fedoraproject

5,420 tracked vulnerabilities.

CVE-2022-29500 HIGH
Slurm 20.11.x-21.08.x - Unauthenticated Information Disclosure via Incorrect Access Control
May 05, 2022
CVSS 8.8
EPSS 0.02
CVE-2022-30292 CRITICAL
SQUIRREL 3.2 - Heap-based Buffer Overflow in sqbaselib.cpp
May 04, 2022
CVSS 10.0
EPSS 0.02
CVE-2022-20796 MEDIUM
ClamAV 0.103.4-0.103.5 and 0.104.1-0.104.2 - Authenticated Denial of Service via NULL Pointer Dereference
May 04, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-20785 HIGH
ClamAV < 0.103.5 and 0.104.0-0.104.2 - Use-After-Free in HTML File Parser
May 04, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-20771 HIGH
ClamAV < 0.103.5 and 0.104.0-0.104.2 - Denial of Service in TIFF File Parser
May 04, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-20770 HIGH
ClamAV < 0.103.5 and 0.104.0-0.104.2 - Unauthenticated Denial of Service in CHM File Parser
May 04, 2022
CVSS 8.6
EPSS 0.01
CVE-2022-28487 HIGH
Tcpreplay <4.4.1 - Memory Corruption
May 04, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-27470 HIGH
SDL_ttf <= 2.0.18 - Out-of-bounds Write via TTF_RenderText_Solid()
May 04, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-1292 HIGH
Siemens Brownfield Connectivity Gateway < 2.15 - OS Command Injection
May 03, 2022
CVSS 7.3
EPSS 0.41
CVE-2022-29824 MEDIUM
libxml2 < 2.9.14 - Integer Overflow via Buffer Handling Functions
May 03, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-29968 HIGH
Linux kernel <5.17.5 - Info Disclosure
May 02, 2022
CVSS 7.8
EPSS 0.02
CVE-2022-25844 MEDIUM
angularjs >=1.7.0 - Regular Expression Denial of Service via Custom Locale Rule
May 01, 2022
CVSS 5.3
EPSS 0.02
CVE-2022-0984 MEDIUM
Moodle 3.9.0-3.9.12 and 3.11.0-3.11.5 - Incorrect Authorization in Badge Criteria Configuration
Apr 29, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-1227 HIGH
Podman < 4.0.0 - Privilege Escalation via Malicious Image in 'podman top' Command
Apr 29, 2022
CVSS 8.8
EPSS 0.34
CVE-2022-1015 MEDIUM
Linux Kernel < 5.16.18 - Out-of-bounds Write in netfilter nf_tables_api
Apr 29, 2022
CVSS 6.6
EPSS 0.02
CVE-2022-29869 MEDIUM
cifs-utils <= 6.14 - Information Disclosure via Verbose Logging
Apr 28, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-24736 LOW
Redis <6.2.7 & <7.0.0 - NULL Pointer Dereference
Apr 27, 2022
CVSS 3.3
EPSS 0.02
CVE-2022-24735 LOW
Redis <7.0.0-6.2.7 - Code Injection
Apr 27, 2022
CVSS 3.9
EPSS 0.02
CVE-2022-1507 MEDIUM
chafa < 1.10.2 - Denial of Service via NULL Pointer Dereference in gif_internal_decode_frame
Apr 27, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-27239 HIGH
cifs-utils < 6.15 - Stack-based Buffer Overflow via mount.cifs ip Argument
Apr 27, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-24883 HIGH
FreeRDP < 2.7.0 - Improper Authentication via Invalid SAM File Path
Apr 26, 2022
CVSS 7.4
EPSS 0.01
CVE-2022-24882 CRITICAL
FreeRDP < 2.7.0 - Improper Authentication via Empty Password Handling
Apr 26, 2022
CVSS 9.1
EPSS 0.01
CVE-2022-28506 MEDIUM
giflib 5.2.1 - Heap-Based Buffer Overflow in DumpScreen2RGB
Apr 25, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-27406 HIGH
FreeType < 2.12.0 - Out-of-bounds Read via FT_Request_Size
Apr 22, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-27405 HIGH
FreeType < 2.12.0 - Out-of-bounds Read via FNT_Size_Request
Apr 22, 2022
CVSS 7.5
EPSS 0.00
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV