fedoraproject

5,420 tracked vulnerabilities.

CVE-2022-39316 MEDIUM
FreeRDP < 2.9.0 - Out-of-bounds Read in ZGFX Decoder
Nov 16, 2022
CVSS 4.8
EPSS 0.00
CVE-2022-37290 MEDIUM
GNOME Nautilus 42.2 - Denial of Service via Pasted ZIP Archive
Nov 14, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-45188 HIGH
netatalk <= 3.1.13 - Heap-based Buffer Overflow via Crafted .appl File
Nov 12, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-41854 MEDIUM
SnakeYAML < 1.32 - Denial of Service via Stack Overflow in YAML Parser
Nov 11, 2022
CVSS 5.8
EPSS 0.00
CVE-2022-45063 CRITICAL
xterm < 375 - Remote Code Execution via Font Operations
Nov 10, 2022
CVSS 9.8
EPSS 0.18
CVE-2022-38023 HIGH
Netlogon RPC - Privilege Escalation
Nov 09, 2022
CVSS 8.1
EPSS 0.00
CVE-2022-37967 HIGH
Windows Kerberos - Privilege Escalation
Nov 09, 2022
CVSS 7.2
EPSS 0.03
CVE-2022-37966 HIGH
Windows Kerberos <RC4-HMAC - Privilege Escalation
Nov 09, 2022
CVSS 8.1
EPSS 0.01
CVE-2022-23824 MEDIUM
Xen - Information Disclosure via IBPB Branch Prediction
Nov 09, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-45062 CRITICAL
Xfce xfce4-settings <4.16.4-4.17.1 - Command Injection
Nov 09, 2022
CVSS 9.8
EPSS 0.04
CVE-2022-45061 HIGH
Python < 3.11.1 - Denial of Service via IDNA Decoder Quadratic Algorithm
Nov 09, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-45060 HIGH
Varnish Cache 5.x 6.x < 6.0.11 7.x < 7.1.2 7.2.x < 7.2.1 - HTTP Request Forgery via HTTP/2 Pseudo-Headers
Nov 09, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-45059 HIGH
Varnish Cache 7.x < 7.1.2 and 7.2.x < 7.2.1 - HTTP Request Smuggling via Hop-by-Hop Header Handling
Nov 09, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-3821 MEDIUM
systemd < 251 - Denial of Service via format_timespan() Off-by-one Error
Nov 08, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-39377 HIGH
sysstat 9.1.16-12.7.0 - Remote Code Execution via Buffer Size Overflow in sa_common.c
Nov 08, 2022
CVSS 7.0
EPSS 0.01
CVE-2022-42920 CRITICAL
Apache Commons BCEL < 6.6.0 - Arbitrary Bytecode Generation via Out-of-bounds Write
Nov 07, 2022
CVSS 9.8
EPSS 0.04
CVE-2022-42919 HIGH
Python 3.9.x < 3.9.16 and 3.10.x < 3.10.9 - Privilege Escalation via Pickle Deserialization
Nov 07, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-40284 HIGH
NTFS-3G < 2022.10.3 - Buffer Overflow via Crafted NTFS Metadata
Nov 06, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-44638 HIGH
pixman < 0.42.2 - Heap-Based Buffer Overflow via Integer Overflow in pixman_sample_floor_y
Nov 03, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-39379 LOW
Fluentd 1.13.2-1.15.2 - Unauthenticated Remote Code Execution via JSON Payload Deserialization
Nov 02, 2022
CVSS 3.1
EPSS 0.08
CVE-2022-42824 MEDIUM
Safari < 16.1 - Information Disclosure via Malicious Web Content
Nov 01, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-42823 HIGH
Safari < 16.1 - Remote Code Execution via Type Confusion
Nov 01, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-42799 MEDIUM
Safari < 16.1 - User Interface Spoofing via Malicious Website
Nov 01, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-3786 HIGH
OpenSSL 3.0.0-3.0.7 - Buffer Overflow in X.509 Certificate Name Constraint Checking
Nov 01, 2022
CVSS 7.5
EPSS 0.27
CVE-2022-3602 HIGH
OpenSSL 3.0.0-3.0.6 - Buffer Overflow in X.509 Certificate Name Constraint Checking
Nov 01, 2022
CVSS 7.5
EPSS 0.84
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV