fedoraproject

5,420 tracked vulnerabilities.

CVE-2024-27834 MEDIUM
Safari < 17.5 - Pointer Authentication Bypass via Insecure Inherited Permissions
May 14, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-27401 HIGH
Linux Kernel 2.6.36-6.8.9 - Buffer Overflow via Firewire Packet Handling
May 14, 2024
CVSS 7.1
EPSS 0.00
CVE-2024-27400 MEDIUM
Linux Kernel 5.15.149-5.16 - Use-After-Free in amdgpu_ttm_move()
May 14, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-27399 MEDIUM
Linux kernel - Null Pointer Dereference
May 14, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-27398 HIGH
Linux Kernel - Use After Free
May 14, 2024
CVSS 7.8
EPSS 0.01
CVE-2024-25641 CRITICAL
Cacti Import Packages RCE
May 14, 2024
CVSS 9.1
EPSS 0.88
CVE-2024-4559 MEDIUM
Google Chrome < 124.0.6367.155 - Heap-based Buffer Overflow in WebAudio
May 07, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-4558 CRITICAL
Google Chrome < 124.0.6367.155 - Use-After-Free in ANGLE via Crafted HTML Page
May 07, 2024
CVSS 9.6
EPSS 0.02
CVE-2024-34397 MEDIUM
GNOME GLib <2.78.5, 2.79.x, 2.80.x - Info Disclosure
May 07, 2024
CVSS 5.2
EPSS 0.00
CVE-2024-34069 HIGH
Werkzeug < 3.0.3 - Remote Code Execution via Debugger PIN Bypass
May 06, 2024
CVSS 7.5
EPSS 0.38
CVE-2024-34064 MEDIUM
Jinja < 3.1.4 - Cross-Site Scripting via xmlattr Filter Key Injection
May 06, 2024
CVSS 5.4
EPSS 0.01
CVE-2024-34507 HIGH
MediaWiki <1.39.7, <1.40.3, <1.41.1 - XSS
May 05, 2024
CVSS 7.4
EPSS 0.00
CVE-2024-34506 HIGH
MediaWiki <1.39.7, 1.40.x <1.40.3, 1.41.x <1.41.1 - DoS
May 05, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-34502 CRITICAL
MediaWiki <1.39.6-1.41.1 - Info Disclosure
May 05, 2024
CVSS 9.8
EPSS 0.00
CVE-2024-34500 MEDIUM
MediaWiki <1.39.6, <1.40.2, <1.41.1 - XSS
May 05, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-34403 MEDIUM
uriparser < 0.9.7 - Integer Overflow via Long String in ComposeQueryMallocExMm
May 03, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-34402 HIGH
uriparser < 0.9.7 - Integer Overflow and Buffer Overflow via Long Query Keys or Values
May 03, 2024
CVSS 8.6
EPSS 0.01
CVE-2024-4140 HIGH
Email-MIME < 1.954 - Denial of Service via Excessive Memory Use in MIME Message Parsing
May 02, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-4216 HIGH
pgAdmin4 < 8.6 - Cross-Site Scripting via /settings/store API Response
May 02, 2024
CVSS 7.4
EPSS 0.00
CVE-2024-4215 HIGH
pgAdmin4 < 8.6 - Multi-Factor Authentication Bypass
May 02, 2024
CVSS 7.4
EPSS 0.00
CVE-2024-4368 HIGH
Google Chrome < 124.0.6367.118 - Use-After-Free in Dawn via Crafted HTML Page
May 01, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-4331 HIGH
Google Chrome < 124.0.6367.118 - Use-After-Free in Picture In Picture
May 01, 2024
CVSS 8.8
EPSS 0.02
CVE-2024-4060 MEDIUM
Google Chrome <124.0.6367.78 - Use After Free
May 01, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-4059 MEDIUM
Google Chrome <124.0.6367.78 - Info Disclosure
May 01, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-4058 HIGH
Google Chrome <124.0.6367.78 - Heap Corruption
May 01, 2024
CVSS 8.8
EPSS 0.09
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV