|
191
|
5.3
-
|
MEDIUM
Network
|
An issue was discovered in includes/page/Article.php in MediaWiki 1.36.x through 1.39.x before 1.39.5 and 1.40.x before 1.40.1. Deleted revision existence is leaked due to incorrect permissions being…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2023-45364
|
cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:*
|
|
|
|
|
2024-11-21 17:26
2023-10-9
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
192
|
8.8
-
|
HIGH
Network
|
A use-after-free vulnerability exists in the MediaRecorder API of Webkit WebKitGTK 2.40.5. A specially crafted web page can abuse this vulnerability to cause memory corruption and potentially arbitra…
|
CWE-416
Use After Free
|
CVE-2023-39928
|
cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:*
|
|
|
|
|
2024-11-21 17:16
2023-10-7
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
193
|
5.5
-
|
MEDIUM
Local
|
A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `r…
|
CWE-125
Out-of-bounds Read
|
CVE-2023-42755
|
cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2024-11-21 17:23
2023-10-6
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194
|
8.1
-
|
HIGH
Network
|
urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the `Cookie` HTTP header special or provide any helpers for managing cookies over HTTP, that is the responsibility of …
|
-
|
CVE-2023-43804
|
cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2024-11-21 17:24
2023-10-5
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195
|
7.8
-
|
HIGH
Local
|
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously craft…
|
CWE-787
Out-of-bounds Write
|
CVE-2023-4911
|
cpe:2.3:o:debian:debian_linux:13.0:* cpe:2.3:o:debian:debian_linux:12.0:*
|
|
|
|
|
2024-11-21 17:36
2023-10-4
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196
|
7.5
-
|
HIGH
Network
|
VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding.
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2023-44488
|
cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:* cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2024-11-21 17:25
2023-10-1
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197
|
8.8
-
|
HIGH
Network
|
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Ch…
|
CWE-787
Out-of-bounds Write
|
CVE-2023-5217
|
cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:* cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2024-11-21 17:41
2023-09-29
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198
|
8.8
-
|
HIGH
Network
|
Use after free in Extensions in Google Chrome prior to 117.0.5938.132 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HT…
|
CWE-416
Use After Free
|
CVE-2023-5187
|
cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:*
|
|
|
|
|
2024-11-21 17:41
2023-09-29
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199
|
8.8
-
|
HIGH
Network
|
Use after free in Passwords in Google Chrome prior to 117.0.5938.132 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via cra…
|
CWE-416
Use After Free
|
CVE-2023-5186
|
cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:*
|
|
|
|
|
2024-11-21 17:41
2023-09-29
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200
|
4.7
-
|
MEDIUM
Local
|
A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic due to the invocation of `__ip_set_put` on a wron…
|
CWE-362
Race Condition
|
CVE-2023-42756
|
cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2024-11-21 17:23
2023-09-28
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|