fedoraproject

5,420 tracked vulnerabilities.

CVE-2022-0413 HIGH
vim < 8.2.4253 - Use-After-Free
Jan 30, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-0408 HIGH
vim < 8.2.4247 - Stack-based Buffer Overflow
Jan 30, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-24122 HIGH
Linux kernel <5.16.4 - Privilege Escalation
Jan 29, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-23598 MEDIUM
laminas-form < 2.17.1 and 3.1.0 - Cross-Site Scripting in formElementErrors View Helper
Jan 28, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-0393 HIGH
vim < 8.2.4233 - Out-of-bounds Read
Jan 28, 2022
CVSS 7.1
EPSS 0.00
CVE-2022-23990 HIGH
libexpat < 2.4.4 - Integer Overflow in doProlog Function
Jan 26, 2022
CVSS 7.5
EPSS 0.04
CVE-2022-23959 CRITICAL
Varnish Cache HTTP Request Smuggling (6.6.2, 7.0.2, 6.0.10, 4.1.11r6, 6.0.9r4)
Jan 26, 2022
CVSS 9.1
EPSS 0.00
CVE-2022-23035 MEDIUM
Xen >=4.6.0 - Use-After-Free in Passed-Through Device IRQ Cleanup
Jan 25, 2022
CVSS 4.6
EPSS 0.00
CVE-2022-23034 MEDIUM
Xen 3.2.0-4.12.x - Denial of Service via Grant Mapping Reference Count Underflow
Jan 25, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-23033 HIGH
Xen >=4.12.0 - Improper Resource Shutdown or Release in p2m Mapping Removal
Jan 25, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-21658 HIGH
Rust 1.0.0-1.58.0 - Time-of-check Time-of-use Race Condition in std::fs::remove_dir_all
Jan 20, 2022
CVSS 7.3
EPSS 0.01
CVE-2022-21699 HIGH
IPython < 5.10.0 - Arbitrary Code Execution via Cross-User Temporary File Mismanagement
Jan 19, 2022
CVSS 8.2
EPSS 0.01
CVE-2022-21339 MEDIUM
MySQL Server < 8.0.27 - Authenticated Denial of Service in Optimizer
Jan 19, 2022
CVSS 4.9
EPSS 0.00
CVE-2022-21304 MEDIUM
MySQL Server < 5.7.36 and 8.0.27 - Authenticated Denial of Service in Parser
Jan 19, 2022
CVSS 4.9
EPSS 0.00
CVE-2022-21303 MEDIUM
MySQL Server <= 5.7.36 and <= 8.0.27 - Authenticated Denial of Service in Stored Procedure
Jan 19, 2022
CVSS 4.9
EPSS 0.00
CVE-2022-21302 MEDIUM
MySQL Server < 8.0.27 - Authenticated Denial of Service in InnoDB
Jan 19, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-21301 MEDIUM
MySQL Server <= 8.0.27 - Authenticated Denial of Service and Data Manipulation via DML
Jan 19, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-21293 MEDIUM
Oracle GraalVM and JDK - Unauthenticated Partial Denial of Service via Multiple Protocols
Jan 19, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-21291 MEDIUM
Oracle GraalVM 20.3.4 and 21.3.0 - Unauthenticated Data Manipulation via Hotspot Component
Jan 19, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-21283 MEDIUM
Oracle GraalVM 20.3.4, 21.3.0 & Java SE 11.0.13, 17.0.1 - Partial DoS via Multiple Protocols
Jan 19, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-21270 MEDIUM
MySQL Server <= 5.7.36 and <= 8.0.27 - Authenticated Denial of Service in Federated Component
Jan 19, 2022
CVSS 4.9
EPSS 0.00
CVE-2022-21265 LOW
MySQL Server < 8.0.27 - Authenticated Partial Denial of Service and Data Manipulation via Optimizer
Jan 19, 2022
CVSS 3.8
EPSS 0.00
CVE-2022-21264 MEDIUM
MySQL Server < 8.0.27 - Authenticated Denial of Service in Optimizer
Jan 19, 2022
CVSS 4.9
EPSS 0.00
CVE-2022-21256 MEDIUM
MySQL Server < 8.0.27 - Authenticated Denial of Service in Group Replication Plugin
Jan 19, 2022
CVSS 4.9
EPSS 0.00
CVE-2022-21254 MEDIUM
MySQL Server < 8.0.27 - Authenticated Denial of Service in Optimizer
Jan 19, 2022
CVSS 5.3
EPSS 0.01
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV