fedoraproject

5,420 tracked vulnerabilities.

CVE-2021-45931 MEDIUM
HarfBuzz 2.9.0 - Out-of-bounds Write in hb_bit_set_invertible_t::set
Jan 01, 2022
CVSS 6.5
EPSS 0.01
CVE-2021-45930 MEDIUM
Qt <5.15.2,6.2.1 - Buffer Overflow
Jan 01, 2022
CVSS 5.5
EPSS 0.00
CVE-2021-45958 MEDIUM
ultrajson < 5.2.0 - Stack-based Buffer Overflow via Indentation Handling
Jan 01, 2022
CVSS 5.5
EPSS 0.00
CVE-2021-4193 MEDIUM
vim < 8.2.3950 - Out-of-bounds Read
Dec 31, 2021
CVSS 5.5
EPSS 0.01
CVE-2021-4192 HIGH
vim < 8.2.3949 - Use-After-Free
Dec 31, 2021
CVSS 7.8
EPSS 0.01
CVE-2021-4190 HIGH
Wireshark 3.6.0 - Denial of Service via Kafka Dissector Excessive Iteration
Dec 30, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-4186 MEDIUM
Wireshark 3.4.0-3.4.10 - Denial of Service via Gryphon Dissector Packet Injection
Dec 30, 2021
CVSS 6.3
EPSS 0.00
CVE-2021-4185 HIGH
Wireshark 3.4.0-3.4.10 and 3.6.0 - Denial of Service via RTMPT Dissector Infinite Loop
Dec 30, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-4184 HIGH
Wireshark 3.4.0-3.4.10 and 3.6.0 - Denial of Service via BitTorrent DHT Dissector Infinite Loop
Dec 30, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-4183 MEDIUM
Wireshark 3.6.0 - Denial of Service in pcapng File Parser
Dec 30, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-4182 HIGH
Wireshark 3.4.0-3.4.10 and 3.6.0 - Denial of Service via RFC 7468 Dissector
Dec 30, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-4181 HIGH
Wireshark 3.4.0-3.4.10 - Denial of Service via Sysdig Event Dissector
Dec 30, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-4187 HIGH
vim < 8.2.3912 - Use-After-Free
Dec 29, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-23727 HIGH
celery < 5.2.2 - Stored Command Injection via Backend Metadata Deserialization
Dec 29, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-44832 MEDIUM
Apache Log4j 2.0-beta7-2.17.0 - Remote Code Execution via JDBC Appender JNDI LDAP Data Source
Dec 28, 2021
CVSS 6.6
EPSS 0.54
CVE-2021-4173 HIGH
vim < 8.2.3902 - Use-After-Free
Dec 27, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-4166 HIGH
vim < 8.2.3884 - Out-of-bounds Read
Dec 25, 2021
CVSS 7.1
EPSS 0.00
CVE-2021-45474 MEDIUM
MediaWiki < 1.37 - Cross-Site Scripting via Special:ImportFile clientUrl Parameter
Dec 24, 2021
CVSS 6.1
EPSS 0.00
CVE-2021-45473 MEDIUM
MediaWiki <= 1.37 - Stored Cross-Site Scripting via Wikibase Item Descriptions
Dec 24, 2021
CVSS 6.1
EPSS 0.00
CVE-2021-45472 MEDIUM
MediaWiki <= 1.37 - Cross-Site Scripting via Wikibase External Identifier URL Format
Dec 24, 2021
CVSS 6.1
EPSS 0.00
CVE-2021-45471 MEDIUM
MediaWiki <= 1.37 - Authenticated Bypass of IP Block via EntitySchema Edit
Dec 24, 2021
CVSS 5.3
EPSS 0.00
CVE-2021-3622 MEDIUM
hivex - Denial of Service via Recursive _get_children() Function Call
Dec 23, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-3621 HIGH
SSSD - OS Command Injection via sssctl logs-fetch and cache-expire Subcommands
Dec 23, 2021
CVSS 8.8
EPSS 0.00
CVE-2021-4024 MEDIUM
Podman <3.4.3 - gvproxy API Exposure Allows Host-to-VM Port Forwarding
Dec 23, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-45469 HIGH
Linux Kernel < 5.15.11 - Out-of-bounds Read in F2FS Extended Attribute Handling
Dec 23, 2021
CVSS 7.8
EPSS 0.00
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV