fedoraproject
5,423 tracked vulnerabilities.
CVE-2021-26925
MEDIUM
Roundcube Webmail < 1.4.11 - Cross-Site Scripting via CSS Token Sequences in HTML Email Renderer
Feb 09, 2021
CVSS 5.4
EPSS 0.01
CVE-2021-21289
HIGH
Mechanize <2.7.7 - Command Injection
Feb 02, 2021
CVSS 7.4
EPSS 0.04
CVE-2021-3281
MEDIUM
Django <2.2.18-3.0.12-3.1.6 - Path Traversal
Feb 02, 2021
CVSS 5.3
EPSS 0.08
CVE-2021-3347
HIGH
Linux Kernel < 5.10.11 - Use-After-Free in PI Futex Fault Handling
Jan 29, 2021
CVSS 7.8
EPSS 0.01
CVE-2021-3325
CRITICAL
Monitorix 3.13.0 - Unauthenticated Basic Authentication Bypass
Jan 27, 2021
CVSS 9.8
EPSS 0.02
CVE-2021-3272
MEDIUM
JasPer 2.0.24 - Heap-Based Buffer Over-Read in jp2_decode
Jan 27, 2021
CVSS 5.5
EPSS 0.01
CVE-2021-3156
HIGH
KEVNUCLEI
Sudo Heap-Based Buffer Overflow
Jan 26, 2021
CVSS 7.8
EPSS 0.99
CVE-2021-3308
MEDIUM
Xen 4.12.3-4.12.4 4.13.1-4.14.x - Denial of Service via PCI Passthrough IDT Vector Exhaustion
Jan 26, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-3115
HIGH
GO < 1.14.14 - Uncontrolled Search Path
Jan 26, 2021
CVSS 7.5
EPSS 0.06
CVE-2021-3114
MEDIUM
Go <1.14.14, <1.15.7 - Info Disclosure
Jan 26, 2021
CVSS 6.5
EPSS 0.03
CVE-2021-2022
MEDIUM
MySQL < 5.6.50, 5.7.32, 8.0.22 - Authenticated Denial of Service in InnoDB
Jan 20, 2021
CVSS 4.4
EPSS 0.02
CVE-2021-2021
MEDIUM
MySQL Server < 8.0.22 - Authenticated Denial of Service in Optimizer
Jan 20, 2021
CVSS 4.9
EPSS 0.10
CVE-2021-2020
MEDIUM
MySQL Server <= 8.0.20 - Authenticated Denial of Service in Optimizer
Jan 20, 2021
CVSS 6.5
EPSS 0.03
CVE-2021-2019
LOW
Oracle MySQL <8.0.19 - Privilege Escalation
Jan 20, 2021
CVSS 2.7
EPSS 0.02
CVE-2021-2016
MEDIUM
MySQL Server < 8.0.19 - Authenticated Denial of Service in Optimizer
Jan 20, 2021
CVSS 4.9
EPSS 0.02
CVE-2021-2012
MEDIUM
Oracle MySQL <8.0.20 - Privilege Escalation
Jan 20, 2021
CVSS 4.9
EPSS 0.02
CVE-2021-2011
MEDIUM
MySQL Client <= 5.7.32 and <= 8.0.22 - Unauthenticated Denial of Service via Multiple Protocols
Jan 20, 2021
CVSS 5.9
EPSS 0.03
CVE-2021-2010
MEDIUM
Oracle MySQL <5.6.51, <5.7.33, <8.0.23 - SQL Injection
Jan 20, 2021
CVSS 4.2
EPSS 0.01
CVE-2021-2009
MEDIUM
Oracle MySQL < 8.0.19 - Authenticated Denial of Service in Server Security Roles
Jan 20, 2021
CVSS 4.9
EPSS 0.02
CVE-2021-2007
LOW
Oracle MySQL <5.6.48, <5.7.30, <8.0.20 - SQL Injection
Jan 20, 2021
CVSS 3.7
EPSS 0.02
CVE-2021-2006
MEDIUM
MySQL Client <= 8.0.19 - Authenticated Denial of Service via C API
Jan 20, 2021
CVSS 5.3
EPSS 0.02
CVE-2021-2002
MEDIUM
MySQL < 8.0.22 - Authenticated Denial of Service in Server Replication
Jan 20, 2021
CVSS 4.9
EPSS 0.03
CVE-2021-2001
MEDIUM
MySQL Server < 5.6.50, 5.7.30, 8.0.17 - Authenticated Denial of Service in Optimizer
Jan 20, 2021
CVSS 4.9
EPSS 0.02
CVE-2021-1998
LOW
MySQL Server <= 8.0.20 - Authenticated Unauthorized Data Manipulation and Partial Denial of Service in Optimizer
Jan 20, 2021
CVSS 3.8
EPSS 0.02
CVE-2021-3181
MEDIUM
Mutt < 2.0.4 - Denial of Service via Semicolon Sequence in RFC822 Address Fields
Jan 19, 2021
CVSS 6.5
EPSS 0.03
Products
fedora 5,353
extra_packages_for_enterprise_linux 76
389_directory_server 39
sssd 19
fedora_core 8
389_administration_server 1
anaconda 1
arm_installer 1
commons 1
coolkey 1
crypto-utils 1
fedmsg 1
fedora_linux_kernel 1
python-fedora 1
sectool 1
selinux-policy 1
spin-kickstarts 1
supybot-fedora 1
unbound 1
Quick Filters