fedoraproject

5,423 tracked vulnerabilities.

CVE-2021-28651 HIGH
Squid < 4.15 and 5.x < 5.0.6 - Denial of Service via URN Scheme Memory Leak
May 27, 2021
CVSS 7.5
EPSS 0.07
CVE-2021-30501 MEDIUM
UPX 4.0.0 - Denial of Service via Crafted File in MemBuffer::alloc()
May 27, 2021
CVSS 5.5
EPSS 0.01
CVE-2021-30500 HIGH
UPX 4.0.0 - Null Pointer Dereference in PackLinuxElf::canUnpack()
May 27, 2021
CVSS 7.8
EPSS 0.01
CVE-2021-30499 HIGH
libcaca - Buffer Overflow in export_troff Function
May 27, 2021
CVSS 7.8
EPSS 0.01
CVE-2021-3561 HIGH
fig2dev 3.2.8a - Out-of-Bounds Write in read_objects()
May 26, 2021
CVSS 7.1
EPSS 0.01
CVE-2021-30498 HIGH
libcaca - Heap Buffer Overflow in export_tga Function
May 26, 2021
CVSS 7.8
EPSS 0.01
CVE-2021-30471 MEDIUM
PoDoFo 0.9.7 - Stack Overflow via Uncontrolled Recursion in PdfNamesTree::AddToDictionary
May 26, 2021
CVSS 5.5
EPSS 0.01
CVE-2021-30470 MEDIUM
PoDoFo 0.9.7 - Stack Overflow via Uncontrolled Recursion in PdfTokenizer
May 26, 2021
CVSS 5.5
EPSS 0.01
CVE-2021-30469 MEDIUM
PoDoFo 0.9.7 - Use-After-Free in PdfVecObjects::Clear()
May 26, 2021
CVSS 5.5
EPSS 0.01
CVE-2021-25217 HIGH
ISC DHCP <4.1-ESV-R16, 4.4.0-4.4.2 - Info Disclosure
May 26, 2021
CVSS 7.4
EPSS 0.06
CVE-2021-20297 MEDIUM
NetworkManager < 1.30.0 - Denial of Service via Profile Activation with match.path
May 26, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-33194 HIGH
golang.org/x/net <0.0.0-20210520170846-37e1c6afe023 - DoS
May 26, 2021
CVSS 7.5
EPSS 0.07
CVE-2021-20178 MEDIUM
Ansible < 2.9.18 - Credential Disclosure in Bitbucket Pipeline Variable Module Logs
May 26, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-22543 HIGH
Linux Kernel - Use-After-Free via KVM VM_IO|VM_PFNMAP Handling
May 26, 2021
CVSS 7.8
EPSS 0.01
CVE-2021-31924 MEDIUM
Yubico pam-u2f < 1.1.1 - Local PIN Bypass via NULL PIN Submission
May 26, 2021
CVSS 6.8
EPSS 0.00
CVE-2021-33574 CRITICAL
GNU C Library <2.32-2.33 - Use After Free
May 25, 2021
CVSS 9.8
EPSS 0.03
CVE-2021-33477 HIGH
rxvt-unicode <9.22, rxvt <2.7.10, mrxvt <0.5.4, Eterm <0.9.7 - RCE
May 20, 2021
CVSS 8.8
EPSS 0.04
CVE-2021-3480 HIGH
slapi-nis < 0.56.7 - Unauthenticated Denial of Service via Binding DN Parsing
May 20, 2021
CVSS 7.5
EPSS 0.02
CVE-2021-3426 MEDIUM
Python < 3.8.9, < 3.9.3, < 3.10.0a7 - Information Disclosure via pydoc Server
May 20, 2021
CVSS 5.7
EPSS 0.02
CVE-2021-20718 HIGH
mod_auth_openidc 2.4.0-2.4.7 - Denial of Service
May 20, 2021
CVSS 7.5
EPSS 0.03
CVE-2021-3517 HIGH
libxml2 < 2.9.11 - Out-of-bounds Read in XML Entity Encoding
May 19, 2021
CVSS 8.6
EPSS 0.08
CVE-2021-3445 HIGH
libdnf < 0.60.1 - Remote Code Execution via Altered RPM Package Header
May 19, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-3421 MEDIUM
rpm < 4.17.0-alpha - RPM Database Corruption via Package Signature Verification Bypass
May 19, 2021
CVSS 5.5
EPSS 0.01
CVE-2021-3531 MEDIUM
Red Hat Ceph Storage RGW <14.2.21 - DoS
May 18, 2021
CVSS 5.3
EPSS 0.02
CVE-2021-3518 HIGH
libxml2 < 2.9.11 - Use-After-Free
May 18, 2021
CVSS 8.8
EPSS 0.04