fedoraproject

5,420 tracked vulnerabilities.

CVE-2026-35094 LOW
Libinput: libinput: information disclosure via dangling pointer in lua plugin handling
Apr 01, 2026
CVSS 3.3
EPSS 0.00
CVE-2026-35093 HIGH
Libinput: libinput: unauthorized code execution and information disclosure through lua bytecode plugins
Apr 01, 2026
CVSS 8.8
EPSS 0.00
CVE-2024-3056 HIGH
Podman < 5.2.0 - Denial of Service via IPC Resource Exhaustion
Aug 02, 2024
CVSS 7.7
EPSS 0.00
CVE-2024-6293 HIGH
Google Chrome <126.0.6478.126 - Use After Free
Jun 24, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-6292 HIGH
Google Chrome <126.0.6478.126 - Use After Free
Jun 24, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-6291 HIGH
Google Chrome <126.0.6478.126 - Use After Free
Jun 24, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-6290 HIGH
Google Chrome <126.0.6478.126 - Use After Free
Jun 24, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-38277 MEDIUM
Moodle - Inadequate Key Generation for QR and Auto-Login
Jun 18, 2024
CVSS 5.4
EPSS 0.00
CVE-2024-38276 HIGH
Product <Version - CSRF
Jun 18, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-38274 MEDIUM
Moodle - Stored XSS via Calendar Event Titles
Jun 18, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-38273 MEDIUM
Moodle 4.1.0-4.1.10 and 4.4.0-beta - Improper Access Control in BigBlueButton Join URL
Jun 18, 2024
CVSS 5.4
EPSS 0.00
CVE-2024-5847 HIGH
Google Chrome < 126.0.6478.54 - Use-After-Free in PDFium via Crafted PDF File
Jun 11, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-5846 HIGH
Google Chrome < 126.0.6478.54 - Use-After-Free in PDFium via Crafted PDF File
Jun 11, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-5845 HIGH
Google Chrome < 126.0.6478.54 - Use-After-Free in Audio via Crafted PDF File
Jun 11, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-5844 HIGH
Google Chrome < 126.0.6478.54 - Heap Buffer Overflow in Tab Strip
Jun 11, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-5843 MEDIUM
Google Chrome < 126.0.6478.54 - Security UI Obfuscation via Malicious File Download
Jun 11, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-5842 HIGH
Google Chrome < 126.0.6478.54 - Use-After-Free in Browser UI
Jun 11, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-5841 HIGH
Google Chrome < 126.0.6478.54 - Use-After-Free in V8
Jun 11, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-5840 MEDIUM
Google Chrome < 126.0.6478.54 - CORS Policy Bypass via Crafted HTML Page
Jun 11, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-5839 MEDIUM
Google Chrome <126.0.6478.54 - Heap Corruption
Jun 11, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-5838 HIGH
Google Chrome < 126.0.6478.54 - Type Confusion in V8 via Crafted HTML Page
Jun 11, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-5837 HIGH
Google Chrome < 126.0.6478.54 - Type Confusion in V8 via Crafted HTML Page
Jun 11, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-5836 HIGH
Google Chrome < 126.0.6478.54 - Arbitrary Code Execution via Malicious Extension in DevTools
Jun 11, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-5835 HIGH
Google Chrome < 126.0.6478.54 - Heap-based Buffer Overflow in Tab Groups
Jun 11, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-5834 HIGH
Google Chrome < 126.0.6478.54 - Remote Code Execution via Dawn Implementation
Jun 11, 2024
CVSS 8.8
EPSS 0.02
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV