fedoraproject

5,420 tracked vulnerabilities.

CVE-2021-36979 MEDIUM
Unicorn Engine 1.0.2 - Out-of-bounds Write in tb_flush_armeb
Jul 20, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-36976 MEDIUM
libarchive 3.4.1-3.5.1 - Use-After-Free in copy_string
Jul 20, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-32760 MEDIUM
containerd <1.4.8-1.5.4 - Privilege Escalation
Jul 19, 2021
CVSS 5.0
EPSS 0.00
CVE-2021-32749 MEDIUM
fail2ban <0.9.7, 0.10.0-0.10.6, 0.11.0-0.11.2 - RCE
Jul 16, 2021
CVSS 6.1
EPSS 0.00
CVE-2021-34558 MEDIUM
GO < 1.15.14 - Improper Certificate Validation
Jul 15, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-36740 MEDIUM
Varnish-cache Varnish Cache < 6.0.8 - HTTP Request Smuggling
Jul 14, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-24119 MEDIUM
Mbed TLS < 2.26.0 - Side-Channel Information Disclosure via Base64 PEM Decoding
Jul 14, 2021
CVSS 4.9
EPSS 0.01
CVE-2021-34552 CRITICAL
Pillow < 8.3.0 and PIL < 1.1.7 - Buffer Overflow in Convert.c
Jul 13, 2021
CVSS 9.8
EPSS 0.00
CVE-2021-32705 MEDIUM
Nextcloud Server <19.0.13, 20.011, 21.0.3 - Info Disclosure
Jul 12, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-32703 MEDIUM
Nextcloud Server <19.0.13, 20.011, 21.0.3 - Info Disclosure
Jul 12, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-32688 HIGH
Nextcloud Server <19.0.13, <20.0.11, <21.0.3 - Privilege Escalation
Jul 12, 2021
CVSS 8.8
EPSS 0.03
CVE-2021-32680 LOW
Nextcloud Server <19.0.13, 20.0.11, 21.0.3 - Info Disclosure
Jul 12, 2021
CVSS 3.3
EPSS 0.00
CVE-2021-36377 HIGH
Fossil <2.14.2, <2.15.2 - Info Disclosure
Jul 12, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-32679 LOW
Nextcloud Server <19.0.13, 20.0.11, 21.0.3 - Info Disclosure
Jul 12, 2021
CVSS 3.5
EPSS 0.01
CVE-2021-32678 LOW
Nextcloud Server <19.0.13, 20.0.11, 21.0.3 - Info Disclosure
Jul 12, 2021
CVSS 3.7
EPSS 0.00
CVE-2021-3612 HIGH
Linux Kernel < 5.9.0 - Out-of-Bounds Write via JSIOCSBTNMAP ioctl
Jul 09, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-3571 HIGH
linuxptp <3.1.1, <2.0.1 - Info Disclosure
Jul 09, 2021
CVSS 7.1
EPSS 0.01
CVE-2021-3570 HIGH
linuxptp < 1.5.1 - Remote Code Execution via PTP Message Forwarding
Jul 09, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-21779 HIGH
WebKitGTK 2.30.4 - Use-After-Free in GraphicsContext
Jul 08, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-21775 HIGH
WebKitGTK 2.30.4 - Use-After-Free in ImageLoader Event Processing
Jul 07, 2021
CVSS 8.0
EPSS 0.01
CVE-2021-32740 HIGH
Addressable 2.3.0-2.7.0 - Denial of Service via URI Template Matching
Jul 06, 2021
CVSS 7.5
EPSS 0.03
CVE-2021-30557 HIGH
Google Chrome <91.0.4472.114 - Use After Free
Jul 02, 2021
CVSS 8.8
EPSS 0.00
CVE-2021-30556 HIGH
Google Chrome <91.0.4472.114 - Use After Free
Jul 02, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-30554 HIGH KEV
Google Chrome <91.0.4472.114 - Use After Free
Jul 02, 2021
CVSS 8.8
EPSS 0.03
CVE-2021-35197 HIGH
MediaWiki < 1.31.15, 1.32.x-1.35.x < 1.35.3, 1.36.x < 1.36.1 - Incorrect Authorization via Purge API
Jul 02, 2021
CVSS 7.5
EPSS 0.01
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV