fedoraproject

5,420 tracked vulnerabilities.

CVE-2023-3214 HIGH
Google Chrome < 114.0.5735.133 - Use-After-Free in Autofill Payments
Jun 13, 2023
CVSS 8.8
EPSS 0.02
CVE-2023-20867 LOW KEV
VMware Tools 10.3.0-12.2.5 - Improper Authentication
Jun 13, 2023
CVSS 3.9
EPSS 0.03
CVE-2023-3161 MEDIUM
Linux Kernel < 6.2 - Denial of Service via Framebuffer Console Font Width/Height Shift
Jun 12, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-2455 MEDIUM
PostgreSQL 11.0-11.19 - Incorrect Row Security Policy Application via Role Change
Jun 09, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-2454 HIGH
PostgreSQL >=11.0 <11.20 - Authenticated Remote Code Execution via schema_element
Jun 09, 2023
CVSS 7.2
EPSS 0.00
CVE-2023-32732 MEDIUM
gRPC < 1.53.0 - Denial of Service via Base64 Encoding Error in -bin Headers
Jun 09, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-29405 CRITICAL
GO < 1.19.10 - Injection
Jun 08, 2023
CVSS 9.8
EPSS 0.00
CVE-2023-29404 CRITICAL
GO < 1.19.10 - Code Injection
Jun 08, 2023
CVSS 9.8
EPSS 0.00
CVE-2023-29403 HIGH
GO < 1.19.10 - Exposure to Wrong Actor
Jun 08, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-29402 CRITICAL
Go - Code Injection
Jun 08, 2023
CVSS 9.8
EPSS 0.00
CVE-2023-34969 MEDIUM
Freedesktop Dbus < 1.12.28 - Improper Resource Release
Jun 08, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-2603 HIGH
libcap < 2.69 - Integer Overflow in _libcap_strdup()
Jun 06, 2023
CVSS 7.8
EPSS 0.01
CVE-2023-2602 LOW
libcap - Use-After-Free in pthread_create
Jun 06, 2023
CVSS 3.3
EPSS 0.00
CVE-2023-33460 MEDIUM
yajl 2.1.0 - Memory Leak via yajl_tree_parse Function
Jun 06, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-3079 HIGH KEV
Google Chrome <114.0.5735.110 - Heap Corruption
Jun 05, 2023
CVSS 8.8
EPSS 0.02
CVE-2023-34410 MEDIUM
Debian Linux < 5.15.15 - Improper Certificate Validation
Jun 05, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-34153 HIGH
ImageMagick < 7.1.1-11 - OS Command Injection via video:vsync or video:pixel-format Options
May 30, 2023
CVSS 7.8
EPSS 0.01
CVE-2023-34152 CRITICAL
ImageMagick - Remote Code Execution via OpenBlob Pipe Handling
May 30, 2023
CVSS 9.8
EPSS 0.69
CVE-2023-34151 MEDIUM
ImageMagick < 7.1.1-11 - Integer Overflow in SVG and MVG Coders
May 30, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-28322 LOW
curl < 8.1.0 - Information Disclosure via Reused Handle PUT-to-POST Transition
May 26, 2023
CVSS 3.7
EPSS 0.01
CVE-2023-28321 MEDIUM
curl < 8.1.0 - Improper Certificate Validation via Wildcard Pattern Matching
May 26, 2023
CVSS 5.9
EPSS 0.00
CVE-2023-32681 MEDIUM
Requests 2.3.0-2.31.0 - Proxy-Authorization Header Leak via HTTPS Redirect
May 26, 2023
CVSS 6.1
EPSS 0.06
CVE-2023-2283 MEDIUM
libssh 0.9.1-0.9.6 - Authentication Bypass via pki_verify_data_signature Memory Allocation Error
May 26, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-22970 HIGH
Bottles < 51.0 - Remote Code Execution via YAML Load
May 26, 2023
CVSS 7.8
EPSS 0.01
CVE-2023-1981 MEDIUM
avahi - Denial of Service via D-Bus Call
May 26, 2023
CVSS 5.5
EPSS 0.00
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV