fedoraproject

5,420 tracked vulnerabilities.

CVE-2021-3656 HIGH
Linux Kernel 4.13-<4.14.245 - Missing Authorization in KVM SVM Nested Virtualization
Mar 04, 2022
CVSS 8.8
EPSS 0.00
CVE-2021-3575 HIGH
OpenJPEG < 2.4.0 - Heap-Based Buffer Overflow in sycc420_to_rgb
Mar 04, 2022
CVSS 7.8
EPSS 0.00
CVE-2021-3744 MEDIUM
Linux Kernel < 5.15 - Use-After-Free in ccp_run_aes_gcm_cmd
Mar 04, 2022
CVSS 5.5
EPSS 0.00
CVE-2021-3743 HIGH
Linux Kernel 5.14.1-5.16 - Out-of-Bounds Read in Qualcomm IPC Router Protocol
Mar 04, 2022
CVSS 7.1
EPSS 0.00
CVE-2021-23214 HIGH
PostgreSQL Certificate Authentication - SQL Injection via MITM
Mar 04, 2022
CVSS 8.1
EPSS 0.00
CVE-2021-3640 HIGH
Linux Kernel < 4.4.293 - Use-After-Free in sco_sock_sendmsg
Mar 03, 2022
CVSS 7.0
EPSS 0.00
CVE-2021-3638 MEDIUM
QEMU 4.0.0-6.0.0 - Out-of-bounds Write in ATI VGA Device Emulation
Mar 03, 2022
CVSS 6.5
EPSS 0.00
CVE-2021-4002 MEDIUM
Linux Kernel < 5.16 - Use-After-Free in hugetlbfs Memory Mapping
Mar 03, 2022
CVSS 4.4
EPSS 0.00
CVE-2021-3677 MEDIUM
PostgreSQL 11.0-11.12 - Authenticated Exposure of Sensitive Information via Crafted Query
Mar 02, 2022
CVSS 6.5
EPSS 0.00
CVE-2021-3658 MEDIUM
bluez < 5.61 - Incorrect Authorization via Discoverable Status Persistence
Mar 02, 2022
CVSS 6.5
EPSS 0.00
CVE-2021-3623 MEDIUM
libtpms < 0.6.5 - Out-of-bounds Write via TPM 2 Command Packet Processing
Mar 02, 2022
CVSS 6.1
EPSS 0.00
CVE-2021-3700 MEDIUM
usbredir < 0.11.0 - Use-After-Free in usbredirparser_serialize()
Feb 24, 2022
CVSS 6.4
EPSS 0.00
CVE-2021-3610 HIGH
ImageMagick < 7.0.11-14 - Heap-Based Buffer Overflow in ReadTIFFImage
Feb 24, 2022
CVSS 7.5
EPSS 0.00
CVE-2021-3608 MEDIUM
QEMU < 6.1.0 - Use-After-Free in VMWare Paravirtual RDMA Device
Feb 24, 2022
CVSS 6.0
EPSS 0.00
CVE-2021-3607 MEDIUM
QEMU < 6.1.0 - Denial of Service via PVRDMA_REG_DSRHIGH Write
Feb 24, 2022
CVSS 6.0
EPSS 0.00
CVE-2021-3596 MEDIUM
ImageMagick <7.0.10-31 - NULL Pointer Dereference
Feb 24, 2022
CVSS 6.5
EPSS 0.00
CVE-2021-26252 HIGH
htmldoc 1.9.12 - Heap Buffer Overflow in pspdf_prepare_page
Feb 24, 2022
CVSS 7.8
EPSS 0.00
CVE-2021-25636 HIGH
LibreOffice 7.2.0-7.2.4 - Improper Certificate Validation via Manipulated KeyInfo Tag
Feb 24, 2022
CVSS 7.5
EPSS 0.00
CVE-2021-4115 MEDIUM
polkit - Unauthenticated Denial of Service via File Descriptor Exhaustion
Feb 21, 2022
CVSS 5.5
EPSS 0.00
CVE-2021-44141 MEDIUM
Samba < 4.15.5 - Unauthenticated Exposure of Sensitive Information via SMB1 Symlink
Feb 21, 2022
CVSS 4.3
EPSS 0.00
CVE-2021-44142 HIGH
Samba < 4.13.17 - Out-of-bounds Read and Write via Extended File Attributes
Feb 21, 2022
CVSS 8.8
EPSS 0.36
CVE-2021-45083 HIGH
Cobbler < 3.3.1 - Unauthenticated Sensitive Information Exposure via World-Readable Configuration Files
Feb 20, 2022
CVSS 7.1
EPSS 0.00
CVE-2021-45082 HIGH
Cobbler < 3.3.1 - Remote Code Execution via Cheetah Template Import Bypass
Feb 19, 2022
CVSS 7.8
EPSS 0.00
CVE-2021-4093 HIGH
Linux Kernel 5.11-5.14.15 - Out-of-bounds Read and Write via SEV-ES String I/O VMGEXIT
Feb 18, 2022
CVSS 8.8
EPSS 0.00
CVE-2021-3657 CRITICAL
isync < 1.4.4 - Remote Code Execution via Large IMAP Literal Handling
Feb 18, 2022
CVSS 9.8
EPSS 0.06
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV