fedoraproject

5,423 tracked vulnerabilities.

CVE-2023-27320 HIGH
sudo < 1.9.13p2 - Use-After-Free in Per-Command Chroot Feature
Feb 28, 2023
CVSS 7.2
EPSS 0.02
CVE-2023-1055 MEDIUM
Red Hat Directory Server 11 and 12 - Sensitive Information Disclosure via UserPassword Attribute Misdirection
Feb 27, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-23916 MEDIUM
curl 7.57.0-7.87.0 - Denial of Service via HTTP Compression Header Chain
Feb 23, 2023
CVSS 6.5
EPSS 0.02
CVE-2023-26081 HIGH
Epiphany < 43.1 - Password Exfiltration via Autofill in Sandboxed Contexts
Feb 20, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-24329 HIGH
Python < 3.11.4 - URL Blocklist Bypass via Leading Blank Characters in urllib.parse
Feb 17, 2023
CVSS 7.5
EPSS 0.20
CVE-2023-0361 HIGH
GnuTLS - Timing Side-Channel in RSA ClientKeyExchange Handling
Feb 15, 2023
CVSS 7.4
EPSS 0.01
CVE-2023-0003 MEDIUM
Palo Alto Networks Cortex XSOAR - Info Disclosure
Feb 08, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-25193 HIGH
HarfBuzz < 6.0.0 - Denial of Service via O(n^2) Growth in Mark Attachment
Feb 04, 2023
CVSS 7.5
EPSS 0.02
CVE-2023-25136 MEDIUM
OpenSSH 9.1 - Unauthenticated Double Free in KEX Algorithms Handling
Feb 03, 2023
CVSS 6.5
EPSS 0.90
CVE-2023-22809 HIGH
Sudoedit Extra Arguments Priv Esc
Jan 18, 2023
CVSS 7.8
EPSS 0.55
CVE-2023-22298 MEDIUM
pgAdmin 4 < 6.14 - Unauthenticated Open Redirect via Crafted URL
Jan 17, 2023
CVSS 6.1
EPSS 0.01
CVE-2023-23589 MEDIUM
Tor < 0.4.7.13 - Protection Mechanism Failure in SafeSocks Option
Jan 14, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-23457 MEDIUM
UPX < 2022-11-23 - Denial of Service via Crafted Input File
Jan 12, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-23456 MEDIUM
UPX < 2022-11-24 - Heap-Based Buffer Overflow in PackTmt::pack()
Jan 12, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-22945 MEDIUM
MediaWiki GrowthExperiments < 1.39.0 - Incorrect Authorization in Mentor List Management
Jan 11, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-21538 HIGH
.NET - Denial of Service via Untrusted Data Deserialization
Jan 10, 2023
CVSS 7.5
EPSS 0.03
CVE-2023-22911 MEDIUM
MediaWiki < 1.35.9, 1.36.x-1.38.x < 1.38.5, 1.39.x < 1.39.1 - XSS via E-Widgets HTML Attribute
Jan 10, 2023
CVSS 6.1
EPSS 0.01
CVE-2023-22909 MEDIUM
MediaWiki < 1.35.9, 1.36.x-1.38.x < 1.38.5, 1.39.x < 1.39.1 - Denial of Service via SpecialMobileHistory
Jan 10, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-0049 HIGH
vim/vim <9.0.1143 - Info Disclosure
Jan 04, 2023
CVSS 7.8
EPSS 0.00
CVE-2022-24810 MEDIUM
net-snmp < 5.9.2 - Authenticated Denial of Service via Malformed OID in nsVacmAccessTable
Apr 16, 2024
CVSS 6.5
EPSS 0.01
CVE-2022-24809 MEDIUM
net-snmp < 5.9.2 - Authenticated Denial of Service via Malformed OID in GET-NEXT Request
Apr 16, 2024
CVSS 6.5
EPSS 0.01
CVE-2022-24808 MEDIUM
net-snmp < 5.9.2 - Authenticated NULL Pointer Dereference via Malformed OID in SET Request
Apr 16, 2024
CVSS 6.5
EPSS 0.01
CVE-2022-24807 MEDIUM
net-snmp < 5.9.2 - Authenticated Buffer Overflow via Malformed OID in SET Request
Apr 16, 2024
CVSS 6.5
EPSS 0.01
CVE-2022-24806 MEDIUM
net-snmp < 5.9.2 - Authenticated Improper Input Validation via Malformed OID SET Requests
Apr 16, 2024
CVSS 6.5
EPSS 0.01
CVE-2022-24805 MEDIUM
net-snmp < 5.9.2 - Authenticated Buffer Overflow in NET-SNMP-VACM-MIB INDEX Handling
Apr 16, 2024
CVSS 6.5
EPSS 0.01