fedoraproject
5,423 tracked vulnerabilities.
CVE-2020-27781
HIGH
Ceph < 14.2.16, 15.x < 15.2.8, 16.x < 16.2.0 - Insufficiently Protected Credentials via OpenStack Manila Share Access
Dec 18, 2020
CVSS 7.1
EPSS 0.00
CVE-2020-35480
MEDIUM
MediaWiki < 1.35.1 - Information Disclosure of Hidden User Accounts
Dec 18, 2020
CVSS 5.3
EPSS 0.02
CVE-2020-35479
MEDIUM
MediaWiki 1.12.0-1.35.0 - Cross-Site Scripting via BlockLogFormatter.php
Dec 18, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-35478
MEDIUM
MediaWiki 1.33.0-1.35.0 - Cross-Site Scripting via BlockLogFormatter.php
Dec 18, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-35477
MEDIUM
MediaWiki <1.35.1 - Info Disclosure
Dec 18, 2020
CVSS 5.3
EPSS 0.02
CVE-2020-35475
HIGH
MediaWiki < 1.35.1 - Cross-Site Scripting in UserRights Special Page
Dec 18, 2020
CVSS 7.5
EPSS 0.02
CVE-2020-35474
MEDIUM
MediaWiki < 1.35.1 - Stored Cross-Site Scripting via MediaWiki:recentchanges-legend-watchlistexpiry
Dec 18, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-26259
MEDIUM
XStream <1.4.15 - File Deletion
Dec 16, 2020
CVSS 6.8
EPSS 0.82
CVE-2020-26258
MEDIUM
NUCLEI
XStream <1.4.15 - Server-Side Request Forgery via XML Unmarshalling
Dec 16, 2020
CVSS 6.3
EPSS 0.82
CVE-2020-35381
HIGH
jsonparser 1.0.0 - Denial of Service via GET Call
Dec 15, 2020
CVSS 7.5
EPSS 0.02
CVE-2020-29486
MEDIUM
Xen < 4.14.0 - Denial of Service via Xenstore Node Ownership Quota Manipulation
Dec 15, 2020
CVSS 6.0
EPSS 0.00
CVE-2020-29485
MEDIUM
Xen 4.6-4.14.x - Denial of Service via XS_RESET_WATCHES Memory Leak
Dec 15, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-29484
MEDIUM
Xen < 4.14.0 - Denial of Service via Xenstore Watch Payload Length Overflow
Dec 15, 2020
CVSS 6.0
EPSS 0.00
CVE-2020-29483
MEDIUM
Xen < 4.14.0 - Use-After-Free in Xenstored via Guest Protocol Violation
Dec 15, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-29482
MEDIUM
Xen < 4.14.0 - Denial of Service via Xenstore Path Length Limit Bypass
Dec 15, 2020
CVSS 6.0
EPSS 0.00
CVE-2020-29481
HIGH
Xen < 4.14.0 - Improper Privilege Management via Xenstore Node Access Rights
Dec 15, 2020
CVSS 8.8
EPSS 0.00
CVE-2020-29480
LOW
Xen < 4.14.0 - Missing Authorization in Xenstore Watch Events
Dec 15, 2020
CVSS 2.3
EPSS 0.00
CVE-2020-29479
HIGH
Xen < 4.14.0 - Unauthenticated Missing Authorization in Ocaml xenstored
Dec 15, 2020
CVSS 8.8
EPSS 0.00
CVE-2020-29571
MEDIUM
Xen 4.4.0-4.14.x - Denial of Service via FIFO Event Channel NULL Pointer Dereference
Dec 15, 2020
CVSS 6.2
EPSS 0.00
CVE-2020-29570
MEDIUM
Xen 4.4.0-4.13.x - Denial of Service via Per-vCPU Control Block Mapping
Dec 15, 2020
CVSS 6.2
EPSS 0.00
CVE-2020-29567
MEDIUM
Xen < 4.14.0 - Denial of Service via IRQ Vector De-allocation
Dec 15, 2020
CVSS 6.2
EPSS 0.00
CVE-2020-29566
MEDIUM
Xen < 4.14.0 - Denial of Service via Recursive De-Schedule/Re-Schedule
Dec 15, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-0499
MEDIUM
Android 11 - Out-of-bounds Read in FLAC Bitreader
Dec 15, 2020
CVSS 4.3
EPSS 0.04
CVE-2020-8286
HIGH
libcurl 7.41.0-7.73.0 - Improper Certificate Validation via OCSP Response
Dec 14, 2020
CVSS 7.5
EPSS 0.05
CVE-2020-8285
HIGH
libcurl 7.21.0-7.73.0 - Uncontrolled Recursion via FTP Wildcard Match Parsing
Dec 14, 2020
CVSS 7.5
EPSS 0.10
Products
fedora 5,353
extra_packages_for_enterprise_linux 76
389_directory_server 39
sssd 19
fedora_core 8
389_administration_server 1
anaconda 1
arm_installer 1
commons 1
coolkey 1
crypto-utils 1
fedmsg 1
fedora_linux_kernel 1
python-fedora 1
sectool 1
selinux-policy 1
spin-kickstarts 1
supybot-fedora 1
unbound 1
Quick Filters