fedoraproject

5,423 tracked vulnerabilities.

CVE-2021-21193 HIGH KEV
Google Chrome <89.0.4389.90 - Use After Free
Mar 16, 2021
CVSS 8.8
EPSS 0.10
CVE-2021-21192 HIGH
Google Chrome <89.0.4389.90 - Buffer Overflow
Mar 16, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-21191 HIGH
Google Chrome <89.0.4389.90 - Use After Free
Mar 16, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-20283 MEDIUM
moodle 3.5.0-3.5.16 and 3.10.0-3.10.1 - Missing Authorization in Course Enrollment Web Service
Mar 15, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-20282 MEDIUM
moodle 3.5.0-3.5.16 - Incorrect Authorization in User Account Verification
Mar 15, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-20281 MEDIUM
moodle 3.5.0-3.5.16 and 3.10.0-3.10.1 - Exposure of Sensitive Information via Online Users Block
Mar 15, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-20280 MEDIUM
Moodle 3.5.0-3.5.16, 3.8.0-3.8.7, 3.9.0-3.9.4, 3.10.0-3.10.1 - Stored XSS and SSRF in Text-Based Feedback
Mar 15, 2021
CVSS 5.4
EPSS 0.01
CVE-2021-20279 MEDIUM
moodle 3.5.0-3.5.16, 3.10.0-3.10.1 - Stored Cross-Site Scripting in ID Number User Profile Field
Mar 15, 2021
CVSS 5.4
EPSS 0.01
CVE-2021-28363 MEDIUM
urllib3 1.26.0-1.26.3 - Improper Certificate Validation in HTTPS Proxy Connections
Mar 15, 2021
CVSS 6.5
EPSS 0.02
CVE-2021-20179 HIGH
dogtagpki - Incorrect Authorization in Certificate Renewal
Mar 15, 2021
CVSS 8.1
EPSS 0.01
CVE-2021-28375 HIGH
Linux Kernel 5.1-5.11.6 - Missing Authorization in fastrpc_internal_invoke
Mar 15, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-20232 CRITICAL
GnuTLS 3.6.3-3.7.0 - Use-After-Free in client_send_params
Mar 12, 2021
CVSS 9.8
EPSS 0.03
CVE-2021-20231 CRITICAL
GnuTLS 3.6.3-3.7.0 - Use-After-Free in Key Share Extension Handling
Mar 12, 2021
CVSS 9.8
EPSS 0.04
CVE-2021-21367 MEDIUM
elementary switchboard_bluetooth_plug 2.3.0-2.3.5 - Unauthenticated Incorrect Authorization via Bluetooth Pairing
Mar 12, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-28153 MEDIUM
GNOME GLib <2.66.8 - Info Disclosure
Mar 11, 2021
CVSS 5.3
EPSS 0.03
CVE-2021-21381 HIGH
Flatpak 0.9.4-1.10.1 - Unauthenticated Arbitrary File Access via Desktop File Token Injection
Mar 11, 2021
CVSS 7.1
EPSS 0.02
CVE-2021-27919 MEDIUM
Go <1.16.1 - Denial of Service
Mar 11, 2021
CVSS 5.5
EPSS 0.02
CVE-2021-21334 MEDIUM
containerd <1.3.10 and 1.4.0-<1.4.4 - Unintended Environment Variable Exposure via CRI Implementation
Mar 10, 2021
CVSS 6.3
EPSS 0.02
CVE-2021-21772 HIGH
lib3mf 2.0.0 - Use-After-Free in NMR::COpcPackageReader::releaseZIP()
Mar 10, 2021
CVSS 8.1
EPSS 0.04
CVE-2021-20205 MEDIUM
libjpeg-turbo 2.0.90-2.0.91 - Denial of Service via Crafted GIF Image
Mar 10, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-28116 LOW
Squid <4.14, <5.0.5 - Info Disclosure
Mar 09, 2021
CVSS 3.7
EPSS 0.13
CVE-2021-21300 HIGH
Git 2.14.2-2.30.0 - Remote Code Execution via Symbolic Link and Clean/Smudge Filter Interaction
Mar 09, 2021
CVSS 8.0
EPSS 0.89
CVE-2021-20246 MEDIUM
ImageMagick < 6.9.11-62 - Denial of Service via Division by Zero in Resample
Mar 09, 2021
CVSS 5.5
EPSS 0.01
CVE-2021-20245 MEDIUM
ImageMagick < 6.9.11-62 - Denial of Service via Division by Zero in WebP Coder
Mar 09, 2021
CVSS 5.5
EPSS 0.01
CVE-2021-20244 MEDIUM
ImageMagick < 7.0.10-62 - Denial of Service via Division by Zero in Visual Effects
Mar 09, 2021
CVSS 5.5
EPSS 0.01