fedoraproject

5,420 tracked vulnerabilities.

CVE-2023-28447 HIGH
Smarty < 3.1.48 and >=4.0.0 <4.3.1 - Cross-Site Scripting
Mar 28, 2023
CVSS 7.1
EPSS 0.01
CVE-2023-0179 HIGH
Linux Kernel 5.5.0-5.10.164 - Local Privilege Escalation via Netfilter Buffer Overflow
Mar 27, 2023
CVSS 7.8
EPSS 0.01
CVE-2023-1073 MEDIUM
Linux Kernel - Memory Corruption in HID Subsystem via Malicious USB Device
Mar 27, 2023
CVSS 6.6
EPSS 0.00
CVE-2023-0494 HIGH
X.Org X Server < 21.1.7 - Use-After-Free in DeepCopyPointerClasses
Mar 27, 2023
CVSS 7.8
EPSS 0.01
CVE-2023-28686 HIGH
Dino <0.2.3, 0.3.x <0.3.2, 0.4.x <0.4.2 - Info Disclosure
Mar 24, 2023
CVSS 7.1
EPSS 0.00
CVE-2023-28336 MEDIUM
Moodle 3.9.0-3.9.19 and 4.1.0-4.1.1 - Exposure of Sensitive Information via Grade Report History
Mar 23, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-28333 CRITICAL
moodle 3.9.0-3.9.19 and 4.1.0-4.1.1 - Code Injection via Mustache Pix Helper
Mar 23, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-1513 LOW
Linux Kernel < 6.2 - Information Disclosure via KVM_GET_DEBUGREGS Uninitialized Memory
Mar 23, 2023
CVSS 3.3
EPSS 0.00
CVE-2023-0056 MEDIUM
HAProxy - Denial of Service via Uncontrolled Resource Consumption
Mar 23, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-1544 MEDIUM
VMware's paravirtual RDMA - Memory Corruption
Mar 23, 2023
CVSS 6.0
EPSS 0.00
CVE-2023-1289 MEDIUM
ImageMagick < 7.1.1-0 - Denial of Service via Crafted SVG File
Mar 23, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-28439 MEDIUM
CKEditor4 4.0-4.20.2 - Stored Cross-Site Scripting in Iframe Dialog and Media Embed
Mar 22, 2023
CVSS 4.7
EPSS 0.01
CVE-2023-1534 HIGH
Google Chrome <111.0.5563.110 - Heap Corruption
Mar 21, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-1533 HIGH
Google Chrome <111.0.5563.110 - Use After Free
Mar 21, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-1532 HIGH
Google Chrome <111.0.5563.110 - Heap Corruption
Mar 21, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-1531 HIGH
Google Chrome <111.0.5563.110 - Use After Free
Mar 21, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-1530 HIGH
Google Chrome <111.0.5563.110 - Use After Free
Mar 21, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-1529 CRITICAL
Google Chrome <111.0.5563.110 - Memory Corruption
Mar 21, 2023
CVSS 9.8
EPSS 0.00
CVE-2023-1528 HIGH
Google Chrome <111.0.5563.110 - Use After Free
Mar 21, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-1264 MEDIUM
vim < 9.0.1392 - NULL Pointer Dereference
Mar 07, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-25358 HIGH
webkitgtk < 2.36.8 - Remote Code Execution via Use-After-Free in RenderLayer::addChild
Mar 02, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-1127 HIGH
vim < 9.0.1367 - Divide By Zero
Mar 01, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-27320 HIGH
sudo < 1.9.13p2 - Use-After-Free in Per-Command Chroot Feature
Feb 28, 2023
CVSS 7.2
EPSS 0.00
CVE-2023-1055 MEDIUM
Red Hat Directory Server 11 and 12 - Sensitive Information Disclosure via UserPassword Attribute Misdirection
Feb 27, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-23916 MEDIUM
curl 7.57.0-7.87.0 - Denial of Service via HTTP Compression Header Chain
Feb 23, 2023
CVSS 6.5
EPSS 0.00
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV