fedoraproject

5,423 tracked vulnerabilities.

CVE-2021-29155 MEDIUM
Linux Kernel < 5.11.16 - Out-of-Bounds Read via BPF Verifier Pointer Arithmetic
Apr 20, 2021
CVSS 5.5
EPSS 0.01
CVE-2021-20208 MEDIUM
cifs-utils < 6.13 - Unauthenticated Kerberos Credential Exposure via Container Mount
Apr 19, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-3505 MEDIUM
libtpms < 0.8.0 - Insufficient Entropy in RSA Key Generation
Apr 19, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-29458 MEDIUM
exiv2 < 0.27.4 - Out-of-bounds Read via Crafted Image File Metadata Write
Apr 19, 2021
CVSS 5.5
EPSS 0.02
CVE-2021-29457 HIGH
Exiv2 < 0.27.4 - Heap-based Buffer Overflow via Crafted Image File Metadata Write
Apr 19, 2021
CVSS 7.8
EPSS 0.02
CVE-2021-20288 HIGH
Ceph < 14.2.20 - Authentication Bypass via Key Reuse
Apr 15, 2021
CVSS 7.2
EPSS 0.02
CVE-2021-28484 HIGH
Yubico yubihsm-connector < 3.0.1 - Denial of Service via /api/connector Endpoint
Apr 14, 2021
CVSS 7.5
EPSS 0.02
CVE-2021-29338 MEDIUM
OpenJPEG 2.4.0 - Denial of Service via Integer Overflow in -ImgDir Option
Apr 14, 2021
CVSS 5.5
EPSS 0.02
CVE-2021-27815 MEDIUM
exif < 0.6.22 - Denial of Service via Malicious JPEG File
Apr 14, 2021
CVSS 5.5
EPSS 0.01
CVE-2021-22879 HIGH
Nextcloud Desktop Client <3.1.3 - Code Injection
Apr 14, 2021
CVSS 8.8
EPSS 0.05
CVE-2021-31162 CRITICAL
Rust 1.48.0-1.51.0 - Use-After-Free in Vec::from_iter
Apr 14, 2021
CVSS 9.8
EPSS 0.03
CVE-2021-21393 MEDIUM
Synapse 0.24.0-1.27.9 - Denial of Service via Third-Party Identifier Confirmation Endpoint
Apr 12, 2021
CVSS 5.3
EPSS 0.02
CVE-2021-21392 MEDIUM
Synapse < 1.28.0 - Server-Side Request Forgery via Transitional IPv6 Address Handling
Apr 12, 2021
CVSS 6.3
EPSS 0.01
CVE-2021-21394 MEDIUM
Synapse 0.17.0-1.27.9 - Denial of Service via Third-Party Identifier Confirmation Endpoint
Apr 12, 2021
CVSS 5.3
EPSS 0.02
CVE-2021-28879 CRITICAL
Rust < 1.52.0 - Integer Overflow in Zip Implementation
Apr 11, 2021
CVSS 9.8
EPSS 0.02
CVE-2021-28878 HIGH
Rust < 1.52.0 - Memory Safety Violation via Zip Iterator next_back() and next()
Apr 11, 2021
CVSS 7.5
EPSS 0.02
CVE-2021-28876 MEDIUM
Rust < 1.52.0 - Memory Safety Violation via Zip Iterator Panic
Apr 11, 2021
CVSS 5.3
EPSS 0.02
CVE-2021-21199 HIGH
Google Chrome <89.0.4389.114 - Use After Free
Apr 09, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-21198 HIGH
Google Chrome <89.0.4389.114 - Info Disclosure
Apr 09, 2021
CVSS 7.4
EPSS 0.02
CVE-2021-21197 HIGH
Google Chrome <89.0.4389.114 - Buffer Overflow
Apr 09, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-21196 HIGH
Google Chrome <89.0.4389.114 - Buffer Overflow
Apr 09, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-21195 HIGH
Google Chrome <89.0.4389.114 - Use After Free
Apr 09, 2021
CVSS 8.8
EPSS 0.02
CVE-2021-21194 HIGH
Google Chrome <89.0.4389.114 - Use After Free
Apr 09, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-30159 MEDIUM
MediaWiki < 1.31.12 and 1.32.x-1.35.x < 1.35.2 - Unintended Page Deletion via Fast Double Move
Apr 09, 2021
CVSS 4.3
EPSS 0.02
CVE-2021-30156 MEDIUM
MediaWiki <1.35.2 - Info Disclosure
Apr 09, 2021
CVSS 4.3
EPSS 0.01