fedoraproject

5,420 tracked vulnerabilities.

CVE-2022-42916 HIGH
curl 7.77.0-7.85.0 - Cleartext Transmission of Sensitive Information via IDN Character Bypass
Oct 29, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-3725 MEDIUM
Wireshark 3.6.0-3.6.8 - Denial of Service via OPUS Protocol Dissector
Oct 27, 2022
CVSS 6.3
EPSS 0.00
CVE-2022-3705 MEDIUM
vim < 9.0.0805 - Use-After-Free in quickfix.c autocmd Handler
Oct 26, 2022
CVSS 5.0
EPSS 0.00
CVE-2022-39286 HIGH
Jupyter Core <4.11.2 - Code Injection
Oct 26, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-43680 HIGH
libexpat < 2.4.9 - Use-After-Free in XML_ExternalEntityParserCreate
Oct 24, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-3640 MEDIUM
Linux Kernel 4.9.326-4.9.333 - Use-After-Free in Bluetooth L2CAP Connection Deletion
Oct 21, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-37454 CRITICAL
Keccak XKCP SHA-3 Reference Implementation - Integer Overflow and Buffer Overflow in Sponge Function Interface
Oct 21, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-3620 MEDIUM
Exim 4.95-4.96 - Use-After-Free in DMARC Handler
Oct 20, 2022
CVSS 5.6
EPSS 0.01
CVE-2022-41742 HIGH
NGINX Open Source < 1.23.2 and 1.22.1 - Out-of-bounds Write in ngx_http_mp4_module
Oct 19, 2022
CVSS 7.1
EPSS 0.00
CVE-2022-41741 HIGH
NGINX <1.23.2-1.22.1 - Memory Corruption
Oct 19, 2022
CVSS 7.0
EPSS 0.01
CVE-2022-39260 HIGH
Git < 2.30.6 - Remote Code Execution via Git Shell Argument Array Overflow
Oct 19, 2022
CVSS 8.5
EPSS 0.02
CVE-2022-39253 MEDIUM
Git < 2.30.6 - Unauthenticated Sensitive Information Exposure via Malicious Symbolic Link in Local Clone
Oct 19, 2022
CVSS 5.5
EPSS 0.03
CVE-2022-39399 LOW
Oracle GraalVM 20.3.7, 21.3.3, 22.2.0 - Unauthenticated Data Manipulation via HTTP
Oct 18, 2022
CVSS 3.7
EPSS 0.00
CVE-2022-21628 MEDIUM
Oracle GraalVM and Java SE - Unauthenticated Partial Denial of Service via Lightweight HTTP Server
Oct 18, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-21626 MEDIUM
Oracle GraalVM EE 20.3.7/21.3.3/22.2.0 & Java SE 8u341/8u345-perf/11.0.16.1 - DoS via HTTPS
Oct 18, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-21624 LOW
Oracle Java SE <19 - Unauthenticated RCE
Oct 18, 2022
CVSS 3.7
EPSS 0.00
CVE-2022-21619 LOW
Oracle GraalVM & Java SE Multiple Versions - Unauthenticated Data Manipulation
Oct 18, 2022
CVSS 3.7
EPSS 0.00
CVE-2022-21618 MEDIUM
Oracle Java SE <19 - Unauthenticated RCE
Oct 18, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-3517 HIGH
minimatch < 3.0.5 - Denial of Service via braceExpand Function
Oct 17, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-41751 HIGH
jhead 3.06.0.1 - OS Command Injection via JPEG Filename with -rgt50 Option
Oct 17, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-3559 MEDIUM
Exim < 4.97 - Use-After-Free in Regex Handler
Oct 17, 2022
CVSS 4.6
EPSS 0.00
CVE-2022-3165 MEDIUM
QEMU 6.1.0-7.0.0 - Denial of Service via VNC ClientCutText Message Integer Underflow
Oct 17, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-3551 LOW
X.org Server < 21.1.6 - Use-After-Free in ProcXkbGetKbdByName
Oct 17, 2022
CVSS 3.5
EPSS 0.01
CVE-2022-3550 MEDIUM
X.org Server < 21.1.6 - Buffer Overflow in _GetCountedString
Oct 17, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-2963 HIGH
jasper - Use-After-Free in cmdopts_parse
Oct 14, 2022
CVSS 7.5
EPSS 0.00
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV