fedoraproject
5,423 tracked vulnerabilities.
CVE-2021-29155
MEDIUM
Linux Kernel < 5.11.16 - Out-of-Bounds Read via BPF Verifier Pointer Arithmetic
Apr 20, 2021
CVSS 5.5
EPSS 0.01
CVE-2021-20208
MEDIUM
cifs-utils < 6.13 - Unauthenticated Kerberos Credential Exposure via Container Mount
Apr 19, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-3505
MEDIUM
libtpms < 0.8.0 - Insufficient Entropy in RSA Key Generation
Apr 19, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-29458
MEDIUM
exiv2 < 0.27.4 - Out-of-bounds Read via Crafted Image File Metadata Write
Apr 19, 2021
CVSS 5.5
EPSS 0.02
CVE-2021-29457
HIGH
Exiv2 < 0.27.4 - Heap-based Buffer Overflow via Crafted Image File Metadata Write
Apr 19, 2021
CVSS 7.8
EPSS 0.02
CVE-2021-20288
HIGH
Ceph < 14.2.20 - Authentication Bypass via Key Reuse
Apr 15, 2021
CVSS 7.2
EPSS 0.02
CVE-2021-28484
HIGH
Yubico yubihsm-connector < 3.0.1 - Denial of Service via /api/connector Endpoint
Apr 14, 2021
CVSS 7.5
EPSS 0.02
CVE-2021-29338
MEDIUM
OpenJPEG 2.4.0 - Denial of Service via Integer Overflow in -ImgDir Option
Apr 14, 2021
CVSS 5.5
EPSS 0.02
CVE-2021-27815
MEDIUM
exif < 0.6.22 - Denial of Service via Malicious JPEG File
Apr 14, 2021
CVSS 5.5
EPSS 0.01
CVE-2021-22879
HIGH
Nextcloud Desktop Client <3.1.3 - Code Injection
Apr 14, 2021
CVSS 8.8
EPSS 0.05
CVE-2021-31162
CRITICAL
Rust 1.48.0-1.51.0 - Use-After-Free in Vec::from_iter
Apr 14, 2021
CVSS 9.8
EPSS 0.03
CVE-2021-21393
MEDIUM
Synapse 0.24.0-1.27.9 - Denial of Service via Third-Party Identifier Confirmation Endpoint
Apr 12, 2021
CVSS 5.3
EPSS 0.02
CVE-2021-21392
MEDIUM
Synapse < 1.28.0 - Server-Side Request Forgery via Transitional IPv6 Address Handling
Apr 12, 2021
CVSS 6.3
EPSS 0.01
CVE-2021-21394
MEDIUM
Synapse 0.17.0-1.27.9 - Denial of Service via Third-Party Identifier Confirmation Endpoint
Apr 12, 2021
CVSS 5.3
EPSS 0.02
CVE-2021-28879
CRITICAL
Rust < 1.52.0 - Integer Overflow in Zip Implementation
Apr 11, 2021
CVSS 9.8
EPSS 0.02
CVE-2021-28878
HIGH
Rust < 1.52.0 - Memory Safety Violation via Zip Iterator next_back() and next()
Apr 11, 2021
CVSS 7.5
EPSS 0.02
CVE-2021-28876
MEDIUM
Rust < 1.52.0 - Memory Safety Violation via Zip Iterator Panic
Apr 11, 2021
CVSS 5.3
EPSS 0.02
CVE-2021-21199
HIGH
Google Chrome <89.0.4389.114 - Use After Free
Apr 09, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-21198
HIGH
Google Chrome <89.0.4389.114 - Info Disclosure
Apr 09, 2021
CVSS 7.4
EPSS 0.02
CVE-2021-21197
HIGH
Google Chrome <89.0.4389.114 - Buffer Overflow
Apr 09, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-21196
HIGH
Google Chrome <89.0.4389.114 - Buffer Overflow
Apr 09, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-21195
HIGH
Google Chrome <89.0.4389.114 - Use After Free
Apr 09, 2021
CVSS 8.8
EPSS 0.02
CVE-2021-21194
HIGH
Google Chrome <89.0.4389.114 - Use After Free
Apr 09, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-30159
MEDIUM
MediaWiki < 1.31.12 and 1.32.x-1.35.x < 1.35.2 - Unintended Page Deletion via Fast Double Move
Apr 09, 2021
CVSS 4.3
EPSS 0.02
CVE-2021-30156
MEDIUM
MediaWiki <1.35.2 - Info Disclosure
Apr 09, 2021
CVSS 4.3
EPSS 0.01
Products
fedora 5,353
extra_packages_for_enterprise_linux 76
389_directory_server 39
sssd 19
fedora_core 8
389_administration_server 1
anaconda 1
arm_installer 1
commons 1
coolkey 1
crypto-utils 1
fedmsg 1
fedora_linux_kernel 1
python-fedora 1
sectool 1
selinux-policy 1
spin-kickstarts 1
supybot-fedora 1
unbound 1
Quick Filters