fedoraproject

5,420 tracked vulnerabilities.

CVE-2023-5345 HIGH
Linux Kernel 6.0.16-6.1.56 - Use-After-Free in SMB Client fs/smb/client
Oct 03, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-5344 HIGH
vim < 9.0.1969 - Heap-based Buffer Overflow
Oct 02, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-44488 HIGH
libvpx < 1.13.1 - Denial of Service via VP9 Width Handling
Sep 30, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-43655 MEDIUM
Composer < 1.10.27 - Remote Code Execution via PHP register_argc_argv
Sep 29, 2023
CVSS 6.4
EPSS 0.01
CVE-2023-5217 HIGH KEV
libvpx < 1.13.1 - Heap Buffer Overflow in VP8 Encoding
Sep 28, 2023
CVSS 8.8
EPSS 0.05
CVE-2023-5187 HIGH
Google Chrome <117.0.5938.132 - Use After Free
Sep 28, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-5186 HIGH
Google Chrome <117.0.5938.132 - Use After Free
Sep 28, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-42756 MEDIUM
Linux Kernel < 6.6 - Denial of Service via Netfilter IPSET Race Condition
Sep 28, 2023
CVSS 4.4
EPSS 0.00
CVE-2023-42822 MEDIUM
xrdp < 0.9.23.1 - Out-of-bounds Read in xrdp_painter.c
Sep 27, 2023
CVSS 4.6
EPSS 0.00
CVE-2023-5171 MEDIUM
Firefox <118-0, Thunderbird <115.3 - Use After Free
Sep 27, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-5169 MEDIUM
Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3 - Out-of-bounds Write via PathRecording
Sep 27, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-5157 HIGH
MariaDB < 10.3.36 - Denial of Service via OpenVAS Port Scan
Sep 27, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-42453 LOW
Synapse >=1.34.0 <1.93.0 - Improper Authorization via Forged Read Receipts
Sep 27, 2023
CVSS 3.1
EPSS 0.00
CVE-2023-41335 LOW
Synapse 1.66.0-1.93.0 - Cleartext Storage of Sensitive Information in Database
Sep 27, 2023
CVSS 3.7
EPSS 0.00
CVE-2023-41074 HIGH
Safari < 17.0 - Remote Code Execution
Sep 27, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-35074 HIGH
Safari < 17.0 - Remote Code Execution via Memory Corruption
Sep 27, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-4156 MEDIUM
gawk < 5.1.1 - Heap Out-of-Bounds Read in builtin.c
Sep 25, 2023
CVSS 4.4
EPSS 0.00
CVE-2023-42811 MEDIUM
aes-gcm 0.10.0-0.10.2 - Improper Verification of Cryptographic Signature in decrypt_in_place_detached
Sep 22, 2023
CVSS 4.7
EPSS 0.00
CVE-2023-5002 MEDIUM
pgAdmin 4 < 7.7 - Authenticated OS Command Injection via External Utility Path Validation
Sep 22, 2023
CVSS 6.0
EPSS 0.24
CVE-2023-43090 MEDIUM
GNOME Shell 43-43.9 - Unauthenticated Information Disclosure via Lock Screen Screenshot Tool
Sep 22, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-4504 HIGH
CUPS < 2.4.7 - Heap-based Buffer Overflow via PPD PostScript Document
Sep 21, 2023
CVSS 7.0
EPSS 0.00
CVE-2023-41993 HIGH KEV
iPadOS < 17.0.1 - Remote Code Execution via Web Content Processing
Sep 21, 2023
CVSS 8.8
EPSS 0.24
CVE-2023-43669 HIGH
tungstenite < 0.20.1 - Denial of Service via Excessive HTTP Header Length
Sep 21, 2023
CVSS 7.5
EPSS 0.03
CVE-2023-4236 HIGH
BIND 9 <9.18.18-9.18.18.S1 - Use After Free
Sep 20, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-3341 HIGH
BIND 9.2.0-9.16.43, 9.18.0-9.18.18, 9.19.0-9.19.16 - DoS via Control Channel Packet Parsing
Sep 20, 2023
CVSS 7.5
EPSS 0.00
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV