fedoraproject

5,420 tracked vulnerabilities.

CVE-2022-48303 MEDIUM
GNU Tar <= 1.34 - Out-of-bounds Read in V7 Archive Header Parser
Jan 30, 2023
CVSS 5.5
EPSS 0.00
CVE-2022-4285 MEDIUM
binutils 2.35-2.39-6 - Denial of Service via Corrupt ELF Symbol Version Parsing
Jan 27, 2023
CVSS 5.5
EPSS 0.00
CVE-2022-47021 HIGH
opusfile 0.9-0.12 - Null Pointer Dereference in op_get_data and op_open1
Jan 20, 2023
CVSS 7.8
EPSS 0.00
CVE-2022-47318 HIGH
ruby-git <v1.13.0 - Command Injection
Jan 17, 2023
CVSS 8.0
EPSS 0.00
CVE-2022-3592 MEDIUM
Samba 4.17.0-4.17.1 - Symbolic Link Following via SMB1 Unix Extensions or NFS
Jan 12, 2023
CVSS 6.5
EPSS 0.01
CVE-2022-3437 MEDIUM
Samba 4.0.0-4.15.10 - Heap-based Buffer Overflow in GSSAPI DES/3DES Decryption
Jan 12, 2023
CVSS 6.5
EPSS 0.01
CVE-2022-47927 MEDIUM
MediaWiki Credential Exposure via SQLite File Permissions
Jan 12, 2023
CVSS 5.5
EPSS 0.00
CVE-2022-4379 HIGH
Linux Kernel >=5.6 <5.10.177 - Use-After-Free in __nfs42_ssc_open
Jan 10, 2023
CVSS 7.5
EPSS 0.00
CVE-2022-46175 HIGH
json5 <1.0.2 and >=2.0.0 <2.2.2 - Prototype Pollution via __proto__ Key Parsing
Dec 24, 2022
CVSS 7.1
EPSS 0.44
CVE-2022-43551 HIGH
curl < 7.87.0 - Cleartext Transmission of Sensitive Information via HSTS Bypass
Dec 23, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-3109 HIGH
Debian Linux < 5.0.3 - NULL Pointer Dereference
Dec 16, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-46393 CRITICAL
Mbed TLS <2.28.2,3.x <3.3.0 - Buffer Overflow
Dec 15, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-46392 MEDIUM
Mbed TLS <2.28.2, <3.3.0 - Info Disclosure
Dec 15, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-4283 HIGH
X.Org X Server - Use-After-Free in XkbCopyNames via XkbGetKbdByName Request
Dec 14, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-46344 HIGH
X.Org X Server - Out-of-bounds Read in XIChangeProperty Request Handler
Dec 14, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-46343 HIGH
X.Org X Server - Use-After-Free in ScreenSaverSetAttributes Request Handler
Dec 14, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-46342 HIGH
X.Org X Server - Use-After-Free in XvdiSelectVideoNotify Request Handler
Dec 14, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-46341 HIGH
X.Org X Server - Out-of-bounds Write via XIPassiveUngrab Request Handler
Dec 14, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-46340 HIGH
X.Org X Server - Out-of-bounds Write in XTest Extension via GenericEvents
Dec 14, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-2601 HIGH
GRUB2 < 2.06 - Heap-based Buffer Overflow via Crafted PF2 Font
Dec 14, 2022
CVSS 8.6
EPSS 0.00
CVE-2022-4223 HIGH NUCLEI
pgAdmin 4 < 6.17 - Unauthenticated Remote Code Execution via External Utility Path Validation API
Dec 13, 2022
CVSS 8.8
EPSS 0.88
CVE-2022-4170 CRITICAL
rxvt-unicode - Remote Code Execution in Perl Background Extension
Dec 09, 2022
CVSS 9.8
EPSS 0.03
CVE-2022-41717 MEDIUM
Go Server < - Memory Corruption
Dec 08, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-4123 LOW
Podman - Path Traversal
Dec 08, 2022
CVSS 3.3
EPSS 0.00
CVE-2022-4122 MEDIUM
Podman < 4.5.0 - Information Disclosure via Symlink Following in .containerignore and .dockerignore
Dec 08, 2022
CVSS 5.3
EPSS 0.00
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV