fedoraproject

5,423 tracked vulnerabilities.

CVE-2026-12610 MEDIUM
Sssd: use-after-free crash in sssd' 'sssd_pam' process
Jun 30, 2026
CVSS 6.4
EPSS 0.00
CVE-2026-54231 MEDIUM
Abrt: unsanitized systemd journal content written to dump directory files enables content injection
Jun 13, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-54230 HIGH
Abrt: event handler scripts follow symlinks when writing output files, allowing arbitrary file overwrites
Jun 13, 2026
CVSS 7.0
EPSS 0.00
CVE-2026-35094 LOW
Libinput: libinput: information disclosure via dangling pointer in lua plugin handling
Apr 01, 2026
CVSS 3.3
EPSS 0.00
CVE-2026-35093 HIGH
Libinput: libinput: unauthorized code execution and information disclosure through lua bytecode plugins
Apr 01, 2026
CVSS 8.8
EPSS 0.00
CVE-2024-3056 HIGH
Podman < 5.2.0 - Denial of Service via IPC Resource Exhaustion
Aug 02, 2024
CVSS 7.7
EPSS 0.01
CVE-2024-6293 HIGH
Google Chrome <126.0.6478.126 - Use After Free
Jun 24, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-6292 HIGH
Google Chrome <126.0.6478.126 - Use After Free
Jun 24, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-6291 HIGH
Google Chrome <126.0.6478.126 - Use After Free
Jun 24, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-6290 HIGH
Google Chrome <126.0.6478.126 - Use After Free
Jun 24, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-38277 MEDIUM
Moodle - Inadequate Key Generation for QR and Auto-Login
Jun 18, 2024
CVSS 5.4
EPSS 0.00
CVE-2024-38276 HIGH
Product <Version - CSRF
Jun 18, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-38274 MEDIUM
Moodle - Stored XSS via Calendar Event Titles
Jun 18, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-38273 MEDIUM
Moodle 4.1.0-4.1.10 and 4.4.0-beta - Improper Access Control in BigBlueButton Join URL
Jun 18, 2024
CVSS 5.4
EPSS 0.00
CVE-2024-5847 HIGH
Google Chrome < 126.0.6478.54 - Use-After-Free in PDFium via Crafted PDF File
Jun 11, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-5846 HIGH
Google Chrome < 126.0.6478.54 - Use-After-Free in PDFium via Crafted PDF File
Jun 11, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-5845 HIGH
Google Chrome < 126.0.6478.54 - Use-After-Free in Audio via Crafted PDF File
Jun 11, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-5844 HIGH
Google Chrome < 126.0.6478.54 - Heap Buffer Overflow in Tab Strip
Jun 11, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-5843 MEDIUM
Google Chrome < 126.0.6478.54 - Security UI Obfuscation via Malicious File Download
Jun 11, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-5842 HIGH
Google Chrome < 126.0.6478.54 - Use-After-Free in Browser UI
Jun 11, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-5841 HIGH
Google Chrome < 126.0.6478.54 - Use-After-Free in V8
Jun 11, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-5840 MEDIUM
Google Chrome < 126.0.6478.54 - CORS Policy Bypass via Crafted HTML Page
Jun 11, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-5839 MEDIUM
Google Chrome <126.0.6478.54 - Heap Corruption
Jun 11, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-5838 HIGH
Google Chrome < 126.0.6478.54 - Type Confusion in V8 via Crafted HTML Page
Jun 11, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-5837 HIGH
Google Chrome < 126.0.6478.54 - Type Confusion in V8 via Crafted HTML Page
Jun 11, 2024
CVSS 8.8
EPSS 0.01