fedoraproject
5,423 tracked vulnerabilities.
CVE-2020-8284
LOW
curl < 7.73.0 - Exposure of Sensitive Information via FTP PASV Response
Dec 14, 2020
CVSS 3.7
EPSS 0.04
CVE-2020-35176
MEDIUM
AWStats < 7.8 - Path Traversal via Partial Absolute Pathname
Dec 12, 2020
CVSS 5.3
EPSS 0.02
CVE-2020-26421
MEDIUM
Wireshark <3.4.0, 3.2.0-3.2.8 - DoS
Dec 11, 2020
CVSS 4.2
EPSS 0.03
CVE-2020-26420
LOW
Wireshark <3.4.0, 3.2.0-3.2.8 - DoS
Dec 11, 2020
CVSS 3.1
EPSS 0.03
CVE-2020-26419
LOW
Wireshark 3.4.0 - Denial of Service via Memory Leak in Dissection Engine
Dec 11, 2020
CVSS 3.1
EPSS 0.03
CVE-2020-26418
LOW
Wireshark <3.4.0, 3.2.0-3.2.8 - DoS
Dec 11, 2020
CVSS 3.1
EPSS 0.03
CVE-2020-35132
MEDIUM
phpldapadmin < 1.2.6.2 - Stored Cross-Site Scripting via get_request in lib/function.php
Dec 11, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-27828
HIGH
jasper < 2.0.23 - Arbitrary Out-of-Bounds Write via JPC Encoder
Dec 11, 2020
CVSS 7.8
EPSS 0.01
CVE-2020-29668
LOW
Sympa < 6.2.59b.2 - Unauthenticated Improper Authentication via SOAP API Cookie Handling
Dec 10, 2020
CVSS 3.7
EPSS 0.02
CVE-2020-16592
MEDIUM
GNU Binutils 2.34 - Use-After-Free in BFD Library via Crafted File
Dec 09, 2020
CVSS 5.5
EPSS 0.01
CVE-2020-26257
MEDIUM
Matrix Synapse < 1.23.1 - Denial of Service via Malformed Federation Event Injection
Dec 09, 2020
CVSS 6.5
EPSS 0.02
CVE-2020-29661
HIGH
Linux kernel <5.9.13 - Use After Free
Dec 09, 2020
CVSS 7.8
EPSS 0.01
CVE-2020-29660
MEDIUM
Linux kernel <5.9.14 - Read-After-Free
Dec 09, 2020
CVSS 4.4
EPSS 0.00
CVE-2020-29651
HIGH
Python <1.9.0 - DoS
Dec 09, 2020
CVSS 7.5
EPSS 0.05
CVE-2020-27918
HIGH
iCloud < 11.5 - Use-After-Free
Dec 08, 2020
CVSS 7.8
EPSS 0.01
CVE-2020-25664
MEDIUM
ImageMagick < 6.9.10-68 - Heap-based Buffer Overflow in WriteOnePNGImage
Dec 08, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-1971
MEDIUM
OpenSSL 1.0.2-1.0.2w and 1.1.1-1.1.1h - Denial of Service via EDIPARTYNAME NULL Pointer Dereference
Dec 08, 2020
CVSS 5.9
EPSS 0.07
CVE-2020-27818
LOW
pngcheck 2.4.0 - Denial of Service via check_chunk_name() Function
Dec 08, 2020
CVSS 3.3
EPSS 0.01
CVE-2020-29600
CRITICAL
AWStats < 7.7 - Path Traversal via config Parameter
Dec 07, 2020
CVSS 9.8
EPSS 0.03
CVE-2020-29562
MEDIUM
glibc 2.30-2.32 - Denial of Service via Iconv UCS4 Character Conversion
Dec 04, 2020
CVSS 4.8
EPSS 0.02
CVE-2020-27783
MEDIUM
lxml < 4.6.2 - Cross-Site Scripting via Clean Module Parser
Dec 03, 2020
CVSS 6.1
EPSS 0.04
CVE-2020-25693
HIGH
CImg < 2.9.3 - Integer Overflow and Heap Buffer Overflow in load_pnm()
Dec 03, 2020
CVSS 8.1
EPSS 0.01
CVE-2020-25649
HIGH
jackson-databind 2.6.0-2.6.7.3 - XML External Entity Injection
Dec 03, 2020
CVSS 7.5
EPSS 0.18
CVE-2020-13584
HIGH
WebKitGTK 2.30.1 - Use-After-Free via Crafted HTML Web Page
Dec 03, 2020
CVSS 8.8
EPSS 0.04
CVE-2020-15257
MEDIUM
containerd <1.3.9 and <1.4.3 - Privilege Escalation
Dec 01, 2020
CVSS 5.2
EPSS 0.03
Products
fedora 5,353
extra_packages_for_enterprise_linux 76
389_directory_server 39
sssd 19
fedora_core 8
389_administration_server 1
anaconda 1
arm_installer 1
commons 1
coolkey 1
crypto-utils 1
fedmsg 1
fedora_linux_kernel 1
python-fedora 1
sectool 1
selinux-policy 1
spin-kickstarts 1
supybot-fedora 1
unbound 1
Quick Filters