fedoraproject

5,420 tracked vulnerabilities.

CVE-2023-26081 HIGH
Epiphany < 43.1 - Password Exfiltration via Autofill in Sandboxed Contexts
Feb 20, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-24329 HIGH
Python < 3.11.4 - URL Blocklist Bypass via Leading Blank Characters in urllib.parse
Feb 17, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-0361 HIGH
GnuTLS - Timing Side-Channel in RSA ClientKeyExchange Handling
Feb 15, 2023
CVSS 7.4
EPSS 0.04
CVE-2023-0003 MEDIUM
Palo Alto Networks Cortex XSOAR - Info Disclosure
Feb 08, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-25193 HIGH
HarfBuzz < 6.0.0 - Denial of Service via O(n^2) Growth in Mark Attachment
Feb 04, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-25136 MEDIUM
OpenSSH 9.1 - Unauthenticated Double Free in KEX Algorithms Handling
Feb 03, 2023
CVSS 6.5
EPSS 0.88
CVE-2023-22809 HIGH
Sudoedit Extra Arguments Priv Esc
Jan 18, 2023
CVSS 7.8
EPSS 0.49
CVE-2023-22298 MEDIUM
pgAdmin 4 < 6.14 - Unauthenticated Open Redirect via Crafted URL
Jan 17, 2023
CVSS 6.1
EPSS 0.01
CVE-2023-23589 MEDIUM
Tor < 0.4.7.13 - Protection Mechanism Failure in SafeSocks Option
Jan 14, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-23457 MEDIUM
UPX < 2022-11-23 - Denial of Service via Crafted Input File
Jan 12, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-23456 MEDIUM
UPX < 2022-11-24 - Heap-Based Buffer Overflow in PackTmt::pack()
Jan 12, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-22945 MEDIUM
MediaWiki GrowthExperiments < 1.39.0 - Incorrect Authorization in Mentor List Management
Jan 11, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-21538 HIGH
.NET - Denial of Service via Untrusted Data Deserialization
Jan 10, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-22911 MEDIUM
MediaWiki < 1.35.9, 1.36.x-1.38.x < 1.38.5, 1.39.x < 1.39.1 - XSS via E-Widgets HTML Attribute
Jan 10, 2023
CVSS 6.1
EPSS 0.01
CVE-2023-22909 MEDIUM
MediaWiki < 1.35.9, 1.36.x-1.38.x < 1.38.5, 1.39.x < 1.39.1 - Denial of Service via SpecialMobileHistory
Jan 10, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-0049 HIGH
vim/vim <9.0.1143 - Info Disclosure
Jan 04, 2023
CVSS 7.8
EPSS 0.00
CVE-2022-24810 MEDIUM
net-snmp < 5.9.2 - Authenticated Denial of Service via Malformed OID in nsVacmAccessTable
Apr 16, 2024
CVSS 6.5
EPSS 0.00
CVE-2022-24809 MEDIUM
net-snmp < 5.9.2 - Authenticated Denial of Service via Malformed OID in GET-NEXT Request
Apr 16, 2024
CVSS 6.5
EPSS 0.00
CVE-2022-24808 MEDIUM
net-snmp < 5.9.2 - Authenticated NULL Pointer Dereference via Malformed OID in SET Request
Apr 16, 2024
CVSS 6.5
EPSS 0.00
CVE-2022-24807 MEDIUM
net-snmp < 5.9.2 - Authenticated Buffer Overflow via Malformed OID in SET Request
Apr 16, 2024
CVSS 6.5
EPSS 0.00
CVE-2022-24806 MEDIUM
net-snmp < 5.9.2 - Authenticated Improper Input Validation via Malformed OID SET Requests
Apr 16, 2024
CVSS 6.5
EPSS 0.00
CVE-2022-24805 MEDIUM
net-snmp < 5.9.2 - Authenticated Buffer Overflow in NET-SNMP-VACM-MIB INDEX Handling
Apr 16, 2024
CVSS 6.5
EPSS 0.00
CVE-2022-4318 HIGH
cri-o < 1.26.0 - Arbitrary File Write via Environment Variable
Sep 25, 2023
CVSS 7.8
EPSS 0.00
CVE-2022-48541 HIGH
ImageMagick 7.0.10-45 and 6.9.11-22 - Denial of Service via Memory Leak in 'identify -help' Command
Aug 22, 2023
CVSS 7.1
EPSS 0.01
CVE-2022-48065 MEDIUM
GNU Binutils < 2.40 - Use-After-Free in find_abstract_instance
Aug 22, 2023
CVSS 5.5
EPSS 0.00
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV