fedoraproject

5,420 tracked vulnerabilities.

CVE-2023-4001 MEDIUM
GRUB2 - Authentication Bypass via Duplicate UUID Configuration File
Jan 15, 2024
CVSS 6.8
EPSS 0.00
CVE-2023-41056 HIGH
Redis 7.0.9-7.0.14 and 7.2.0-7.2.3 - Remote Code Execution via Heap Overflow
Jan 10, 2024
CVSS 8.1
EPSS 0.08
CVE-2023-5455 MEDIUM
FreeIPA < 4.6.10 - Cross-Site Request Forgery in Session Login
Jan 10, 2024
CVSS 6.5
EPSS 0.00
CVE-2023-6270 HIGH
Linux Kernel - Use-After-Free in ATA over Ethernet Driver
Jan 04, 2024
CVSS 7.0
EPSS 0.00
CVE-2023-6004 MEDIUM
libssh >=0.8.0 <0.9.8 - OS Command Injection via ProxyCommand or ProxyJump Hostname Parameter
Jan 03, 2024
CVSS 4.8
EPSS 0.00
CVE-2023-6693 MEDIUM
QEMU < 8.2.1 - Stack-based Buffer Overflow in virtio-net TX Flush
Jan 02, 2024
CVSS 4.9
EPSS 0.00
CVE-2023-7104 MEDIUM
SQLite < 3.43.0 - Heap-Based Buffer Overflow in sessionReadRecord
Dec 29, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-6879 CRITICAL
aomedia < 3.7.1 - Heap Overflow via Multi-Threaded Video Frame Resolution Increase
Dec 27, 2023
CVSS 9.0
EPSS 0.00
CVE-2023-7101 HIGH KEV
Spreadsheet::ParseExcel < 0.65 - Remote Code Execution via Number Format String Eval
Dec 24, 2023
CVSS 7.8
EPSS 0.56
CVE-2023-51767 HIGH
OpenSSH through 10.0 - Authentication Bypass via Row Hammer Bit Flip
Dec 24, 2023
CVSS 7.0
EPSS 0.00
CVE-2023-51766 MEDIUM
Exim < 4.97.1 - SMTP Smuggling via LF.CR.LF Sequence
Dec 24, 2023
CVSS 5.3
EPSS 0.02
CVE-2023-51764 MEDIUM
Postfix < 3.5.23 - SMTP Smuggling via Bare Newline Injection
Dec 24, 2023
CVSS 5.3
EPSS 0.28
CVE-2023-7024 HIGH KEV
Google Chrome < 120.0.6099.129 - Heap Buffer Overflow in WebRTC
Dec 21, 2023
CVSS 8.8
EPSS 0.03
CVE-2023-6546 HIGH
Linux kernel - Privilege Escalation
Dec 21, 2023
CVSS 7.0
EPSS 0.00
CVE-2023-4256 MEDIUM
tcpreplay - Denial of Service via Double Free in tcpedit_dlt_cleanup
Dec 21, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-4255 MEDIUM
tats w3m - Out-of-bounds Write in checkType() Function via Crafted HTML File
Dec 21, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-6918 LOW
libssh 0.9.0-0.9.8 - Denial of Service via Unchecked MD Return Values
Dec 19, 2023
CVSS 3.7
EPSS 0.00
CVE-2023-48795 MEDIUM NUCLEI
OpenSSH <9.6 - Open Redirect
Dec 18, 2023
CVSS 5.9
EPSS 0.53
CVE-2023-47038 HIGH
perl 5.30.0-5.38.0 - Heap-based Buffer Overflow via Crafted Regular Expression
Dec 18, 2023
CVSS 7.0
EPSS 0.00
CVE-2023-6702 HIGH
Google Chrome < 120.0.6099.109 - Remote Code Execution via V8 Type Confusion
Dec 14, 2023
CVSS 8.8
EPSS 0.58
CVE-2023-5764 HIGH
Ansible < 2.14.12 and 2.16.0-2.16.1 - Template Injection via Unsafe Data Handling
Dec 12, 2023
CVSS 7.1
EPSS 0.00
CVE-2023-46219 MEDIUM
curl 7.84.0-8.4.0 - Missing Encryption of Sensitive Data via HSTS File Handling
Dec 12, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-6679 MEDIUM
Linux Kernel - Denial of Service via Null Pointer Dereference in dpll_pin_parent_pin_set
Dec 11, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-6186 HIGH
LibreOffice 7.5.0-7.5.8 - Built-In Macro Execution Without Warning
Dec 11, 2023
CVSS 8.3
EPSS 0.01
CVE-2023-6185 HIGH
LibreOffice 7.5.0-7.5.8 - GStreamer Plugin Execution via Embedded Video Filename
Dec 11, 2023
CVSS 8.3
EPSS 0.01
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV