fedoraproject

5,423 tracked vulnerabilities.

CVE-2021-41817 HIGH
ruby-lang/date < 2.0.1 - Regular Expression Denial of Service via Date.parse
Jan 01, 2022
CVSS 7.5
EPSS 0.03
CVE-2021-45943 MEDIUM
GDAL 3.3.0-3.4.0 - Heap-Based Buffer Overflow in PCIDSK File Reader
Jan 01, 2022
CVSS 5.5
EPSS 0.01
CVE-2021-45942 MEDIUM
OpenEXR 3.1.0-3.1.3 - Heap-Based Buffer Overflow in LineCompositeTask
Jan 01, 2022
CVSS 5.5
EPSS 0.02
CVE-2021-45931 MEDIUM
HarfBuzz 2.9.0 - Out-of-bounds Write in hb_bit_set_invertible_t::set
Jan 01, 2022
CVSS 6.5
EPSS 0.02
CVE-2021-45930 MEDIUM
Qt <5.15.2,6.2.1 - Buffer Overflow
Jan 01, 2022
CVSS 5.5
EPSS 0.01
CVE-2021-45958 MEDIUM
ultrajson < 5.2.0 - Stack-based Buffer Overflow via Indentation Handling
Jan 01, 2022
CVSS 5.5
EPSS 0.02
CVE-2021-4193 MEDIUM
vim < 8.2.3950 - Out-of-bounds Read
Dec 31, 2021
CVSS 5.5
EPSS 0.02
CVE-2021-4192 HIGH
vim < 8.2.3949 - Use-After-Free
Dec 31, 2021
CVSS 7.8
EPSS 0.02
CVE-2021-4190 HIGH
Wireshark 3.6.0 - Denial of Service via Kafka Dissector Excessive Iteration
Dec 30, 2021
CVSS 7.5
EPSS 0.03
CVE-2021-4186 MEDIUM
Wireshark 3.4.0-3.4.10 - Denial of Service via Gryphon Dissector Packet Injection
Dec 30, 2021
CVSS 6.3
EPSS 0.02
CVE-2021-4185 HIGH
Wireshark 3.4.0-3.4.10 and 3.6.0 - Denial of Service via RTMPT Dissector Infinite Loop
Dec 30, 2021
CVSS 7.5
EPSS 0.04
CVE-2021-4184 HIGH
Wireshark 3.4.0-3.4.10 and 3.6.0 - Denial of Service via BitTorrent DHT Dissector Infinite Loop
Dec 30, 2021
CVSS 7.5
EPSS 0.04
CVE-2021-4183 MEDIUM
Wireshark 3.6.0 - Denial of Service in pcapng File Parser
Dec 30, 2021
CVSS 5.5
EPSS 0.01
CVE-2021-4182 HIGH
Wireshark 3.4.0-3.4.10 and 3.6.0 - Denial of Service via RFC 7468 Dissector
Dec 30, 2021
CVSS 7.5
EPSS 0.03
CVE-2021-4181 HIGH
Wireshark 3.4.0-3.4.10 - Denial of Service via Sysdig Event Dissector
Dec 30, 2021
CVSS 7.5
EPSS 0.04
CVE-2021-4187 HIGH
vim < 8.2.3912 - Use-After-Free
Dec 29, 2021
CVSS 7.8
EPSS 0.02
CVE-2021-23727 HIGH
celery < 5.2.2 - Stored Command Injection via Backend Metadata Deserialization
Dec 29, 2021
CVSS 7.5
EPSS 0.04
CVE-2021-44832 MEDIUM
Apache Log4j 2.0-beta7-2.17.0 - Remote Code Execution via JDBC Appender JNDI LDAP Data Source
Dec 28, 2021
CVSS 6.6
EPSS 0.98
CVE-2021-4173 HIGH
vim < 8.2.3902 - Use-After-Free
Dec 27, 2021
CVSS 7.8
EPSS 0.02
CVE-2021-4166 HIGH
vim < 8.2.3884 - Out-of-bounds Read
Dec 25, 2021
CVSS 7.1
EPSS 0.02
CVE-2021-45474 MEDIUM
MediaWiki < 1.37 - Cross-Site Scripting via Special:ImportFile clientUrl Parameter
Dec 24, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-45473 MEDIUM
MediaWiki <= 1.37 - Stored Cross-Site Scripting via Wikibase Item Descriptions
Dec 24, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-45472 MEDIUM
MediaWiki <= 1.37 - Cross-Site Scripting via Wikibase External Identifier URL Format
Dec 24, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-45471 MEDIUM
MediaWiki <= 1.37 - Authenticated Bypass of IP Block via EntitySchema Edit
Dec 24, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-3622 MEDIUM
hivex - Denial of Service via Recursive _get_children() Function Call
Dec 23, 2021
CVSS 4.3
EPSS 0.05