fedoraproject

5,420 tracked vulnerabilities.

CVE-2022-27920 MEDIUM
libkiwix 10.0.0-10.0.1 - Cross-Site Scripting via Search Suggestions URL Parameter
Mar 25, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-0995 HIGH
Watch Queue Out of Bounds Write
Mar 25, 2022
CVSS 7.8
EPSS 0.17
CVE-2022-0983 HIGH
moodle 3.9.0-3.9.12 and 3.11.0-3.11.5 - Authenticated SQL Injection in Badges Criteria Configuration
Mar 25, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-0500 HIGH
Linux Kernel 5.10-5.15.37 - Out-of-Bounds Memory Write via BPF_BTF_LOAD
Mar 25, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-0435 HIGH
Linux Kernel >=4.8 <4.9.301 - Stack Overflow in TIPC Protocol
Mar 25, 2022
CVSS 8.8
EPSS 0.55
CVE-2022-0330 HIGH
Linux kernel's GPU i915 - Memory Corruption
Mar 25, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-0322 MEDIUM
Linux Kernel < 5.15 - Denial of Service via SCTP Buffer Overflow in sctp_make_strreset_req
Mar 25, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-24778 HIGH
imgcrypt < 1.1.4 - Incorrect Authorization via ManifestList Architecture Handling
Mar 25, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-27227 HIGH
PowerDNS <4.4.3-4.6.1 - Info Disclosure
Mar 25, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-24769 MEDIUM
Moby <20.10.14 - Privilege Escalation
Mar 24, 2022
CVSS 5.9
EPSS 0.00
CVE-2022-0996 MEDIUM
389 Directory Server - Improper Authentication via Expired Password Bypass
Mar 23, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-0396 MEDIUM
BIND 9.16.11-9.16.26 and 9.17.0-9.18.0 - Denial of Service via CLOSE_WAIT Connection Exhaustion
Mar 23, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-27666 HIGH
Linux Kernel < 5.17 - Heap Buffer Overflow in IPsec ESP Transformation
Mar 23, 2022
CVSS 7.8
EPSS 0.01
CVE-2022-1011 HIGH
Linux Kernel < 5.17 - Use-After-Free in FUSE Filesystem via write()
Mar 18, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-0547 CRITICAL
OpenVPN <2.4.13 or 2.5.7 - Auth Bypass
Mar 18, 2022
CVSS 9.8
EPSS 0.00
CVE-2022-27191 HIGH
golang.org/x/crypto/ssh <0.0.0-20220314234659-1baeb1ce4c0b - DoS
Mar 18, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-24302 MEDIUM
paramiko < 2.10.1 - Information Disclosure via Race Condition in write_private_key_file
Mar 17, 2022
CVSS 5.9
EPSS 0.01
CVE-2022-24729 MEDIUM
CKEditor 4.0-4.17.2 - Denial of Service via Dialog Input Validator Regex
Mar 16, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-24728 MEDIUM
CKEditor 4 < 4.18.0 - Stored Cross-Site Scripting via HTML Sanitization Bypass
Mar 16, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-0778 HIGH
OpenSSL 1.0.2-1.0.2zc, 1.1.1-1.1.1m, 3.0.0-3.0.1 - Denial of Service via BN_mod_sqrt Infinite Loop
Mar 15, 2022
CVSS 7.5
EPSS 0.07
CVE-2022-0943 HIGH
vim < 8.2.4563 - Heap-based Buffer Overflow
Mar 14, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-20001 HIGH
fish 3.1.0-3.3.1 - Arbitrary Code Execution via Git Repository Configuration
Mar 14, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-23943 CRITICAL
Apache HTTP Server <2.4.52 - Memory Corruption
Mar 14, 2022
CVSS 9.8
EPSS 0.61
CVE-2022-22721 CRITICAL
Apache HTTP Server < 2.4.52 - Integer Overflow via Large Request Body Handling
Mar 14, 2022
CVSS 9.1
EPSS 0.13
CVE-2022-22720 CRITICAL
Apache HTTP Server < 2.4.52 - HTTP Request Smuggling via Inbound Connection Handling
Mar 14, 2022
CVSS 9.8
EPSS 0.27
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV