fedoraproject

5,420 tracked vulnerabilities.

CVE-2022-31813 CRITICAL
Apache HTTP Server < 2.4.54 - Insufficient Verification of Data Authenticity via X-Forwarded-* Headers
Jun 09, 2022
CVSS 9.8
EPSS 0.00
CVE-2022-30556 HIGH
Apache HTTP Server < 2.4.54 - Exposure of Sensitive Information via Buffer Length Mismanagement
Jun 09, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-30522 HIGH
Apache HTTP Server 2.4.53 - Denial of Service via mod_sed Large Input Transformation
Jun 09, 2022
CVSS 7.5
EPSS 0.10
CVE-2022-29404 HIGH
Apache HTTP Server < 2.4.53 - Denial of Service via Lua Script r:parsebody(0)
Jun 09, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-28615 CRITICAL
Apache HTTP Server <2.4.53 - Info Disclosure
Jun 09, 2022
CVSS 9.1
EPSS 0.01
CVE-2022-28614 MEDIUM
Apache HTTP Server <2.4.53 - Memory Corruption
Jun 09, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-26377 HIGH
Apache HTTP Server 2.4.0-2.4.53 - HTTP Request Smuggling via mod_proxy_ajp
Jun 09, 2022
CVSS 7.5
EPSS 0.39
CVE-2022-26364 MEDIUM
Xen - Memory Corruption via Non-Coherent CPU Cache Mappings
Jun 09, 2022
CVSS 6.7
EPSS 0.00
CVE-2022-26363 MEDIUM
Xen - Insufficient Care with Non-Coherent Mappings
Jun 09, 2022
CVSS 6.7
EPSS 0.00
CVE-2022-26362 MEDIUM
Xen - Race Condition in Type Reference Acquisition
Jun 09, 2022
CVSS 6.4
EPSS 0.00
CVE-2022-31214 HIGH
Firejail 0.9.68 - Privilege Escalation
Jun 09, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-2000 HIGH
vim < 8.2.5063 - Out-of-bounds Write
Jun 09, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-1998 HIGH
Linux Kernel 5.10.46-5.10.97 - Use-After-Free in File System Notify
Jun 09, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-31030 MEDIUM
containerd < 1.5.13 - Uncontrolled Resource Consumption via ExecSync API
Jun 09, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-1996 CRITICAL
emicklei/go-restful <3.8.0 - Auth Bypass
Jun 08, 2022
CVSS 9.1
EPSS 0.01
CVE-2022-24065 HIGH
cookiecutter <2.1.1 - Command Injection
Jun 08, 2022
CVSS 8.1
EPSS 0.02
CVE-2022-1708 HIGH
CRI-O <1.19.7 and >=1.24.0 <1.24.1 - Denial of Service via ExecSync Output Handling
Jun 07, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-32511 CRITICAL
jmespath.rb <1.6.1 - Info Disclosure
Jun 06, 2022
CVSS 9.8
EPSS 0.02
CVE-2022-32250 HIGH
Linux Kernel 4.1-5.18.1 - Use-After-Free in nf_tables_api.c
Jun 02, 2022
CVSS 7.8
EPSS 0.01
CVE-2022-31799 CRITICAL
Bottle < 0.12.20 - Denial of Service via Early Request Binding Error Handling
Jun 02, 2022
CVSS 9.8
EPSS 0.00
CVE-2022-31783 MEDIUM
Liblouis 3.21.0 - Out-of-bounds Write in compileTranslationTable.c
Jun 02, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-27776 MEDIUM
curl < 7.83.0 - Credential Leak via HTTP Redirect to Different Port
Jun 02, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-1949 HIGH
389 Directory Server - Unauthenticated Access Control Bypass via Filter Mishandling
Jun 02, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-1789 MEDIUM
Linux Kernel < 5.8 - NULL Pointer Dereference via INVPCID Instruction with CR0.PG=0
Jun 02, 2022
CVSS 6.8
EPSS 0.00
CVE-2022-1942 HIGH
vim < 8.2.5043 - Heap-based Buffer Overflow
May 31, 2022
CVSS 7.8
EPSS 0.01
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV