fedoraproject

5,420 tracked vulnerabilities.

CVE-2021-35042 CRITICAL NUCLEI
Django <3.1.13, <3.2.5 - SQL Injection
Jul 02, 2021
CVSS 9.8
EPSS 0.91
CVE-2021-36087 LOW
SELinux 3.2 - Heap-Based Buffer Over-Read in CIL Compiler
Jul 01, 2021
CVSS 3.3
EPSS 0.00
CVE-2021-36086 LOW
SELinux < 3.3 - Use-After-Free in CIL Compiler
Jul 01, 2021
CVSS 3.3
EPSS 0.00
CVE-2021-36085 LOW
SELinux 3.2 - Use-After-Free in CIL Compiler
Jul 01, 2021
CVSS 3.3
EPSS 0.00
CVE-2021-36084 LOW
SELinux 3.2 - Use-After-Free in CIL Compiler Class Permission Verification
Jul 01, 2021
CVSS 3.3
EPSS 0.00
CVE-2021-3630 MEDIUM
DjVuLibre < 3.5.28 - Out-of-bounds Write in DJVU::DjVuTXT::decode()
Jun 30, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-33503 HIGH
urllib3 >=1.25.4 <1.26.5 - Denial of Service via Authority Component Regex Backtracking
Jun 29, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-33515 MEDIUM
Dovecot <2.3.15 - Command Injection
Jun 28, 2021
CVSS 4.8
EPSS 0.06
CVE-2021-29157 HIGH
Dovecot < 2.3.15 - Path Traversal via OAuth2 JWT Validation Key Path
Jun 28, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-32708 CRITICAL
Flysystem 1.0.0-1.1.3 - Remote Code Execution via Unicode Whitespace in File Extension
Jun 24, 2021
CVSS 9.8
EPSS 0.07
CVE-2021-0561 MEDIUM
Android 11 - Out-of-bounds Write in stream_encoder.c
Jun 22, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-29063 HIGH
mpmath 1.0.0-1.2.1 - Regular Expression Denial of Service via mpmathify Function
Jun 21, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-34825 HIGH
Quassel < 0.13.1 - Cleartext Transmission of Sensitive Information via Missing Certificate Check
Jun 17, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-3603 HIGH
PHPMailer < 6.4.1 - Untrusted Code Execution via validateAddress Function
Jun 17, 2021
CVSS 8.1
EPSS 0.01
CVE-2021-34551 HIGH
PHPMailer < 6.5.0 - Remote Code Execution via Untrusted lang_path UNC Pathname
Jun 16, 2021
CVSS 8.1
EPSS 0.02
CVE-2021-33813 HIGH
JDOM < 2.0.6 - XML External Entity Injection via SAXBuilder
Jun 16, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-30553 HIGH
Google Chrome <91.0.4472.101 - Use After Free
Jun 15, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-30552 HIGH
Google Chrome <91.0.4472.101 - Use After Free
Jun 15, 2021
CVSS 8.8
EPSS 0.00
CVE-2021-30551 HIGH KEV
Google Chrome <91.0.4472.101 - Heap Corruption
Jun 15, 2021
CVSS 8.8
EPSS 0.82
CVE-2021-30550 HIGH
Google Chrome <91.0.4472.101 - Use After Free
Jun 15, 2021
CVSS 8.8
EPSS 0.00
CVE-2021-30549 HIGH
Google Chrome <91.0.4472.101 - Use After Free
Jun 15, 2021
CVSS 8.8
EPSS 0.00
CVE-2021-30548 HIGH
Google Chrome <91.0.4472.101 - Use After Free
Jun 15, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-30547 HIGH
Google Chrome <91.0.4472.101 - Memory Corruption
Jun 15, 2021
CVSS 8.8
EPSS 0.03
CVE-2021-30546 HIGH
Google Chrome <91.0.4472.101 - Use After Free
Jun 15, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-30545 HIGH
Google Chrome <91.0.4472.101 - Use After Free
Jun 15, 2021
CVSS 8.8
EPSS 0.01
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV