fedoraproject

5,420 tracked vulnerabilities.

CVE-2022-24439 HIGH
GitPython <3.1.30 - Remote Code Execution via Malicious Clone URL
Dec 06, 2022
CVSS 8.1
EPSS 0.69
CVE-2022-46391 MEDIUM
AWStats 7.0-7.8 - Cross-Site Scripting in Hostinfo Plugin via Net::XWhois Response
Dec 04, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-46149 MEDIUM
Cap'n Proto <0.7.1, <0.8.1, <0.9.2, <0.10.3 - Memory Corruption
Nov 30, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-4172 MEDIUM
QEMU - Buffer Overflow in ACPI ERST Device via read_erst_record() and write_erst_record()
Nov 29, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-4144 MEDIUM
QEMU < 7.1.0 - Out-of-bounds Read in QXL Display Device Emulation
Nov 29, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-4129 MEDIUM
Linux Layer 2 Tunneling Protocol < 6.0 - Denial of Service via Race Condition in sk_user_data Locking
Nov 28, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-45939 HIGH
GNU Emacs <= 28.2 - OS Command Injection via ctags Source-Code Filename
Nov 28, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-45934 HIGH
Linux Kernel 2.6.32-4.9.337 - Integer Overflow via L2CAP Configuration Request
Nov 27, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-45152 CRITICAL
Moodle < 3.9.18 - Server-Side Request Forgery via LTI Provider Library
Nov 25, 2022
CVSS 9.1
EPSS 0.00
CVE-2022-39346 LOW
Nextcloud Server < 22.2.10 - Denial of Service via Uncontrolled Display Name Length
Nov 25, 2022
CVSS 3.5
EPSS 0.02
CVE-2022-4141 HIGH
vim < 9.0.0946 - Heap-based Buffer Overflow via CTRL-W gf in Substitute Command
Nov 25, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-45873 MEDIUM
systemd 250-251 - Local Denial of Service via Coredump Deadlock
Nov 23, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-44789 HIGH
Artifex MuJS 1.0.0-1.3.x - Remote Code Execution via Crafted JavaScript File
Nov 23, 2022
CVSS 8.8
EPSS 0.03
CVE-2022-45866 MEDIUM
qpress < 11.3 - Path Traversal via .. in .qp File
Nov 23, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-45151 MEDIUM
Moodle 3.11.0-3.11.10 - Stored Cross-Site Scripting in User Profile Fields
Nov 23, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-45150 MEDIUM
Moodle 3.9.0-3.9.17 - Reflected Cross-Site Scripting in Policy Tool
Nov 23, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-45149 MEDIUM
Moodle 3.9.0-3.9.17 - Cross-Site Request Forgery via Course Redirect URL
Nov 23, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-3500 MEDIUM
keylime < 6.5.1 - Uncaught Exception Leading to Attestation Bypass
Nov 22, 2022
CVSS 5.1
EPSS 0.00
CVE-2022-36227 CRITICAL
libarchive <3.6.2 - Memory Corruption
Nov 22, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-39319 MEDIUM
FreeRDP < 2.9.0 - Out-of-bounds Read via urdbrc Channel
Nov 16, 2022
CVSS 4.6
EPSS 0.00
CVE-2022-39318 MEDIUM
FreeRDP < 2.9.0 - Denial of Service via urbdrc Channel Input Validation
Nov 16, 2022
CVSS 4.8
EPSS 0.00
CVE-2022-39317 MEDIUM
FreeRDP < 2.9.0 - Out-of-bounds Read in ZGFX Decoder
Nov 16, 2022
CVSS 4.6
EPSS 0.00
CVE-2022-41877 MEDIUM
FreeRDP < 2.9.0 - Out-of-Bounds Read via Drive Channel
Nov 16, 2022
CVSS 4.6
EPSS 0.00
CVE-2022-39347 LOW
FreeRDP < 2.9.0 - Path Traversal via Drive Channel
Nov 16, 2022
CVSS 2.6
EPSS 0.00
CVE-2022-39320 MEDIUM
FreeRDP < 2.9.0 - Out-of-bounds Read via USB Redirection
Nov 16, 2022
CVSS 5.5
EPSS 0.00
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV