fedoraproject
5,423 tracked vulnerabilities.
CVE-2021-22876
MEDIUM
libcurl 7.1.1-7.75.0 - Credential Leak via HTTP Referer Header
Apr 01, 2021
CVSS 5.3
EPSS 0.05
CVE-2021-20291
MEDIUM
containers/storage < 1.28.1 - Denial of Service via Malicious Tar Archive Processing
Apr 01, 2021
CVSS 6.5
EPSS 0.02
CVE-2021-28163
LOW
NetApp Cloud Manager - Exposure of Sensitive Information via Symlink Webapps Directory
Apr 01, 2021
CVSS 2.7
EPSS 0.04
CVE-2021-29650
MEDIUM
Linux Kernel < 5.11.11 - Denial of Service via Netfilter Table Assignment
Mar 30, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-29649
MEDIUM
Linux Kernel < 5.11.11 - Use-After-Free in User Mode Driver
Mar 30, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-29648
MEDIUM
Linux Kernel < 5.11.11 - Denial of Service via Uninitialized BTF Data Access
Mar 30, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-29647
MEDIUM
Linux kernel <5.11.11 - Info Disclosure
Mar 30, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-29646
MEDIUM
Linux kernel <5.11.11 - Info Disclosure
Mar 30, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-23358
LOW
underscore 1.3.2-1.12.1 - Arbitrary Code Injection via Template Function
Mar 29, 2021
CVSS 3.3
EPSS 0.04
CVE-2021-21333
MEDIUM
Synapse < 1.27.0 - HTML Injection in Notification Emails
Mar 26, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-21332
MEDIUM
Synapse < 1.27.0 - Cross-Site Scripting via Password Reset Endpoint
Mar 26, 2021
CVSS 6.9
EPSS 0.01
CVE-2021-20271
HIGH
rpm 4.15.0-4.15.1.3 - Remote Code Execution via Modified Signature Header
Mar 26, 2021
CVSS 7.0
EPSS 0.01
CVE-2021-3467
MEDIUM
jasper < 2.0.26 - Denial of Service via JP2 CDEF Box NULL Pointer Dereference
Mar 25, 2021
CVSS 5.5
EPSS 0.01
CVE-2021-3466
CRITICAL
libmicrohttpd 0.9.70 - Buffer Overflow in post_process_urlencoded
Mar 25, 2021
CVSS 9.8
EPSS 0.09
CVE-2021-3446
MEDIUM
libtpms < 0.8.2 - Weak Cryptographic IV Handling in OpenSSL Integration
Mar 25, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-3443
MEDIUM
Jasper < 2.0.27 - Denial of Service via JP2 Image Format Decoder
Mar 25, 2021
CVSS 5.5
EPSS 0.01
CVE-2021-3450
HIGH
OpenSSL 1.1.1h-1.1.1j - Certificate Chain Validation Bypass via X509_V_FLAG_X509_STRICT
Mar 25, 2021
CVSS 7.4
EPSS 0.18
CVE-2021-3449
MEDIUM
Openssl < 1.1.1k - NULL Pointer Dereference
Mar 25, 2021
CVSS 5.9
EPSS 0.63
CVE-2021-3409
MEDIUM
QEMU <= 5.2.0 - Denial of Service and Potential Code Execution via SDHCI Controller Emulation
Mar 23, 2021
CVSS 5.7
EPSS 0.00
CVE-2021-3392
LOW
QEMU 2.10.0-5.2.0 - Use-After-Free in MegaRAID SCSI I/O Request Handling
Mar 23, 2021
CVSS 3.2
EPSS 0.00
CVE-2021-20270
HIGH
Pygments 1.5-2.7.3 - Denial of Service via SMLLexer Infinite Loop
Mar 23, 2021
CVSS 7.5
EPSS 0.03
CVE-2021-21351
MEDIUM
NUCLEI
Oracle Banking Platform < 5.15.14 - Insecure Deserialization
Mar 23, 2021
CVSS 5.4
EPSS 0.82
CVE-2021-21350
MEDIUM
Netapp Oncommand Insight < 5.15.14 - Insecure Deserialization
Mar 23, 2021
CVSS 5.3
EPSS 0.15
CVE-2021-21349
MEDIUM
Netapp Oncommand Insight < 5.15.14 - SSRF
Mar 23, 2021
CVSS 6.1
EPSS 0.47
CVE-2021-21348
MEDIUM
Netapp Oncommand Insight < 5.15.14 - Insecure Deserialization
Mar 23, 2021
CVSS 5.3
EPSS 0.14
Products
fedora 5,353
extra_packages_for_enterprise_linux 76
389_directory_server 39
sssd 19
fedora_core 8
389_administration_server 1
anaconda 1
arm_installer 1
commons 1
coolkey 1
crypto-utils 1
fedmsg 1
fedora_linux_kernel 1
python-fedora 1
sectool 1
selinux-policy 1
spin-kickstarts 1
supybot-fedora 1
unbound 1
Quick Filters