fedoraproject

5,420 tracked vulnerabilities.

CVE-2022-21253 MEDIUM
MySQL Server < 8.0.27 - Authenticated Denial of Service in Optimizer
Jan 19, 2022
CVSS 4.9
EPSS 0.00
CVE-2022-21249 LOW
MySQL Server < 8.0.27 - Authenticated Partial Denial of Service in DDL Component
Jan 19, 2022
CVSS 2.7
EPSS 0.00
CVE-2022-21248 LOW
Oracle Java SE <17.0.1 - Serialization
Jan 19, 2022
CVSS 3.7
EPSS 0.00
CVE-2022-21245 MEDIUM
Oracle MySQL <8.0.27 - Privilege Escalation
Jan 19, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-21673 MEDIUM
Grafana 7.2.0-7.5.12 - Unauthorized Data Access via Forward OAuth Identity
Jan 18, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-23304 CRITICAL
hostapd and wpa_supplicant < 2.10 - Side-Channel Attack via EAP-pwd Cache Access Patterns
Jan 17, 2022
CVSS 9.8
EPSS 0.00
CVE-2022-23303 CRITICAL
hostapd and wpa_supplicant < 2.10 - Side Channel Attack via SAE Cache Access Patterns
Jan 17, 2022
CVSS 9.8
EPSS 0.00
CVE-2022-0238 MEDIUM
phoronix_test_suite < 10.8.0 - Cross-Site Request Forgery
Jan 16, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-23094 HIGH
Libreswan 4.2-4.5 - Denial of Service via Crafted IKEv1 Packet
Jan 15, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-21681 HIGH
marked < 4.0.10 - Denial of Service via Catastrophic Backtracking in ReflinkSearch Regex
Jan 14, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-21680 HIGH
marked < 4.0.10 - Regular Expression Denial of Service via Catastrophic Backtracking
Jan 14, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-23222 HIGH
Linux Kernel 5.8.0-5.15.14 - Local Privilege Escalation via BPF Verifier Pointer Arithmetic
Jan 14, 2022
CVSS 7.8
EPSS 0.01
CVE-2022-21682 HIGH
Flatpak < 1.12.3 and < 1.10.6 - Path Traversal via --mirror-screenshots-url
Jan 13, 2022
CVSS 7.7
EPSS 0.00
CVE-2022-23134 LOW KEVNUCLEI
Zabbix 5.4.0-5.4.7 - Unauthenticated Improper Access Control in Setup.php
Jan 13, 2022
CVSS 3.7
EPSS 0.93
CVE-2022-23133 MEDIUM
Zabbix 5.0.0-5.0.17 - Authenticated Stored Cross-Site Scripting via Host Group Configuration
Jan 13, 2022
CVSS 6.3
EPSS 0.01
CVE-2022-23132 LOW
Zabbix 4.0.0-4.0.35 - Improper Access Control via SELinux DAC_OVERRIDE Capability
Jan 13, 2022
CVSS 3.3
EPSS 0.00
CVE-2022-0197 HIGH
phoronix_test_suite < 10.8.0 - Cross-Site Request Forgery
Jan 13, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-0196 HIGH
phoronix_test_suite < 10.8.0 - Cross-Site Request Forgery
Jan 13, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-0173 MEDIUM
radare2 < 5.6.0 - Out-of-bounds Read
Jan 11, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-21668 HIGH
pipenv 2018.10.9-2022.1.8 - Remote Code Execution via Malicious Requirements File Comment
Jan 10, 2022
CVSS 8.0
EPSS 0.01
CVE-2022-0158 LOW
vim < 8.2.4049 - Heap-based Buffer Overflow
Jan 10, 2022
CVSS 3.3
EPSS 0.00
CVE-2022-0157 MEDIUM
phoronix_test_suite < 10.8.0 - Cross-Site Scripting
Jan 10, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-0156 MEDIUM
vim < 8.2.4040 - Use-After-Free
Jan 10, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-21664 HIGH
WordPress < 5.8.3 - SQL Injection
Jan 06, 2022
CVSS 7.4
EPSS 0.04
CVE-2022-21663 MEDIUM
WordPress < 5.8.3 - Authenticated Object Injection via Multisite Super Admin Role
Jan 06, 2022
CVSS 6.6
EPSS 0.00
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV