fedoraproject
5,423 tracked vulnerabilities.
CVE-2023-27320
HIGH
sudo < 1.9.13p2 - Use-After-Free in Per-Command Chroot Feature
Feb 28, 2023
CVSS 7.2
EPSS 0.02
CVE-2023-1055
MEDIUM
Red Hat Directory Server 11 and 12 - Sensitive Information Disclosure via UserPassword Attribute Misdirection
Feb 27, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-23916
MEDIUM
curl 7.57.0-7.87.0 - Denial of Service via HTTP Compression Header Chain
Feb 23, 2023
CVSS 6.5
EPSS 0.02
CVE-2023-26081
HIGH
Epiphany < 43.1 - Password Exfiltration via Autofill in Sandboxed Contexts
Feb 20, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-24329
HIGH
Python < 3.11.4 - URL Blocklist Bypass via Leading Blank Characters in urllib.parse
Feb 17, 2023
CVSS 7.5
EPSS 0.20
CVE-2023-0361
HIGH
GnuTLS - Timing Side-Channel in RSA ClientKeyExchange Handling
Feb 15, 2023
CVSS 7.4
EPSS 0.01
CVE-2023-0003
MEDIUM
Palo Alto Networks Cortex XSOAR - Info Disclosure
Feb 08, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-25193
HIGH
HarfBuzz < 6.0.0 - Denial of Service via O(n^2) Growth in Mark Attachment
Feb 04, 2023
CVSS 7.5
EPSS 0.02
CVE-2023-25136
MEDIUM
OpenSSH 9.1 - Unauthenticated Double Free in KEX Algorithms Handling
Feb 03, 2023
CVSS 6.5
EPSS 0.90
CVE-2023-22809
HIGH
Sudoedit Extra Arguments Priv Esc
Jan 18, 2023
CVSS 7.8
EPSS 0.55
CVE-2023-22298
MEDIUM
pgAdmin 4 < 6.14 - Unauthenticated Open Redirect via Crafted URL
Jan 17, 2023
CVSS 6.1
EPSS 0.01
CVE-2023-23589
MEDIUM
Tor < 0.4.7.13 - Protection Mechanism Failure in SafeSocks Option
Jan 14, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-23457
MEDIUM
UPX < 2022-11-23 - Denial of Service via Crafted Input File
Jan 12, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-23456
MEDIUM
UPX < 2022-11-24 - Heap-Based Buffer Overflow in PackTmt::pack()
Jan 12, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-22945
MEDIUM
MediaWiki GrowthExperiments < 1.39.0 - Incorrect Authorization in Mentor List Management
Jan 11, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-21538
HIGH
.NET - Denial of Service via Untrusted Data Deserialization
Jan 10, 2023
CVSS 7.5
EPSS 0.03
CVE-2023-22911
MEDIUM
MediaWiki < 1.35.9, 1.36.x-1.38.x < 1.38.5, 1.39.x < 1.39.1 - XSS via E-Widgets HTML Attribute
Jan 10, 2023
CVSS 6.1
EPSS 0.01
CVE-2023-22909
MEDIUM
MediaWiki < 1.35.9, 1.36.x-1.38.x < 1.38.5, 1.39.x < 1.39.1 - Denial of Service via SpecialMobileHistory
Jan 10, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-0049
HIGH
vim/vim <9.0.1143 - Info Disclosure
Jan 04, 2023
CVSS 7.8
EPSS 0.00
CVE-2022-24810
MEDIUM
net-snmp < 5.9.2 - Authenticated Denial of Service via Malformed OID in nsVacmAccessTable
Apr 16, 2024
CVSS 6.5
EPSS 0.01
CVE-2022-24809
MEDIUM
net-snmp < 5.9.2 - Authenticated Denial of Service via Malformed OID in GET-NEXT Request
Apr 16, 2024
CVSS 6.5
EPSS 0.01
CVE-2022-24808
MEDIUM
net-snmp < 5.9.2 - Authenticated NULL Pointer Dereference via Malformed OID in SET Request
Apr 16, 2024
CVSS 6.5
EPSS 0.01
CVE-2022-24807
MEDIUM
net-snmp < 5.9.2 - Authenticated Buffer Overflow via Malformed OID in SET Request
Apr 16, 2024
CVSS 6.5
EPSS 0.01
CVE-2022-24806
MEDIUM
net-snmp < 5.9.2 - Authenticated Improper Input Validation via Malformed OID SET Requests
Apr 16, 2024
CVSS 6.5
EPSS 0.01
CVE-2022-24805
MEDIUM
net-snmp < 5.9.2 - Authenticated Buffer Overflow in NET-SNMP-VACM-MIB INDEX Handling
Apr 16, 2024
CVSS 6.5
EPSS 0.01
Products
fedora 5,353
extra_packages_for_enterprise_linux 76
389_directory_server 39
sssd 19
fedora_core 8
389_administration_server 1
anaconda 1
arm_installer 1
commons 1
coolkey 1
crypto-utils 1
fedmsg 1
fedora_linux_kernel 1
python-fedora 1
sectool 1
selinux-policy 1
spin-kickstarts 1
supybot-fedora 1
unbound 1
Quick Filters