fedoraproject

5,420 tracked vulnerabilities.

CVE-2022-27404 CRITICAL
FreeType < 2.12.0 - Heap Buffer Overflow in sfnt_init_face
Apr 22, 2022
CVSS 9.8
EPSS 0.00
CVE-2022-1420 MEDIUM
vim < 8.2.4774 - Use-After-Free via Out-of-range Pointer Offset
Apr 21, 2022
CVSS 5.5
EPSS 0.01
CVE-2022-29536 HIGH
GNOME Epiphany < 41.4 and 42.x < 42.2 - Out-of-bounds Write via Long Page Title
Apr 20, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-28327 HIGH
Go <1.17.9, <1.18.1 - Panic
Apr 20, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-24675 HIGH
Go <1.17.9, <1.18.0 - Buffer Overflow
Apr 20, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-25648 HIGH
git < 1.11.0 - Command Injection via fetch Remote Parameter
Apr 19, 2022
CVSS 8.1
EPSS 0.06
CVE-2022-29153 HIGH NUCLEI
HashiCorp Consul <1.9.16-1.11.4 - SSRF
Apr 19, 2022
CVSS 7.5
EPSS 0.88
CVE-2022-27652 MEDIUM
cri-o < 1.24.0 - Incorrect Default Permissions
Apr 18, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-1381 HIGH
vim < 8.2.4763 - Heap-based Buffer Overflow in skip_range
Apr 18, 2022
CVSS 7.8
EPSS 0.01
CVE-2022-1231 MEDIUM
PlantUML < 1.2022.4 - Stored Cross-Site Scripting via Embedded SVG in Diagram
Apr 15, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-28048 HIGH
stb v2.27 - Integer Shift of Invalid Size in stbi__jpeg_decode_block_prog_ac
Apr 15, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-28042 HIGH
stb_image.h v2.27 - Use-After-Free in stbi__jpeg_huff_decode
Apr 15, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-28041 MEDIUM
stb_image.h v2.27 - Denial of Service via Integer Overflow in stbi__jpeg_decode_block_prog_dc
Apr 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-1328 MEDIUM
mutt 0.94.13-2.2.3 - Buffer Overflow in uudecoder
Apr 14, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-1304 HIGH
e2fsprogs 1.46.5 - Out-of-bounds Read and Write via Crafted Filesystem
Apr 14, 2022
CVSS 7.8
EPSS 0.01
CVE-2022-24828 HIGH
Composer < 1.10.26 - Command Injection via VcsDriver getFileContent
Apr 13, 2022
CVSS 8.3
EPSS 0.00
CVE-2022-24765 MEDIUM
Git for Windows < 2.35.2 - Uncontrolled Search Path Element via Git Directory Search
Apr 12, 2022
CVSS 6.0
EPSS 0.00
CVE-2022-24070 HIGH
Subversion mod_dav_svn <1.14.1 - Memory Corruption
Apr 12, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-24836 HIGH
Nokogiri < 1.13.4 - Inefficient Regular Expression Complexity in HTML Encoding Detection
Apr 11, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-28805 CRITICAL
Lua 5.4.0-5.4.3 - Heap-Based Buffer Over-Read in lparser.c singlevar
Apr 08, 2022
CVSS 9.1
EPSS 0.00
CVE-2022-28796 HIGH
Linux kernel <5.17.1 - Use After Free
Apr 08, 2022
CVSS 7.0
EPSS 0.00
CVE-2022-26361 HIGH
Xen - IOMMU Memory Corruption via RMRR and Unity Map Handling
Apr 05, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-26360 HIGH
Xen - IOMMU Memory Corruption via RMRR and Unity Map Handling
Apr 05, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-26359 HIGH
Xen - IOMMU Memory Corruption via RMRR and Unity Map Handling
Apr 05, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-26358 HIGH
Xen - IOMMU Memory Corruption via RMRR and Unity Map Handling
Apr 05, 2022
CVSS 7.8
EPSS 0.00
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV