fedoraproject

5,420 tracked vulnerabilities.

CVE-2024-35947 MEDIUM
Linux Kernel < 4.19.314 - Denial of Service via dyndbg Control Parser
May 19, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-36048 CRITICAL
Qt <5.15.17, <6.2.13, <6.3-6.5.<6.5.6, <6.6-6.7.<6.7.1 - Info Discl...
May 18, 2024
CVSS 9.8
EPSS 0.00
CVE-2024-31142 HIGH
Xen < 4.15.6 - Protection Mechanism Failure in XSA-407 and XSA-434 Mitigation
May 16, 2024
CVSS 7.5
EPSS 0.03
CVE-2024-4950 MEDIUM
Google Chrome < 125.0.6422.60 - UI Spoofing via Crafted HTML Page
May 15, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-4949 MEDIUM
Google Chrome <125.0.6422.60 - Use After Free
May 15, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-4948 MEDIUM
Google Chrome <125.0.6422.60 - Use After Free
May 15, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-4947 CRITICAL KEV
Google Chrome < 125.0.6422.60 - Remote Code Execution via V8 Type Confusion
May 15, 2024
CVSS 9.6
EPSS 0.01
CVE-2024-3044 MEDIUM
LibreOffice < 7.6.7.1 - Unauthenticated Remote Code Execution via Graphic On-Click Script Binding
May 14, 2024
CVSS 6.5
EPSS 0.02
CVE-2024-32465 HIGH
Git < 2.39.4 - Path Traversal via Untrusted Repository Archive
May 14, 2024
CVSS 7.3
EPSS 0.00
CVE-2024-32021 LOW
Git <2.45.1-2.39.4 - Info Disclosure
May 14, 2024
CVSS 3.9
EPSS 0.00
CVE-2024-32020 LOW
Git <2.45.1-2.39.4 - Info Disclosure
May 14, 2024
CVSS 3.9
EPSS 0.00
CVE-2024-32004 HIGH
Git <2.45.1 - Remote Code Execution via Crafted Repository Clone
May 14, 2024
CVSS 8.1
EPSS 0.03
CVE-2024-4761 HIGH KEV
Google Chrome < 124.0.6367.207 - Out-of-bounds Write in V8
May 14, 2024
CVSS 8.8
EPSS 0.03
CVE-2024-4855 LOW
Wireshark 3.6.0-3.6.22 and 4.0.0-4.0.14 and 4.2.0-4.2.4 - Use-After-Free via Crafted Capture File
May 14, 2024
CVSS 3.6
EPSS 0.00
CVE-2024-4854 MEDIUM
Fedora < 3.6.22 - Infinite Loop
May 14, 2024
CVSS 6.4
EPSS 0.00
CVE-2024-4853 LOW
Wireshark 3.6.0-3.6.22 and 4.0.0-4.0.14 and 4.2.0-4.2.4 - Denial of Service via Crafted Capture File
May 14, 2024
CVSS 3.6
EPSS 0.00
CVE-2024-4671 CRITICAL KEV
Google Chrome < 124.0.6367.201 - Use-After-Free in Visuals
May 14, 2024
CVSS 9.6
EPSS 0.00
CVE-2024-34340 CRITICAL
Cacti < 1.2.27 - Type Juggling Authentication Bypass via Loose MD5 Comparison
May 14, 2024
CVSS 9.1
EPSS 0.01
CVE-2024-31460 MEDIUM
Cacti < 1.2.27 - SQL Injection via automation_tree_rules.php
May 14, 2024
CVSS 6.5
EPSS 0.02
CVE-2024-31459 HIGH
Cacti < 1.2.27 - Remote Code Execution via Plugin Hook File Inclusion
May 14, 2024
CVSS 8.0
EPSS 0.02
CVE-2024-31458 MEDIUM
Cacti < 1.2.27 - SQL Injection via form_save() Function
May 14, 2024
CVSS 4.6
EPSS 0.06
CVE-2024-31445 HIGH
Cacti < 1.2.27 - Authenticated SQL Injection via api_automation.php filter Parameter
May 14, 2024
CVSS 8.8
EPSS 0.39
CVE-2024-31444 MEDIUM
Cacti < 1.2.27 - Stored Cross-Site Scripting via automation_tree_rules_form_save
May 14, 2024
CVSS 4.6
EPSS 0.09
CVE-2024-31443 MEDIUM
Cacti < 1.2.27 - Stored Cross-Site Scripting via form_save() Data Handling
May 14, 2024
CVSS 5.7
EPSS 0.00
CVE-2024-29894 MEDIUM
Cacti < 1.2.27 - Stored Cross-Site Scripting via Unescaped PHP Variables
May 14, 2024
CVSS 5.4
EPSS 0.00
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV