fedoraproject

5,420 tracked vulnerabilities.

CVE-2024-1488 HIGH
Unbound < 1.19.1-2.fc40 - Unauthenticated Configuration Manipulation via Localhost Port 8953
Feb 15, 2024
CVSS 8.0
EPSS 0.00
CVE-2024-24814 HIGH
mod_auth_openidc 2.0.0-2.4.15.1 - Denial of Service via mod_auth_openidc_session_chunks Cookie
Feb 13, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-1454 LOW
OpenSC < 0.25.0 - Use-After-Free in AuthentIC Driver Card Enrolment
Feb 12, 2024
CVSS 3.4
EPSS 0.00
CVE-2024-1062 MEDIUM
389 Directory Server < 2.2.0 - Denial of Service via Heap Overflow in log_entry_attr
Feb 12, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-1151 MEDIUM
Linux Kernel - Stack-based Buffer Overflow in Open vSwitch
Feb 11, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-0229 HIGH
X.Org Server - Out-of-bounds Write via Device Reattachment
Feb 09, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-1312 MEDIUM
Linux Kernel < 6.5 - Use-After-Free in Memory Management Subsystem
Feb 08, 2024
CVSS 5.1
EPSS 0.00
CVE-2024-20290 HIGH
Cisco Secure Endpoint - Denial of Service via OLE2 File Format Parser
Feb 07, 2024
CVSS 7.5
EPSS 0.09
CVE-2024-1284 CRITICAL
Google Chrome <121.0.6167.160 - Use After Free
Feb 07, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-1283 CRITICAL
Google Chrome <121.0.6167.160 - Buffer Overflow
Feb 07, 2024
CVSS 9.8
EPSS 0.03
CVE-2024-1048 LOW
GRUB2 - Incomplete Cleanup in grub2-set-bootflag Temporary File Handling
Feb 06, 2024
CVSS 3.3
EPSS 0.00
CVE-2024-0690 MEDIUM
ansible-core < 2.14.14 - Information Disclosure via ANSIBLE_NO_LOG Bypass
Feb 06, 2024
CVSS 5.0
EPSS 0.00
CVE-2024-22667 HIGH
Vim < 9.0.2142 - Stack-based Buffer Overflow in did_set_langmap
Feb 05, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-21626 HIGH
runc (docker) File Descriptor Leak Privilege Escalation
Jan 31, 2024
CVSS 8.6
EPSS 0.05
CVE-2024-1086 HIGH KEV
Linux Kernel 3.15-5.15.149 - Use-After-Free in nf_tables Component
Jan 31, 2024
CVSS 7.8
EPSS 0.85
CVE-2024-1077 HIGH
Google Chrome < 121.0.6167.139 - Use-After-Free in Network
Jan 30, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-1060 HIGH
Google Chrome < 121.0.6167.139 - Use-After-Free in Canvas
Jan 30, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-1059 HIGH
Google Chrome < 121.0.6167.139 - Use-After-Free in Peer Connection
Jan 30, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-23829 MEDIUM
aiohttp < 3.9.2 - HTTP Request Smuggling via Inconsistent HTTP Parser Validation
Jan 29, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-23334 MEDIUM NUCLEI
aiohttp - Directory Traversal
Jan 29, 2024
CVSS 5.9
EPSS 0.94
CVE-2024-0814 MEDIUM
Google Chrome < 121.0.6167.85 - Security UI Spoofing via Payments
Jan 24, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-0813 HIGH
Google Chrome <121.0.6167.85 - Use After Free
Jan 24, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-0812 HIGH
Google Chrome <121.0.6167.85 - Object Corruption
Jan 24, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-0811 MEDIUM
Google Chrome <121.0.6167.85 - Info Disclosure
Jan 24, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-0809 MEDIUM
Google Chrome <121.0.6167.85 - CSRF
Jan 24, 2024
CVSS 4.3
EPSS 0.00
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV