fedoraproject

5,420 tracked vulnerabilities.

CVE-2022-3278 MEDIUM
vim/vim <9.0.0552 - NULL Pointer Dereference
Sep 23, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-36944 CRITICAL
Scala 2.13.0-2.13.8 - Deserialization of Untrusted Data via Function0 Gadget Chain
Sep 23, 2022
CVSS 9.8
EPSS 0.68
CVE-2022-40188 HIGH
Knot Resolver < 5.5.3 - Denial of Service via Algorithmic Complexity
Sep 23, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-41322 HIGH
kitty < 0.26.2 - Remote Code Execution via Desktop Notification Escape Sequence
Sep 23, 2022
CVSS 7.8
EPSS 0.01
CVE-2022-35951 HIGH
Redis 7.0.0-7.0.4 - Integer Overflow via XAUTOCLAIM COUNT Argument
Sep 23, 2022
CVSS 7.0
EPSS 0.37
CVE-2022-1941 HIGH
ProtocolBuffers <3.16.1-4.21.5 - DoS
Sep 22, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-3256 HIGH
vim < 9.0.0530 - Use-After-Free
Sep 22, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-3080 HIGH
BIND >=9.16.14 <9.16.33 - Denial of Service via Specific Queries
Sep 21, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-38178 HIGH
BIND >=9.9.12 <9.9.13 - Denial of Service via Malformed EdDSA Signature
Sep 21, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-38177 HIGH
BIND >=9.8.4 <9.16.32 - Use-After-Free via Malformed ECDSA Signature
Sep 21, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-2795 MEDIUM
DNS Resolver - DoS
Sep 21, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-35957 MEDIUM
Grafana <9.1.6, 8.5.13 - Privilege Escalation
Sep 20, 2022
CVSS 6.6
EPSS 0.01
CVE-2022-32886 HIGH
Safari < 16.0 - Out-of-bounds Write via Malicious Web Content
Sep 20, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-39958 HIGH
OWASP ModSecurity Core Rule Set 3.0.0-3.2.1 and 3.3.2 - Response Body Exfiltration via HTTP Range Header Bypass
Sep 20, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-39957 HIGH
OWASP ModSecurity Core Rule Set - Auth Bypass
Sep 20, 2022
CVSS 7.3
EPSS 0.01
CVE-2022-39956 HIGH
OWASP ModSecurity Core Rule Set 3.0.0-3.2.1 & 3.3.2 - Bypass via Character Encoding in MIME Headers
Sep 20, 2022
CVSS 7.3
EPSS 0.00
CVE-2022-39955 HIGH
OWASP ModSecurity Core Rule Set 3.0.0-3.2.1 and 3.3.2 - Rule Bypass via Multiple Charset Content-Type Header
Sep 20, 2022
CVSS 7.3
EPSS 0.01
CVE-2022-3213 MEDIUM
ImageMagick < 6.9.12-62 - Denial of Service via Malformed TIFF File
Sep 19, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-3235 HIGH
vim < 9.0.0490 - Use-After-Free
Sep 18, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-40768 MEDIUM
Linux Kernel < 5.19.9 - Information Disclosure via Uninitialized Memory in stex_queuecommand_lck
Sep 18, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-3234 HIGH
vim/vim <9.0.0483 - Buffer Overflow
Sep 17, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-30674 MEDIUM
Adobe InDesign <= 16.4.2 and <= 17.3 - Out-of-bounds Read via Malicious File
Sep 16, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-39209 HIGH
cmark-gfm < 0.29.0.gfm.6 - Denial of Service via Autolink Extension
Sep 15, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-40674 HIGH
libexpat < 2.4.9 - Use-After-Free in doContent Function
Sep 14, 2022
CVSS 8.1
EPSS 0.01
CVE-2022-40673 HIGH
KDiskMark < 3.1.0 - Unauthenticated Missing Authorization via D-Bus Helper Methods
Sep 14, 2022
CVSS 7.8
EPSS 0.00
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV