fedoraproject

5,420 tracked vulnerabilities.

CVE-2023-42852 HIGH
Safari < 17.1 - Remote Code Execution
Oct 25, 2023
CVSS 8.8
EPSS 0.02
CVE-2023-41983 MEDIUM
Safari < 17.1 - Denial of Service via Memory Handling Issue
Oct 25, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-5472 HIGH
Google Chrome < 118.0.5993.117 - Use-After-Free in Profiles via Crafted HTML Page
Oct 25, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-45802 MEDIUM
Apache HTTP Server 2.4.17-2.4.57 - Denial of Service via HTTP/2 Stream Reset
Oct 23, 2023
CVSS 5.9
EPSS 0.03
CVE-2023-31122 HIGH
Apache HTTP Server <2.4.57 - Buffer Overflow
Oct 23, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-5686 HIGH
radare2 < 5.9.0 - Heap-based Buffer Overflow
Oct 20, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-45145 LOW
Redis 2.6.0-6.2.13 - Unauthenticated Unauthorized Connection via Unix Socket Permission Race Condition
Oct 18, 2023
CVSS 3.6
EPSS 0.01
CVE-2023-5631 MEDIUM KEV
Roundcube Webmail < 1.4.15, 1.5.x < 1.5.5, 1.6.x < 1.6.4 - Stored Cross-Site Scripting via SVG in HTML Email
Oct 18, 2023
CVSS 6.1
EPSS 0.84
CVE-2023-39332 CRITICAL
Node.js 20.0.0-20.7.9 - Path Traversal via Uint8Array Path Handling
Oct 18, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-38552 HIGH
Node.js 18.0.0-18.18.0 and 20.x - Policy Integrity Check Bypass via Forged Checksum
Oct 18, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-38545 CRITICAL
libcurl 7.69.0-8.4.0 - Heap-Based Buffer Overflow in SOCKS5 Proxy Handshake
Oct 18, 2023
CVSS 9.8
EPSS 0.26
CVE-2023-22084 MEDIUM
MySQL Server <8.0.34, <5.7.44 - DoS
Oct 17, 2023
CVSS 4.9
EPSS 0.07
CVE-2023-45803 MEDIUM
urllib3 < 1.26.18 and 2.0.0-2.0.7 - Exposure of Sensitive Information via HTTP Redirect
Oct 17, 2023
CVSS 4.2
EPSS 0.00
CVE-2023-41752 HIGH
Apache Traffic Server 8.0.0-8.1.8 9.0.0-9.2.2 - Exposure of Sensitive Information
Oct 17, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-39456 HIGH
Apache Traffic Server 9.0.0-9.2.2 - Improper Input Validation via Malformed HTTP/2 Frames
Oct 17, 2023
CVSS 7.5
EPSS 0.08
CVE-2023-39999 MEDIUM
WordPress 4.1-6.3.1 - Exposure of Sensitive Information to an Unauthorized Actor
Oct 13, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-45143 LOW
Undici < 5.26.2 - Cookie Header Leakage on Cross-Origin Redirects
Oct 12, 2023
CVSS 3.9
EPSS 0.00
CVE-2023-43789 MEDIUM
libxpm < 3.5.17 - Out-of-bounds Read
Oct 12, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-5487 MEDIUM
Google Chrome <118.0.5993.70 - Auth Bypass
Oct 11, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-5484 MEDIUM
Google Chrome < 118.0.5993.70 - Security UI Spoofing via Crafted HTML Page
Oct 11, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-5475 MEDIUM
Google Chrome <118.0.5993.70 - Auth Bypass
Oct 11, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-5218 HIGH
Google Chrome < 118.0.5993.70 - Use-After-Free in Site Isolation
Oct 11, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-39325 HIGH
GO < 1.20.10 - Resource Allocation Without Limits
Oct 11, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-5535 HIGH
vim < 9.0.2010 - Use-After-Free
Oct 11, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-37536 HIGH
Xerces-C++ 3.2.3 - Integer Overflow via HTTP Request
Oct 11, 2023
CVSS 8.2
EPSS 0.01
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV