fedoraproject

5,420 tracked vulnerabilities.

CVE-2024-32658 CRITICAL
FreeRDP < 3.5.1 - Out-of-bounds Read
Apr 23, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-31208 MEDIUM
Synapse < 1.105.1 - Denial of Service via V2 State Resolution Algorithm
Apr 23, 2024
CVSS 6.5
EPSS 0.03
CVE-2024-26922 MEDIUM
Linux Kernel 4.12-6.8.7 - Use-After-Free in DRM AMDGPU BO Mapping
Apr 23, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-32460 HIGH
FreeRDP <3.5.0-2.11.6 - Out-of-bounds read
Apr 22, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-32459 CRITICAL
FreeRDP <3.5.0, <2.11.6 - Memory Corruption
Apr 22, 2024
CVSS 9.8
EPSS 0.06
CVE-2024-32458 CRITICAL
FreeRDP <3.5.0-2.11.6 - Info Disclosure
Apr 22, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-32041 CRITICAL
FreeRDP <3.5.0-2.11.6 - Memory Corruption
Apr 22, 2024
CVSS 9.8
EPSS 0.00
CVE-2024-32040 HIGH
FreeRDP <3.5.0-2.11.6 - Integer Underflow
Apr 22, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-32039 CRITICAL
FreeRDP <3.5.0-2.11.6 - Buffer Overflow
Apr 22, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-22640 HIGH
TCPDF <=6.6.5 - Regular Expression Denial of Service via Crafted HTML Color
Apr 19, 2024
CVSS 7.5
EPSS 0.02
CVE-2024-32462 HIGH
flatpak < 1.10.9, 1.12.9, 1.14.6, 1.15.8 - Sandbox Escape via Bubblewrap Argument Injection
Apr 18, 2024
CVSS 8.4
EPSS 0.00
CVE-2024-27306 MEDIUM
aiohttp < 3.9.4 - Cross-Site Scripting in Static File Index Pages
Apr 18, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-31585 MEDIUM
FFmpeg 5.1-6.1 - Denial of Service via Off-by-one Error in libavfilter/avf_showspectrum.c
Apr 17, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-31582 HIGH
FFmpeg 6.1 - Heap-based Buffer Overflow in draw_block_rectangle
Apr 17, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-31581 CRITICAL
FFmpeg n6.1 - Improper Validation of Array Index in libavcodec/cbs_h266_syntax_template.c
Apr 17, 2024
CVSS 9.8
EPSS 0.00
CVE-2024-31031 HIGH
libcoap 4.3.4 - Integer Overflow in coap_pdu.c
Apr 17, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-3914 MEDIUM
Google Chrome < 124.0.6367.60 - Use-After-Free in V8
Apr 17, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-31578 HIGH
FFmpeg < 7.0 - Use-After-Free via av_hwframe_ctx_init
Apr 17, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-3847 MEDIUM
Google Chrome <124.0.6367.60 - Auth Bypass
Apr 17, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-3846 MEDIUM
Google Chrome < 124.0.6367.60 - UI Spoofing via Crafted HTML Page
Apr 17, 2024
CVSS 4.3
EPSS 0.02
CVE-2024-3845 MEDIUM
Google Chrome <124.0.6367.60 - CSRF
Apr 17, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-3844 MEDIUM
Google Chrome < 124.0.6367.60 - UI Spoofing via Crafted Chrome Extension
Apr 17, 2024
CVSS 4.3
EPSS 0.01
CVE-2024-3843 MEDIUM
Google Chrome < 124.0.6367.60 - UI Spoofing via Crafted HTML Page
Apr 17, 2024
CVSS 4.3
EPSS 0.01
CVE-2024-3841 MEDIUM
Google Chrome < 124.0.6367.60 - Script Injection via Browser Switcher
Apr 17, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-3840 HIGH
Google Chrome < 124.0.6367.60 - Navigation Restriction Bypass via Site Isolation Policy Enforcement
Apr 17, 2024
CVSS 7.5
EPSS 0.00
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV