fedoraproject

5,420 tracked vulnerabilities.

CVE-2023-34318 HIGH
sound_exchange - Heap-based Buffer Overflow in startread Function
Jul 10, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-32627 MEDIUM
Sound Exchange - Denial of Service
Jul 10, 2023
CVSS 6.2
EPSS 0.00
CVE-2023-26590 MEDIUM
sound_exchange - Denial of Service via Floating Point Exception in lsx_aiffstartwrite
Jul 10, 2023
CVSS 6.2
EPSS 0.00
CVE-2023-1183 MEDIUM
LibreOffice < 7.4.6 - Path Traversal and Arbitrary File Write via ODB Script Command
Jul 10, 2023
CVSS 5.0
EPSS 0.07
CVE-2023-35934 MEDIUM
yt-dlp <2023.07.06 - Cookie Leakage via Download Redirects and Fragments
Jul 06, 2023
CVSS 6.1
EPSS 0.01
CVE-2023-35001 HIGH
Linux Kernel 3.13-4.14.322 - Out-of-bounds Write in nftables nft_byteorder
Jul 05, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-31248 HIGH
Linux Kernel >=5.9 <5.10.188 - Use-After-Free in nft_chain_lookup_byid
Jul 05, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-36053 HIGH
Django 3.2-3.2.19, 4.0-4.1.9, 4.2-4.2.2 - Regular Expression Denial of Service in EmailValidator and URLValidator
Jul 03, 2023
CVSS 7.5
EPSS 0.10
CVE-2023-30589 HIGH
Node.js 16.0.0-16.20.1 - HTTP Request Smuggling via CR Delimiter in llhttp Parser
Jul 01, 2023
CVSS 7.5
EPSS 0.02
CVE-2023-1206 MEDIUM
Linux Kernel < 6.5 - Denial of Service via IPv6 Connection Lookup Table Hash Collision
Jun 30, 2023
CVSS 5.7
EPSS 0.00
CVE-2023-3432 CRITICAL
PlantUML < 1.2023.9 - Server-Side Request Forgery
Jun 27, 2023
CVSS 10.0
EPSS 0.00
CVE-2023-3431 MEDIUM
PlantUML < 1.2023.9 - Improper Access Control
Jun 27, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-36664 HIGH
Artifex Ghostscript <10.01.2 - Privilege Escalation
Jun 25, 2023
CVSS 7.8
EPSS 0.06
CVE-2023-3212 MEDIUM
Linux Kernel < 6.4 - NULL Pointer Dereference in GFS2 File System Evict Code
Jun 23, 2023
CVSS 4.4
EPSS 0.00
CVE-2023-34241 MEDIUM
OpenPrinting CUPS 2.0.0-2.4.6 - Use-After-Free in cupsdAcceptClient via httpClose
Jun 22, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-2911 HIGH
BIND 9.16.33-9.16.41 and 9.18.7-9.18.15 - Denial of Service via Stale Answer Lookup Stack Overflow
Jun 21, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-2828 HIGH
BIND 9.11.0-9.16.41, 9.18.0-9.18.15, 9.19.0-9.19.13 - Denial of Service via Cache Cleaning Algorithm Bypass
Jun 21, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-3195 MEDIUM
ImageMagick < 6.9.12-26 - Stack-based Buffer Overflow in TIFF Coder
Jun 16, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-34475 MEDIUM
ImageMagick < 7.1.1-10 - Use-After-Free in ReplaceXmpValue Function
Jun 16, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-34474 MEDIUM
ImageMagick < 7.1.1-10 - Heap-based Buffer Overflow in ReadTIM2ImageData
Jun 16, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-2431 LOW
Kubernetes < 1.24.14 - Seccomp Profile Enforcement Bypass via Empty Profile Field
Jun 16, 2023
CVSS 3.4
EPSS 0.00
CVE-2023-30631 HIGH
Apache Traffic Server 8.0.0-9.2.0 - Improper Input Validation in PUSH Method Handling
Jun 14, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-3217 HIGH
Google Chrome < 114.0.5735.133 - Use-After-Free in WebXR
Jun 13, 2023
CVSS 8.8
EPSS 0.17
CVE-2023-3216 HIGH
Google Chrome < 114.0.5735.133 - Remote Code Execution via V8 Type Confusion
Jun 13, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-3215 HIGH
Chrome < 114.0.5735.133 - Use-After-Free in WebRTC
Jun 13, 2023
CVSS 8.8
EPSS 0.21
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV