fedoraproject
5,423 tracked vulnerabilities.
CVE-2021-21193
HIGH
KEV
Google Chrome <89.0.4389.90 - Use After Free
Mar 16, 2021
CVSS 8.8
EPSS 0.10
CVE-2021-21192
HIGH
Google Chrome <89.0.4389.90 - Buffer Overflow
Mar 16, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-21191
HIGH
Google Chrome <89.0.4389.90 - Use After Free
Mar 16, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-20283
MEDIUM
moodle 3.5.0-3.5.16 and 3.10.0-3.10.1 - Missing Authorization in Course Enrollment Web Service
Mar 15, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-20282
MEDIUM
moodle 3.5.0-3.5.16 - Incorrect Authorization in User Account Verification
Mar 15, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-20281
MEDIUM
moodle 3.5.0-3.5.16 and 3.10.0-3.10.1 - Exposure of Sensitive Information via Online Users Block
Mar 15, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-20280
MEDIUM
Moodle 3.5.0-3.5.16, 3.8.0-3.8.7, 3.9.0-3.9.4, 3.10.0-3.10.1 - Stored XSS and SSRF in Text-Based Feedback
Mar 15, 2021
CVSS 5.4
EPSS 0.01
CVE-2021-20279
MEDIUM
moodle 3.5.0-3.5.16, 3.10.0-3.10.1 - Stored Cross-Site Scripting in ID Number User Profile Field
Mar 15, 2021
CVSS 5.4
EPSS 0.01
CVE-2021-28363
MEDIUM
urllib3 1.26.0-1.26.3 - Improper Certificate Validation in HTTPS Proxy Connections
Mar 15, 2021
CVSS 6.5
EPSS 0.02
CVE-2021-20179
HIGH
dogtagpki - Incorrect Authorization in Certificate Renewal
Mar 15, 2021
CVSS 8.1
EPSS 0.01
CVE-2021-28375
HIGH
Linux Kernel 5.1-5.11.6 - Missing Authorization in fastrpc_internal_invoke
Mar 15, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-20232
CRITICAL
GnuTLS 3.6.3-3.7.0 - Use-After-Free in client_send_params
Mar 12, 2021
CVSS 9.8
EPSS 0.03
CVE-2021-20231
CRITICAL
GnuTLS 3.6.3-3.7.0 - Use-After-Free in Key Share Extension Handling
Mar 12, 2021
CVSS 9.8
EPSS 0.04
CVE-2021-21367
MEDIUM
elementary switchboard_bluetooth_plug 2.3.0-2.3.5 - Unauthenticated Incorrect Authorization via Bluetooth Pairing
Mar 12, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-28153
MEDIUM
GNOME GLib <2.66.8 - Info Disclosure
Mar 11, 2021
CVSS 5.3
EPSS 0.03
CVE-2021-21381
HIGH
Flatpak 0.9.4-1.10.1 - Unauthenticated Arbitrary File Access via Desktop File Token Injection
Mar 11, 2021
CVSS 7.1
EPSS 0.02
CVE-2021-27919
MEDIUM
Go <1.16.1 - Denial of Service
Mar 11, 2021
CVSS 5.5
EPSS 0.02
CVE-2021-21334
MEDIUM
containerd <1.3.10 and 1.4.0-<1.4.4 - Unintended Environment Variable Exposure via CRI Implementation
Mar 10, 2021
CVSS 6.3
EPSS 0.02
CVE-2021-21772
HIGH
lib3mf 2.0.0 - Use-After-Free in NMR::COpcPackageReader::releaseZIP()
Mar 10, 2021
CVSS 8.1
EPSS 0.04
CVE-2021-20205
MEDIUM
libjpeg-turbo 2.0.90-2.0.91 - Denial of Service via Crafted GIF Image
Mar 10, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-28116
LOW
Squid <4.14, <5.0.5 - Info Disclosure
Mar 09, 2021
CVSS 3.7
EPSS 0.13
CVE-2021-21300
HIGH
Git 2.14.2-2.30.0 - Remote Code Execution via Symbolic Link and Clean/Smudge Filter Interaction
Mar 09, 2021
CVSS 8.0
EPSS 0.89
CVE-2021-20246
MEDIUM
ImageMagick < 6.9.11-62 - Denial of Service via Division by Zero in Resample
Mar 09, 2021
CVSS 5.5
EPSS 0.01
CVE-2021-20245
MEDIUM
ImageMagick < 6.9.11-62 - Denial of Service via Division by Zero in WebP Coder
Mar 09, 2021
CVSS 5.5
EPSS 0.01
CVE-2021-20244
MEDIUM
ImageMagick < 7.0.10-62 - Denial of Service via Division by Zero in Visual Effects
Mar 09, 2021
CVSS 5.5
EPSS 0.01
Products
fedora 5,353
extra_packages_for_enterprise_linux 76
389_directory_server 39
sssd 19
fedora_core 8
389_administration_server 1
anaconda 1
arm_installer 1
commons 1
coolkey 1
crypto-utils 1
fedmsg 1
fedora_linux_kernel 1
python-fedora 1
sectool 1
selinux-policy 1
spin-kickstarts 1
supybot-fedora 1
unbound 1
Quick Filters