fedoraproject

5,420 tracked vulnerabilities.

CVE-2021-20322 HIGH
Linux Kernel < 5.14.21 - UDP Port Scan via ICMP Error Message Processing
Feb 18, 2022
CVSS 7.4
EPSS 0.00
CVE-2021-20320 MEDIUM
Linux Kernel - Exposure of Sensitive Information via s390 eBPF JIT Verifier Bypass
Feb 18, 2022
CVSS 5.5
EPSS 0.00
CVE-2021-4120 HIGH
snapd < 2.54.3 - AppArmor Policy Rule Injection via Malformed Content Interface and Layout Declarations
Feb 17, 2022
CVSS 8.2
EPSS 0.00
CVE-2021-44731 HIGH
snapd < 2.54.3 - Local Privilege Escalation via Race Condition in snap-confine
Feb 17, 2022
CVSS 7.8
EPSS 0.01
CVE-2021-44730 HIGH
snapd < 2.54.3 - Privilege Escalation via Hardlink Attack on snap-confine Binary
Feb 17, 2022
CVSS 7.8
EPSS 0.00
CVE-2021-3781 CRITICAL
Ghostscript - Command Execution via SAFER Sandbox Escape
Feb 16, 2022
CVSS 9.9
EPSS 0.06
CVE-2021-3773 CRITICAL
Linux Kernel < 5.14 - Exposure of Sensitive Information via netfilter
Feb 16, 2022
CVSS 9.8
EPSS 0.01
CVE-2021-3760 HIGH
Linux Kernel 4.0-4.4.289 - Use-After-Free in NFC Stack
Feb 16, 2022
CVSS 7.8
EPSS 0.00
CVE-2021-3752 HIGH
Linux Kernel 2.6.12-4.4.293 - Use-After-Free via Bluetooth Socket Race Condition
Feb 16, 2022
CVSS 7.1
EPSS 0.00
CVE-2021-3578 HIGH
mbsync <1.3.6 and 1.4.2 - Code Execution via APPENDUID Heap Overflow
Feb 16, 2022
CVSS 7.8
EPSS 0.01
CVE-2021-3551 HIGH
dogtagpki 10.10.0-10.10.5 - Cleartext Storage of Sensitive Information in Installation Log File
Feb 16, 2022
CVSS 7.8
EPSS 0.00
CVE-2021-45444 HIGH
zsh < 5.8.1 - Remote Code Execution via PROMPT_SUBST Expansion
Feb 14, 2022
CVSS 7.8
EPSS 0.00
CVE-2021-41816 CRITICAL
CGI < 0.3.1 - Integer Overflow via Long String in escape_html
Feb 06, 2022
CVSS 9.8
EPSS 0.00
CVE-2021-40403 MEDIUM
Gerbv 2.7.0 and 2.8.0 - Information Disclosure via Pick-and-Place Rotation Parsing
Feb 04, 2022
CVSS 6.3
EPSS 0.00
CVE-2021-40401 HIGH
Gerbv 2.7.0 and 2.7.1 - Use-After-Free in RS-274X Aperture Definition Tokenization
Feb 04, 2022
CVSS 8.6
EPSS 0.00
CVE-2021-43859 HIGH
XStream <1.4.19 - DoS
Feb 01, 2022
CVSS 7.5
EPSS 0.02
CVE-2021-46669 HIGH
MariaDB < 10.2.44 - Use-After-Free via BIGINT Data Type Handling
Feb 01, 2022
CVSS 7.5
EPSS 0.00
CVE-2021-46668 MEDIUM
MariaDB 10.2.0-10.2.42 - Denial of Service via Long SELECT DISTINCT Statements
Feb 01, 2022
CVSS 5.5
EPSS 0.00
CVE-2021-46667 MEDIUM
MariaDB < 10.2.41 - Denial of Service via Integer Overflow in sql_lex.cc
Feb 01, 2022
CVSS 5.5
EPSS 0.00
CVE-2021-46665 MEDIUM
MariaDB 10.2.0-10.2.42 - Denial of Service via sql_parse.cc Used Tables Mismatch
Feb 01, 2022
CVSS 5.5
EPSS 0.00
CVE-2021-46664 MEDIUM
MariaDB 10.2.0-10.2.42 - Denial of Service via NULL Value in sub_select_postjoin_aggr
Feb 01, 2022
CVSS 5.5
EPSS 0.00
CVE-2021-46663 MEDIUM
MariaDB 10.2.41-10.2.42 - Denial of Service via SELECT Statement
Feb 01, 2022
CVSS 5.5
EPSS 0.00
CVE-2021-46661 MEDIUM
MariaDB 10.2.0-10.2.42 - Denial of Service via Unused Common Table Expression
Feb 01, 2022
CVSS 5.5
EPSS 0.00
CVE-2021-45079 CRITICAL
strongSwan < 5.9.5 - Unauthenticated EAP-Success Spoofing via Early Response
Jan 31, 2022
CVSS 9.1
EPSS 0.00
CVE-2021-46659 MEDIUM
MariaDB 5.5.0-10.2.41 - Denial of Service via SELECT_LEX::nest_level Mismanagement
Jan 29, 2022
CVSS 5.5
EPSS 0.00
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV