fedoraproject

5,420 tracked vulnerabilities.

CVE-2021-45046 CRITICAL KEVNUCLEI
Apache Log4j < 2.12.2 - Remote Code Execution
Dec 14, 2021
CVSS 9.0
EPSS 0.94
CVE-2021-4104 HIGH
Apache Log4j 1.2 - Remote Code Execution via JMSAppender JNDI Requests
Dec 14, 2021
CVSS 7.5
EPSS 0.72
CVE-2021-43818 HIGH
lxml < 4.6.5 - Cross-Site Scripting via HTML Cleaner Bypass
Dec 13, 2021
CVSS 8.2
EPSS 0.05
CVE-2021-44847 CRITICAL
toxcore 0.1.9-0.1.11 and 0.2.0-0.2.12 - Stack-Based Buffer Overflow in DHT Packet Handling
Dec 13, 2021
CVSS 9.8
EPSS 0.04
CVE-2021-44228 CRITICAL KEVNUCLEI
Log4Shell HTTP Header Injection
Dec 10, 2021
CVSS 10.0
EPSS 0.94
CVE-2021-4048 CRITICAL
LAPACK < 3.10.0 - Out-of-bounds Read in CLARRV, DLARRV, SLARRV, and ZLARRV Functions
Dec 08, 2021
CVSS 9.1
EPSS 0.00
CVE-2021-44420 HIGH
Django <2.2.25-<3.2.10 - Auth Bypass
Dec 08, 2021
CVSS 7.3
EPSS 0.00
CVE-2021-44686 HIGH
calibre < 5.32.0 - Denial of Service via ReDoS in HTML Preprocessing
Dec 07, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-4069 HIGH
vim < 8.2.3741 - Use-After-Free
Dec 06, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-3984 HIGH
vim < 8.2.3625 - Heap-based Buffer Overflow
Dec 01, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-4019 HIGH
vim < 8.2.3669 - Heap-based Buffer Overflow
Dec 01, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-3802 MEDIUM
udisks < 2.9.4 - Denial of Service via Crafted Image File
Nov 29, 2021
CVSS 4.2
EPSS 0.00
CVE-2021-44225 MEDIUM
Keepalived <2.2.4 - Privilege Escalation
Nov 26, 2021
CVSS 5.4
EPSS 0.00
CVE-2021-41270 MEDIUM
Symfony <4.4.35 and <5.3.12 - Code Injection
Nov 24, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-28709 HIGH
Xen 3.4.0-4.12.3 - Denial of Service via Partial P2M Update Handling
Nov 24, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-28705 HIGH
Xen 3.4.0-4.12.3 - Denial of Service via Partially Successful P2M Updates
Nov 24, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-28708 HIGH
Xen 4.7.0-4.15.0 - Denial of Service via PoD Operations on Misaligned GFNs
Nov 24, 2021
CVSS 8.8
EPSS 0.00
CVE-2021-28707 HIGH
Xen 4.7.0-4.15.0 - Denial of Service via PoD Operations on Misaligned GFNs
Nov 24, 2021
CVSS 8.8
EPSS 0.00
CVE-2021-28706 HIGH
Xen 3.2-4.12 - Memory Limit Bypass via 32-bit Overflow
Nov 24, 2021
CVSS 8.6
EPSS 0.00
CVE-2021-28704 HIGH
Xen 4.7.0-4.15.0 - Denial of Service via PoD Operations on Misaligned GFNs
Nov 24, 2021
CVSS 8.8
EPSS 0.00
CVE-2021-38003 HIGH KEV
Google Chrome <95.0.4638.69 - Heap Corruption
Nov 23, 2021
CVSS 8.8
EPSS 0.63
CVE-2021-38002 CRITICAL
Google Chrome <95.0.4638.69 - Use After Free
Nov 23, 2021
CVSS 9.6
EPSS 0.01
CVE-2021-38001 HIGH
Google Chrome <95.0.4638.69 - Heap Corruption
Nov 23, 2021
CVSS 8.8
EPSS 0.26
CVE-2021-38000 MEDIUM KEV
Google Chrome <95.0.4638.69 - Open Redirect
Nov 23, 2021
CVSS 6.1
EPSS 0.04
CVE-2021-37999 MEDIUM
Google Chrome < 95.0.4638.69 - Cross-Site Scripting via New Tab Page
Nov 23, 2021
CVSS 6.1
EPSS 0.00
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV