fedoraproject

5,420 tracked vulnerabilities.

CVE-2024-2174 HIGH
Google Chrome <122.0.6261.111 - Heap Corruption
Mar 06, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-2173 HIGH
Google Chrome <122.0.6261.111 - Memory Corruption
Mar 06, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-25111 HIGH
Squid 3.5.27-6.7 - Denial of Service via HTTP Chunked Decoder Uncontrolled Recursion
Mar 06, 2024
CVSS 8.6
EPSS 0.03
CVE-2024-28084 HIGH
Intel IWD < 2.15 - Denial of Service via Service Information Parsing Failure
Mar 03, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-24246 MEDIUM
qpdf 11.9.0 - Heap-based Buffer Overflow via std::__shared_count()
Feb 29, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-22871 HIGH
Clojure 1.2.0-1.11.2 - Denial of Service via clojure.core$partial$fn__5920
Feb 29, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-25713 HIGH
yyjson <= 0.8.0 - Remote Code Execution via Double Free in Pool Allocator
Feb 29, 2024
CVSS 8.6
EPSS 0.06
CVE-2024-1939 HIGH
Google Chrome <122.0.6261.94 - Heap Corruption
Feb 29, 2024
CVSS 8.8
EPSS 0.46
CVE-2024-1938 HIGH
Google Chrome <122.0.6261.94 - Remote Code Execution
Feb 29, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-27285 MEDIUM
yard < 0.9.36 - Cross-Site Scripting in frames.erb Template
Feb 28, 2024
CVSS 5.4
EPSS 0.03
CVE-2024-27507 HIGH
libLAS 1.8.1 - Use-After-Free in ts2las.cpp
Feb 27, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-25711 HIGH
diffoscope < 256 - Directory Traversal via GPG Embedded Filename
Feb 27, 2024
CVSS 7.5
EPSS 0.05
CVE-2024-25082 MEDIUM
FontForge <20230101 - Command Injection
Feb 26, 2024
CVSS 6.5
EPSS 0.02
CVE-2024-25081 MEDIUM
FontForge <20230101 - Command Injection
Feb 26, 2024
CVSS 4.2
EPSS 0.00
CVE-2024-24568 MEDIUM
Suricata 7.0.0-7.0.2 - Improper Access Control via HTTP2 Header Inspection Bypass
Feb 26, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-23839 HIGH
Suricata 7.0.0-7.0.2 - Use-After-Free via HTTP Header Keyword
Feb 26, 2024
CVSS 7.1
EPSS 0.00
CVE-2024-23837 HIGH
libhtp < 0.5.46 - Denial of Service via HTTP Header Processing
Feb 26, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-23836 HIGH
Suricata < 6.0.16 and 7.0.3 - Denial of Service via Resource Exhaustion
Feb 26, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-23835 HIGH
Suricata 7.0.0-7.0.2 - Denial of Service via PostgreSQL Parser Memory Exhaustion
Feb 26, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-1622 HIGH
Routinator < 0.13.2 - Denial of Service via RTR Connection Reset
Feb 26, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-21501 MEDIUM
sanitize-html < 2.12.1 - Information Exposure via Style Attribute
Feb 24, 2024
CVSS 5.3
EPSS 0.02
CVE-2024-27319 MEDIUM
ONNX < 1.16.0 - Out-of-bounds Read via ONNX_ASSERT Function
Feb 23, 2024
CVSS 4.4
EPSS 0.00
CVE-2024-27318 HIGH
ONNX < 1.16.0 - Path Traversal via External Data Field
Feb 23, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-25629 MEDIUM
c-ares < 1.27.0 - Out-of-bounds Read in ares__read_line()
Feb 23, 2024
CVSS 4.4
EPSS 0.00
CVE-2024-24479 HIGH
Wireshark < 4.2.0 - Denial of Service via wsutil/to_str.c Fractional Part Formatting
Feb 21, 2024
CVSS 7.5
EPSS 0.00
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV