fedoraproject
5,423 tracked vulnerabilities.
CVE-2024-2044
CRITICAL
pgAdmin4 < 8.4 - Unauthenticated Path Traversal and Remote Code Execution via Session Deserialization
Mar 07, 2024
CVSS 9.9
EPSS 0.79
CVE-2024-1931
HIGH
Unbound 1.18.0-1.19.1 - Denial of Service via EDE Record Trimming Infinite Loop
Mar 07, 2024
CVSS 7.5
EPSS 0.03
CVE-2024-2176
HIGH
Google Chrome <122.0.6261.111 - Use After Free
Mar 06, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-2174
HIGH
Google Chrome <122.0.6261.111 - Heap Corruption
Mar 06, 2024
CVSS 8.8
EPSS 0.13
CVE-2024-2173
HIGH
Google Chrome <122.0.6261.111 - Memory Corruption
Mar 06, 2024
CVSS 8.8
EPSS 0.14
CVE-2024-25111
HIGH
Squid 3.5.27-6.7 - Denial of Service via HTTP Chunked Decoder Uncontrolled Recursion
Mar 06, 2024
CVSS 8.6
EPSS 0.65
CVE-2024-28084
HIGH
Intel IWD < 2.15 - Denial of Service via Service Information Parsing Failure
Mar 03, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-24246
MEDIUM
qpdf 11.9.0 - Heap-based Buffer Overflow via std::__shared_count()
Feb 29, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-22871
HIGH
Clojure 1.2.0-1.11.2 - Denial of Service via clojure.core$partial$fn__5920
Feb 29, 2024
CVSS 7.5
EPSS 0.02
CVE-2024-25713
HIGH
yyjson <= 0.8.0 - Remote Code Execution via Double Free in Pool Allocator
Feb 29, 2024
CVSS 8.6
EPSS 0.02
CVE-2024-1939
HIGH
Google Chrome <122.0.6261.94 - Heap Corruption
Feb 29, 2024
CVSS 8.8
EPSS 0.03
CVE-2024-1938
HIGH
Google Chrome <122.0.6261.94 - Remote Code Execution
Feb 29, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-27285
MEDIUM
yard < 0.9.36 - Cross-Site Scripting in frames.erb Template
Feb 28, 2024
CVSS 5.4
EPSS 0.01
CVE-2024-27507
HIGH
libLAS 1.8.1 - Use-After-Free in ts2las.cpp
Feb 27, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-25711
HIGH
diffoscope < 256 - Directory Traversal via GPG Embedded Filename
Feb 27, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-25082
MEDIUM
FontForge <20230101 - Command Injection
Feb 26, 2024
CVSS 6.5
EPSS 0.02
CVE-2024-25081
MEDIUM
FontForge <20230101 - Command Injection
Feb 26, 2024
CVSS 4.2
EPSS 0.01
CVE-2024-24568
MEDIUM
Suricata 7.0.0-7.0.2 - Improper Access Control via HTTP2 Header Inspection Bypass
Feb 26, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-23839
HIGH
Suricata 7.0.0-7.0.2 - Use-After-Free via HTTP Header Keyword
Feb 26, 2024
CVSS 7.1
EPSS 0.01
CVE-2024-23837
HIGH
libhtp < 0.5.46 - Denial of Service via HTTP Header Processing
Feb 26, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-23836
HIGH
Suricata < 6.0.16 and 7.0.3 - Denial of Service via Resource Exhaustion
Feb 26, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-23835
HIGH
Suricata 7.0.0-7.0.2 - Denial of Service via PostgreSQL Parser Memory Exhaustion
Feb 26, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-1622
HIGH
Routinator < 0.13.2 - Denial of Service via RTR Connection Reset
Feb 26, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-21501
MEDIUM
sanitize-html < 2.12.1 - Information Exposure via Style Attribute
Feb 24, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-27319
MEDIUM
ONNX < 1.16.0 - Out-of-bounds Read via ONNX_ASSERT Function
Feb 23, 2024
CVSS 4.4
EPSS 0.01
Products
fedora 5,353
extra_packages_for_enterprise_linux 76
389_directory_server 39
sssd 19
fedora_core 8
389_administration_server 1
anaconda 1
arm_installer 1
commons 1
coolkey 1
crypto-utils 1
fedmsg 1
fedora_linux_kernel 1
python-fedora 1
sectool 1
selinux-policy 1
spin-kickstarts 1
supybot-fedora 1
unbound 1
Quick Filters