Shodan
Vulnerabilities
Vulnerable Software
Debian:  >> Debian Linux  Security Vulnerabilities
CVE-2023-4903
Inappropriate implementation in Custom Mobile Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)
CVSS Score
4.3
EPSS Score
0.002
Published
2023-09-12
CVE-2023-4904
Insufficient policy enforcement in Downloads in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to bypass Enterprise policy restrictions via a crafted download. (Chromium security severity: Medium)
CVSS Score
4.3
EPSS Score
0.0
Published
2023-09-12
CVE-2023-4905
Inappropriate implementation in Prompts in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)
CVSS Score
4.3
EPSS Score
0.002
Published
2023-09-12
CVE-2023-4906
Insufficient policy enforcement in Autofill in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low)
CVSS Score
4.3
EPSS Score
0.0
Published
2023-09-12
CVE-2023-4907
Inappropriate implementation in Intents in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low)
CVSS Score
4.3
EPSS Score
0.002
Published
2023-09-12
CVE-2023-4921
A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. When the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrect .peek handler of sch_plug and lack of error checking in agg_dequeue(). We recommend upgrading past commit 8fc134fee27f2263988ae38920bc03da416b03d8.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-09-12
CVE-2023-4863
Known exploited
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
CVSS Score
8.8
EPSS Score
0.94
Published
2023-09-12
CVE-2023-41915
OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0.
CVSS Score
8.1
EPSS Score
0.01
Published
2023-09-09
CVE-2023-4875
Null pointer dereference when composing from a specially crafted draft message in Mutt >1.5.2 <2.2.12
CVSS Score
2.2
EPSS Score
0.0
Published
2023-09-09
CVE-2023-4874
Null pointer dereference when viewing a specially crafted email in Mutt >1.5.2 <2.2.12
CVSS Score
4.3
EPSS Score
0.001
Published
2023-09-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved