation of Permissions
|
CVE-2023-6186
|
cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:*
|
|
|
|
|
2024-11-21 17:43
2023-12-11
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
105
|
8.8
-
|
HIGH
Network
|
Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an attacker to execute arbitrary GStreamer plugins.
In affected versions the filename o…
|
NVD-CWE-noinfo
|
CVE-2023-6185
|
cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:*
|
|
|
|
|
2024-11-21 17:43
2023-12-11
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
106
|
6.3
-
|
MEDIUM
Adjacent
|
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting inject…
|
CWE-287
Improper Authentication
|
CVE-2023-45866
|
cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2024-11-21 17:27
2023-12-8
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
107
|
6.5
-
|
MEDIUM
Network
|
Inappropriate implementation in Web Browser UI in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to potentially spoof the contents of an iframe dialog context menu via a crafted HTML …
|
NVD-CWE-noinfo
|
CVE-2023-6512
|
cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:*
|
|
|
|
|
2024-11-21 17:44
2023-12-6
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
108
|
4.3
-
|
MEDIUM
Network
|
Inappropriate implementation in Autofill in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low)
|
NVD-CWE-noinfo
|
CVE-2023-6511
|
cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:*
|
|
|
|
|
2024-11-21 17:44
2023-12-6
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
109
|
8.8
-
|
HIGH
Network
|
Use after free in Media Capture in Google Chrome prior to 120.0.6099.62 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via …
|
CWE-416
Use After Free
|
CVE-2023-6510
|
cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:*
|
|
|
|
|
2024-11-21 17:44
2023-12-6
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
110
|
8.8
-
|
HIGH
Network
|
Use after free in Side Panel Search in Google Chrome prior to 120.0.6099.62 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption …
|
CWE-416
Use After Free
|
CVE-2023-6509
|
cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:*
|
|
|
|
|
2024-11-21 17:43
2023-12-6
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|