fedoraproject

5,423 tracked vulnerabilities.

CVE-2021-22876 MEDIUM
libcurl 7.1.1-7.75.0 - Credential Leak via HTTP Referer Header
Apr 01, 2021
CVSS 5.3
EPSS 0.05
CVE-2021-20291 MEDIUM
containers/storage < 1.28.1 - Denial of Service via Malicious Tar Archive Processing
Apr 01, 2021
CVSS 6.5
EPSS 0.02
CVE-2021-28163 LOW
NetApp Cloud Manager - Exposure of Sensitive Information via Symlink Webapps Directory
Apr 01, 2021
CVSS 2.7
EPSS 0.04
CVE-2021-29650 MEDIUM
Linux Kernel < 5.11.11 - Denial of Service via Netfilter Table Assignment
Mar 30, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-29649 MEDIUM
Linux Kernel < 5.11.11 - Use-After-Free in User Mode Driver
Mar 30, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-29648 MEDIUM
Linux Kernel < 5.11.11 - Denial of Service via Uninitialized BTF Data Access
Mar 30, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-29647 MEDIUM
Linux kernel <5.11.11 - Info Disclosure
Mar 30, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-29646 MEDIUM
Linux kernel <5.11.11 - Info Disclosure
Mar 30, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-23358 LOW
underscore 1.3.2-1.12.1 - Arbitrary Code Injection via Template Function
Mar 29, 2021
CVSS 3.3
EPSS 0.04
CVE-2021-21333 MEDIUM
Synapse < 1.27.0 - HTML Injection in Notification Emails
Mar 26, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-21332 MEDIUM
Synapse < 1.27.0 - Cross-Site Scripting via Password Reset Endpoint
Mar 26, 2021
CVSS 6.9
EPSS 0.01
CVE-2021-20271 HIGH
rpm 4.15.0-4.15.1.3 - Remote Code Execution via Modified Signature Header
Mar 26, 2021
CVSS 7.0
EPSS 0.01
CVE-2021-3467 MEDIUM
jasper < 2.0.26 - Denial of Service via JP2 CDEF Box NULL Pointer Dereference
Mar 25, 2021
CVSS 5.5
EPSS 0.01
CVE-2021-3466 CRITICAL
libmicrohttpd 0.9.70 - Buffer Overflow in post_process_urlencoded
Mar 25, 2021
CVSS 9.8
EPSS 0.09
CVE-2021-3446 MEDIUM
libtpms < 0.8.2 - Weak Cryptographic IV Handling in OpenSSL Integration
Mar 25, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-3443 MEDIUM
Jasper < 2.0.27 - Denial of Service via JP2 Image Format Decoder
Mar 25, 2021
CVSS 5.5
EPSS 0.01
CVE-2021-3450 HIGH
OpenSSL 1.1.1h-1.1.1j - Certificate Chain Validation Bypass via X509_V_FLAG_X509_STRICT
Mar 25, 2021
CVSS 7.4
EPSS 0.18
CVE-2021-3449 MEDIUM
Openssl < 1.1.1k - NULL Pointer Dereference
Mar 25, 2021
CVSS 5.9
EPSS 0.63
CVE-2021-3409 MEDIUM
QEMU <= 5.2.0 - Denial of Service and Potential Code Execution via SDHCI Controller Emulation
Mar 23, 2021
CVSS 5.7
EPSS 0.00
CVE-2021-3392 LOW
QEMU 2.10.0-5.2.0 - Use-After-Free in MegaRAID SCSI I/O Request Handling
Mar 23, 2021
CVSS 3.2
EPSS 0.00
CVE-2021-20270 HIGH
Pygments 1.5-2.7.3 - Denial of Service via SMLLexer Infinite Loop
Mar 23, 2021
CVSS 7.5
EPSS 0.03
CVE-2021-21351 MEDIUM NUCLEI
Oracle Banking Platform < 5.15.14 - Insecure Deserialization
Mar 23, 2021
CVSS 5.4
EPSS 0.82
CVE-2021-21350 MEDIUM
Netapp Oncommand Insight < 5.15.14 - Insecure Deserialization
Mar 23, 2021
CVSS 5.3
EPSS 0.15
CVE-2021-21349 MEDIUM
Netapp Oncommand Insight < 5.15.14 - SSRF
Mar 23, 2021
CVSS 6.1
EPSS 0.47
CVE-2021-21348 MEDIUM
Netapp Oncommand Insight < 5.15.14 - Insecure Deserialization
Mar 23, 2021
CVSS 5.3
EPSS 0.14