fedoraproject

5,423 tracked vulnerabilities.

CVE-2020-8284 LOW
curl < 7.73.0 - Exposure of Sensitive Information via FTP PASV Response
Dec 14, 2020
CVSS 3.7
EPSS 0.04
CVE-2020-35176 MEDIUM
AWStats < 7.8 - Path Traversal via Partial Absolute Pathname
Dec 12, 2020
CVSS 5.3
EPSS 0.02
CVE-2020-26421 MEDIUM
Wireshark <3.4.0, 3.2.0-3.2.8 - DoS
Dec 11, 2020
CVSS 4.2
EPSS 0.03
CVE-2020-26420 LOW
Wireshark <3.4.0, 3.2.0-3.2.8 - DoS
Dec 11, 2020
CVSS 3.1
EPSS 0.03
CVE-2020-26419 LOW
Wireshark 3.4.0 - Denial of Service via Memory Leak in Dissection Engine
Dec 11, 2020
CVSS 3.1
EPSS 0.03
CVE-2020-26418 LOW
Wireshark <3.4.0, 3.2.0-3.2.8 - DoS
Dec 11, 2020
CVSS 3.1
EPSS 0.03
CVE-2020-35132 MEDIUM
phpldapadmin < 1.2.6.2 - Stored Cross-Site Scripting via get_request in lib/function.php
Dec 11, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-27828 HIGH
jasper < 2.0.23 - Arbitrary Out-of-Bounds Write via JPC Encoder
Dec 11, 2020
CVSS 7.8
EPSS 0.01
CVE-2020-29668 LOW
Sympa < 6.2.59b.2 - Unauthenticated Improper Authentication via SOAP API Cookie Handling
Dec 10, 2020
CVSS 3.7
EPSS 0.02
CVE-2020-16592 MEDIUM
GNU Binutils 2.34 - Use-After-Free in BFD Library via Crafted File
Dec 09, 2020
CVSS 5.5
EPSS 0.01
CVE-2020-26257 MEDIUM
Matrix Synapse < 1.23.1 - Denial of Service via Malformed Federation Event Injection
Dec 09, 2020
CVSS 6.5
EPSS 0.02
CVE-2020-29661 HIGH
Linux kernel <5.9.13 - Use After Free
Dec 09, 2020
CVSS 7.8
EPSS 0.01
CVE-2020-29660 MEDIUM
Linux kernel <5.9.14 - Read-After-Free
Dec 09, 2020
CVSS 4.4
EPSS 0.00
CVE-2020-29651 HIGH
Python <1.9.0 - DoS
Dec 09, 2020
CVSS 7.5
EPSS 0.05
CVE-2020-27918 HIGH
iCloud < 11.5 - Use-After-Free
Dec 08, 2020
CVSS 7.8
EPSS 0.01
CVE-2020-25664 MEDIUM
ImageMagick < 6.9.10-68 - Heap-based Buffer Overflow in WriteOnePNGImage
Dec 08, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-1971 MEDIUM
OpenSSL 1.0.2-1.0.2w and 1.1.1-1.1.1h - Denial of Service via EDIPARTYNAME NULL Pointer Dereference
Dec 08, 2020
CVSS 5.9
EPSS 0.07
CVE-2020-27818 LOW
pngcheck 2.4.0 - Denial of Service via check_chunk_name() Function
Dec 08, 2020
CVSS 3.3
EPSS 0.01
CVE-2020-29600 CRITICAL
AWStats < 7.7 - Path Traversal via config Parameter
Dec 07, 2020
CVSS 9.8
EPSS 0.03
CVE-2020-29562 MEDIUM
glibc 2.30-2.32 - Denial of Service via Iconv UCS4 Character Conversion
Dec 04, 2020
CVSS 4.8
EPSS 0.02
CVE-2020-27783 MEDIUM
lxml < 4.6.2 - Cross-Site Scripting via Clean Module Parser
Dec 03, 2020
CVSS 6.1
EPSS 0.04
CVE-2020-25693 HIGH
CImg < 2.9.3 - Integer Overflow and Heap Buffer Overflow in load_pnm()
Dec 03, 2020
CVSS 8.1
EPSS 0.01
CVE-2020-25649 HIGH
jackson-databind 2.6.0-2.6.7.3 - XML External Entity Injection
Dec 03, 2020
CVSS 7.5
EPSS 0.18
CVE-2020-13584 HIGH
WebKitGTK 2.30.1 - Use-After-Free via Crafted HTML Web Page
Dec 03, 2020
CVSS 8.8
EPSS 0.04
CVE-2020-15257 MEDIUM
containerd <1.3.9 and <1.4.3 - Privilege Escalation
Dec 01, 2020
CVSS 5.2
EPSS 0.03