fedoraproject

5,420 tracked vulnerabilities.

CVE-2021-39360 MEDIUM
libzapojit < 0.0.3 - Improper Certificate Validation in SoupSessionSync
Aug 22, 2021
CVSS 5.9
EPSS 0.01
CVE-2021-39359 MEDIUM
GNOME libgda < 6.0.0 - Improper Certificate Validation in SoupSessionSync
Aug 22, 2021
CVSS 5.9
EPSS 0.00
CVE-2021-39358 MEDIUM
libgfbgraph < 0.2.4 - Improper Certificate Validation in SoupSessionSync
Aug 22, 2021
CVSS 5.9
EPSS 0.00
CVE-2021-25218 HIGH
BIND 9.16.19 9.17.16 and 9.16.19-S1 - Reachable Assertion
Aug 18, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-39242 HIGH
HAProxy 2.2.0-2.2.15, 2.3.0-2.3.12, 2.4.0-2.4.2 - HTTP Host Header Handling Issue
Aug 17, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-39241 MEDIUM
HAProxy 2.0-2.0.23, 2.2-2.2.15, 2.3-2.3.12, 2.4-2.4.2 - HTTP Request Smuggling via Method Name Space Bypass
Aug 17, 2021
CVSS 5.3
EPSS 0.00
CVE-2021-39240 HIGH
HAProxy 2.2-2.2.15, 2.3-2.3.12, 2.4-2.4.2 - HTTP Request Smuggling via URI Scheme and Path Mismatch
Aug 17, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-33193 HIGH
Apache HTTP Server <2.4.49 - SSRF
Aug 16, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-3635 MEDIUM
Linux Kernel < 5.5-rc7 - Denial of Service via Netfilter Netflow Commands
Aug 13, 2021
CVSS 4.4
EPSS 0.00
CVE-2021-3573 MEDIUM
Linux Kernel <5.13 - Use After Free
Aug 13, 2021
CVSS 6.4
EPSS 0.00
CVE-2021-37695 HIGH
CKEditor < 4.16.2 - Stored Cross-Site Scripting via Fake Objects HTML Injection
Aug 13, 2021
CVSS 7.3
EPSS 0.01
CVE-2021-31556 CRITICAL
MediaWiki <1.35.2 - Info Disclosure
Aug 12, 2021
CVSS 9.8
EPSS 0.01
CVE-2021-32809 MEDIUM
CKEditor 4.5.2-4.16.1 - HTML Injection via Malformed Paste Content
Aug 12, 2021
CVSS 4.6
EPSS 0.00
CVE-2021-32808 HIGH
CKEditor 4.13.0-4.16.1 - Stored Cross-Site Scripting via Clipboard Widget Undo Feature
Aug 12, 2021
CVSS 7.6
EPSS 0.01
CVE-2021-38604 HIGH
GNU C Library < 2.34 - Null Pointer Dereference
Aug 12, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-20314 CRITICAL
libspf2 < 1.2.11 - Stack Buffer Overflow via SPF Macro Processing
Aug 12, 2021
CVSS 9.8
EPSS 0.00
CVE-2021-38593 HIGH
Qt <5.15.6, <=6.1.2 - Buffer Overflow
Aug 12, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-36770 HIGH
p5-encode 3.05-3.11 - Uncontrolled Search Path Element via Encode::ConfigLocal Library
Aug 11, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-0004 MEDIUM
Intel Ethernet Controller E810 Firmware < 1.5.3.0 - Denial of Service via Improper Buffer Restrictions
Aug 11, 2021
CVSS 4.4
EPSS 0.00
CVE-2021-0002 HIGH
Intel Ethernet Controller E810 Firmware < 1.4.11 - Authenticated Denial of Service via Local Access
Aug 11, 2021
CVSS 7.1
EPSS 0.00
CVE-2021-38512 HIGH
actix-http <3.0.0-beta.9 - Info Disclosure
Aug 10, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-37615 MEDIUM
Exiv2 < 0.27.4 - Denial of Service via Crafted Image Metadata
Aug 09, 2021
CVSS 4.7
EPSS 0.00
CVE-2021-34335 MEDIUM
exiv2 < 0.27.4 - Denial of Service via Integer Divide by Zero
Aug 09, 2021
CVSS 4.7
EPSS 0.00
CVE-2021-37622 MEDIUM
exiv2 < 0.27.4 - Denial of Service via IPTC Data Deletion
Aug 09, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-37621 MEDIUM
exiv2 < 0.27.4 - Denial of Service via Crafted Image ICC Profile
Aug 09, 2021
CVSS 5.5
EPSS 0.00
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV