fedoraproject

5,423 tracked vulnerabilities.

CVE-2021-26925 MEDIUM
Roundcube Webmail < 1.4.11 - Cross-Site Scripting via CSS Token Sequences in HTML Email Renderer
Feb 09, 2021
CVSS 5.4
EPSS 0.01
CVE-2021-21289 HIGH
Mechanize <2.7.7 - Command Injection
Feb 02, 2021
CVSS 7.4
EPSS 0.04
CVE-2021-3281 MEDIUM
Django <2.2.18-3.0.12-3.1.6 - Path Traversal
Feb 02, 2021
CVSS 5.3
EPSS 0.08
CVE-2021-3347 HIGH
Linux Kernel < 5.10.11 - Use-After-Free in PI Futex Fault Handling
Jan 29, 2021
CVSS 7.8
EPSS 0.01
CVE-2021-3325 CRITICAL
Monitorix 3.13.0 - Unauthenticated Basic Authentication Bypass
Jan 27, 2021
CVSS 9.8
EPSS 0.02
CVE-2021-3272 MEDIUM
JasPer 2.0.24 - Heap-Based Buffer Over-Read in jp2_decode
Jan 27, 2021
CVSS 5.5
EPSS 0.01
CVE-2021-3156 HIGH KEVNUCLEI
Sudo Heap-Based Buffer Overflow
Jan 26, 2021
CVSS 7.8
EPSS 0.99
CVE-2021-3308 MEDIUM
Xen 4.12.3-4.12.4 4.13.1-4.14.x - Denial of Service via PCI Passthrough IDT Vector Exhaustion
Jan 26, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-3115 HIGH
GO < 1.14.14 - Uncontrolled Search Path
Jan 26, 2021
CVSS 7.5
EPSS 0.06
CVE-2021-3114 MEDIUM
Go <1.14.14, <1.15.7 - Info Disclosure
Jan 26, 2021
CVSS 6.5
EPSS 0.03
CVE-2021-2022 MEDIUM
MySQL < 5.6.50, 5.7.32, 8.0.22 - Authenticated Denial of Service in InnoDB
Jan 20, 2021
CVSS 4.4
EPSS 0.02
CVE-2021-2021 MEDIUM
MySQL Server < 8.0.22 - Authenticated Denial of Service in Optimizer
Jan 20, 2021
CVSS 4.9
EPSS 0.10
CVE-2021-2020 MEDIUM
MySQL Server <= 8.0.20 - Authenticated Denial of Service in Optimizer
Jan 20, 2021
CVSS 6.5
EPSS 0.03
CVE-2021-2019 LOW
Oracle MySQL <8.0.19 - Privilege Escalation
Jan 20, 2021
CVSS 2.7
EPSS 0.02
CVE-2021-2016 MEDIUM
MySQL Server < 8.0.19 - Authenticated Denial of Service in Optimizer
Jan 20, 2021
CVSS 4.9
EPSS 0.02
CVE-2021-2012 MEDIUM
Oracle MySQL <8.0.20 - Privilege Escalation
Jan 20, 2021
CVSS 4.9
EPSS 0.02
CVE-2021-2011 MEDIUM
MySQL Client <= 5.7.32 and <= 8.0.22 - Unauthenticated Denial of Service via Multiple Protocols
Jan 20, 2021
CVSS 5.9
EPSS 0.03
CVE-2021-2010 MEDIUM
Oracle MySQL <5.6.51, <5.7.33, <8.0.23 - SQL Injection
Jan 20, 2021
CVSS 4.2
EPSS 0.01
CVE-2021-2009 MEDIUM
Oracle MySQL < 8.0.19 - Authenticated Denial of Service in Server Security Roles
Jan 20, 2021
CVSS 4.9
EPSS 0.02
CVE-2021-2007 LOW
Oracle MySQL <5.6.48, <5.7.30, <8.0.20 - SQL Injection
Jan 20, 2021
CVSS 3.7
EPSS 0.02
CVE-2021-2006 MEDIUM
MySQL Client <= 8.0.19 - Authenticated Denial of Service via C API
Jan 20, 2021
CVSS 5.3
EPSS 0.02
CVE-2021-2002 MEDIUM
MySQL < 8.0.22 - Authenticated Denial of Service in Server Replication
Jan 20, 2021
CVSS 4.9
EPSS 0.03
CVE-2021-2001 MEDIUM
MySQL Server < 5.6.50, 5.7.30, 8.0.17 - Authenticated Denial of Service in Optimizer
Jan 20, 2021
CVSS 4.9
EPSS 0.02
CVE-2021-1998 LOW
MySQL Server <= 8.0.20 - Authenticated Unauthorized Data Manipulation and Partial Denial of Service in Optimizer
Jan 20, 2021
CVSS 3.8
EPSS 0.02
CVE-2021-3181 MEDIUM
Mutt < 2.0.4 - Denial of Service via Semicolon Sequence in RFC822 Address Fields
Jan 19, 2021
CVSS 6.5
EPSS 0.03