fedoraproject

5,420 tracked vulnerabilities.

CVE-2024-2955 HIGH
Wireshark 4.0.0-4.0.13 and 4.2.0-4.2.3 - Denial of Service via T.38 Dissector
Mar 26, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-29133 MEDIUM
Apache Commons Configuration 2.0-2.10.0 - Out-of-bounds Write
Mar 21, 2024
CVSS 5.4
EPSS 0.01
CVE-2024-29131 HIGH
Apache Commons Configuration 2.0-2.10.0 - Out-of-bounds Write
Mar 21, 2024
CVSS 7.3
EPSS 0.00
CVE-2024-2631 MEDIUM
Google Chrome < 123.0.6312.58 - UI Spoofing via Crafted HTML Page
Mar 20, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-2630 MEDIUM
Google Chrome <123.0.6312.58 - Info Disclosure
Mar 20, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-2629 MEDIUM
Google Chrome <123.0.6312.58 - CSRF
Mar 20, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-2628 MEDIUM
Google Chrome < 123.0.6312.58 - UI Spoofing via Crafted URL
Mar 20, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-2627 HIGH
Google Chrome <123.0.6312.58 - Use After Free
Mar 20, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-2626 MEDIUM
Google Chrome <123.0.6312.58 - Memory Corruption
Mar 20, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-2625 HIGH
Google Chrome <123.0.6312.58 - Info Disclosure
Mar 20, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-2002 HIGH
libdwarf >=0.1.0 <0.9.2 - Double Free
Mar 18, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-24549 HIGH
Apache Tomcat <11.0.0-M16, <10.1.18, <9.0.85, <=8.5.98 - DoS
Mar 13, 2024
CVSS 7.5
EPSS 0.65
CVE-2024-23672 MEDIUM
Apache Tomcat 8.5.0-8.5.98, 9.0.0-M1-9.0.85, 10.1.0-M1-10.1.18, 11.0.0-M1-M16 DoS via WebSocket Cleanup
Mar 13, 2024
CVSS 6.3
EPSS 0.01
CVE-2024-2400 HIGH
Google Chrome <122.0.6261.128 - Use After Free
Mar 13, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-28757 HIGH
libexpat < 2.6.2 - XML Entity Expansion via External Parser
Mar 10, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-28184 HIGH
WeasyPrint <61.2 - File/URL Injection
Mar 09, 2024
CVSS 7.4
EPSS 0.00
CVE-2024-28180 MEDIUM
jose <4.0.1-<3.0.3-<2.6.3 - Memory Corruption
Mar 09, 2024
CVSS 4.3
EPSS 0.05
CVE-2024-28176 MEDIUM
jose < 2.0.7 and 3.0.0-4.15.4 - Uncontrolled Resource Consumption in JWE Decryption
Mar 09, 2024
CVSS 4.9
EPSS 0.01
CVE-2024-23284 MEDIUM
Safari < 17.4 - Content Security Policy Bypass via Malicious Web Content
Mar 08, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-23280 MEDIUM
Safari < 17.4 - User Fingerprinting via Malicious Webpage
Mar 08, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-23263 MEDIUM
Safari < 17.4 - Content Security Policy Bypass via Malicious Web Content
Mar 08, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-23254 MEDIUM
Safari < 17.4 - Cross-Origin Audio Data Exfiltration
Mar 08, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-2044 CRITICAL
pgAdmin4 < 8.4 - Unauthenticated Path Traversal and Remote Code Execution via Session Deserialization
Mar 07, 2024
CVSS 9.9
EPSS 0.83
CVE-2024-1931 HIGH
Unbound 1.18.0-1.19.1 - Denial of Service via EDE Record Trimming Infinite Loop
Mar 07, 2024
CVSS 7.5
EPSS 0.07
CVE-2024-2176 HIGH
Google Chrome <122.0.6261.111 - Use After Free
Mar 06, 2024
CVSS 8.8
EPSS 0.01
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV