fedoraproject

5,420 tracked vulnerabilities.

CVE-2021-2479 MEDIUM
MySQL Server <= 8.0.26 - Authenticated Denial of Service in DML Component
Oct 20, 2021
CVSS 4.9
EPSS 0.01
CVE-2021-2478 MEDIUM
MySQL < 8.0.26 - Authenticated Denial of Service in Server: DML
Oct 20, 2021
CVSS 4.9
EPSS 0.00
CVE-2021-42739 MEDIUM
Linux kernel < 5.14.13 - Out-of-bounds Write in Firewire Subsystem
Oct 20, 2021
CVSS 6.7
EPSS 0.00
CVE-2021-3746 MEDIUM
libtpms <0.8.5-0.7.9-0.6.6 - Memory Corruption
Oct 19, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-30846 HIGH
Safari < 15.0 - Remote Code Execution via Malicious Web Content
Oct 19, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-3872 HIGH
vim < 8.2.3487 - Heap-based Buffer Overflow
Oct 19, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-41991 HIGH
strongSwan 4.2.10-5.9.3 - Remote Integer Overflow in Certificate Cache
Oct 18, 2021
CVSS 7.5
EPSS 0.03
CVE-2021-41990 HIGH
strongSwan < 5.9.4 - Integer Overflow via RSASSA-PSS Certificate Signature
Oct 18, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-41611 HIGH
Squid 5.0.6-5.1.x - Improper Certificate Validation
Oct 18, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-38562 HIGH
Best Practical Request Tracker 4.2.0-4.2.16, 4.4.0-4.4.4, 5.0.0-5.0.1 - Information Disclosure via Timing Attack
Oct 18, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-38297 CRITICAL
Go <1.16.9, <1.17.2 - Buffer Overflow
Oct 18, 2021
CVSS 9.8
EPSS 0.11
CVE-2021-28021 HIGH
stb 2.26 - Out-of-bounds Write in stbi__extend_receive
Oct 15, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-3875 MEDIUM
vim < 8.2.3489 - Heap-based Buffer Overflow
Oct 15, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-41800 MEDIUM
MediaWiki < 1.36.2 - Denial of Service via Special:Contributions PoolCounter Mishandling
Oct 11, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-41799 HIGH
MediaWiki < 1.36.2 - Denial of Service via ApiQueryBacklinks
Oct 11, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-41798 MEDIUM
MediaWiki < 1.36.2 - Cross-Site Scripting via Month-Related Messages on Special:Search
Oct 11, 2021
CVSS 6.1
EPSS 0.00
CVE-2021-37976 MEDIUM KEV
Google Chrome < 94.0.4606.71 - Unauthenticated Sensitive Information Exposure via Crafted HTML Page
Oct 08, 2021
CVSS 6.5
EPSS 0.16
CVE-2021-37975 HIGH KEV
Google Chrome < 94.0.4606.71 - Use-After-Free in V8 via Crafted HTML Page
Oct 08, 2021
CVSS 8.8
EPSS 0.63
CVE-2021-37974 HIGH
Google Chrome < 94.0.4606.71 - Use-After-Free in Safebrowsing
Oct 08, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-37973 CRITICAL KEV
Google Chrome < 94.0.4606.61 - Use-After-Free in Portals
Oct 08, 2021
CVSS 9.6
EPSS 0.15
CVE-2021-37972 HIGH
Google Chrome < 94.0.4606.54 - Out-of-bounds Read in libjpeg-turbo via Crafted HTML Page
Oct 08, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-37971 MEDIUM
Google Chrome < 94.0.4606.54 - Security UI Spoofing via Omnibox Manipulation
Oct 08, 2021
CVSS 4.3
EPSS 0.00
CVE-2021-37970 HIGH
Google Chrome < 94.0.4606.54 - Use-After-Free in File System API
Oct 08, 2021
CVSS 8.8
EPSS 0.02
CVE-2021-37969 HIGH
Google Chrome < 94.0.4606.54 - Local Privilege Escalation via Crafted File
Oct 08, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-37968 MEDIUM
Google Chrome < 94.0.4606.54 - Cross-Origin Data Leak via Background Fetch API
Oct 08, 2021
CVSS 4.3
EPSS 0.01
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV