fedoraproject

5,420 tracked vulnerabilities.

CVE-2022-40626 MEDIUM
Zabbix 6.0.0-6.0.6 - Unauthenticated Reflected Cross-Site Scripting via Backurl Parameter
Sep 14, 2022
CVSS 4.8
EPSS 0.02
CVE-2022-38013 HIGH
.NET Core and Visual Studio - Denial of Service
Sep 13, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-3190 MEDIUM
Wireshark 3.4.0-3.4.15 and 3.6.0-3.6.7 - Denial of Service via F5 Ethernet Trailer Dissector Infinite Loop
Sep 13, 2022
CVSS 6.3
EPSS 0.00
CVE-2022-40320 HIGH
libconfuse 3.3 - Heap-Based Buffer Over-Read in cfg_tilde_expand
Sep 09, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-36087 MEDIUM
oauthlib 3.1.1-3.2.1 - Open Redirect via URI Validation Bypass
Sep 09, 2022
CVSS 5.7
EPSS 0.00
CVE-2022-36109 MEDIUM
Moby < 20.10.18 - Incorrect Authorization via Supplementary Group Manipulation
Sep 09, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-3169 MEDIUM
Linux Kernel - Denial of Service via NVME_IOCTL_RESET and NVME_IOCTL_SUBSYS_RESET
Sep 09, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-25765 HIGH
pdfkit < 0.8.7.2 - Command Injection via URL Parameter
Sep 09, 2022
CVSS 7.3
EPSS 0.89
CVE-2022-27664 HIGH
GO < 1.18.6 - Denial of Service
Sep 06, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-3123 MEDIUM
DokuWiki < 2022-07-31a - Reflected Cross-Site Scripting
Sep 05, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-39832 HIGH
PSPP 1.6.2 - Heap-Based Buffer Overflow in read_string Function
Sep 05, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-39831 HIGH
PSPP 1.6.2 - Heap-Based Buffer Overflow in read_bytes_internal
Sep 05, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-3099 HIGH
vim < 9.0.0360 - Use-After-Free
Sep 03, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-39170 HIGH
libdwarf 0.4.1 - Double Free in dwarf_frame.c
Sep 02, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-32743 HIGH
Samba 4.1.0-4.16.9 - Unauthenticated Incorrect Default Permissions via dNSHostName Attribute
Sep 01, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-1632 MEDIUM
Redhat Ansible Automation Platform - Improper Certificate Validation
Sep 01, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-1615 MEDIUM
Samba 4.1.0-4.16.9 - Use of Insufficiently Random Values via GnuTLS gnutls_rnd()
Sep 01, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-3028 HIGH
Linux Kernel 3.14-4.9.326 - Race Condition in XFRM Subsystem via xfrm_probe_algs
Aug 31, 2022
CVSS 7.0
EPSS 0.00
CVE-2022-2153 MEDIUM
Linux Kernel < 5.18 - Denial of Service via KVM SynIC IRQ NULL Pointer Dereference
Aug 31, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-2132 HIGH
DPDK < 19.11 - Denial of Service via Crafted Vhost Header
Aug 31, 2022
CVSS 8.6
EPSS 0.01
CVE-2022-1355 MEDIUM
libtiff < 4.4.0 - Stack Buffer Overflow in tiffcp via Crafted TIFF File
Aug 31, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-1354 MEDIUM
libtiff < 4.4.0 - Denial of Service via Crafted TIFF File in TIFFReadRawDataStriped
Aug 31, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-1247 HIGH
Linux Kernel - Race Condition in rose_connect()
Aug 31, 2022
CVSS 7.0
EPSS 0.00
CVE-2022-3037 HIGH
vim < 9.0.0322 - Use-After-Free
Aug 30, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-38784 HIGH
Poppler <= 22.08.0 - Integer Overflow in JBIG2 Decoder
Aug 30, 2022
CVSS 7.8
EPSS 0.00
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV