fedoraproject
5,423 tracked vulnerabilities.
CVE-2021-32625
HIGH
Redis 6.0.0-6.0.13 - Remote Code Execution via STRALGO LCS Command Integer Overflow
Jun 02, 2021
CVSS 7.5
EPSS 0.04
CVE-2021-28678
MEDIUM
Pillow < 8.2.0 - Denial of Service via BLP Image Data Handling
Jun 02, 2021
CVSS 5.5
EPSS 0.01
CVE-2021-28677
HIGH
Pillow < 8.2.0 - Denial of Service via EPS Line Ending Parsing
Jun 02, 2021
CVSS 7.5
EPSS 0.02
CVE-2021-28676
HIGH
Pillow < 8.2.0 - Denial of Service via FLI Block Advance Infinite Loop
Jun 02, 2021
CVSS 7.5
EPSS 0.02
CVE-2021-25288
CRITICAL
Pillow < 8.2.0 - Out-of-bounds Read in J2kDecode
Jun 02, 2021
CVSS 9.1
EPSS 0.02
CVE-2021-25287
CRITICAL
Pillow < 8.2.0 - Out-of-bounds Read in J2kDecode
Jun 02, 2021
CVSS 9.1
EPSS 0.03
CVE-2021-28675
MEDIUM
Pillow < 8.2.0 - Denial of Service in PSDImagePlugin
Jun 02, 2021
CVSS 5.5
EPSS 0.01
CVE-2021-3543
MEDIUM
Nitro Enclaves < 5.10.0 - NULL Pointer Dereference via Enclave File Descriptor Closure
Jun 01, 2021
CVSS 6.7
EPSS 0.00
CVE-2021-3516
HIGH
xmllint < 2.9.11 - Use-After-Free
Jun 01, 2021
CVSS 7.8
EPSS 0.02
CVE-2021-23017
HIGH
nginx 0.6.18-1.20.0 - Denial of Service via DNS Resolver Off-by-one Error
Jun 01, 2021
CVSS 7.7
EPSS 0.53
CVE-2021-29505
HIGH
NUCLEI
XStream < 1.4.17 - Remote Code Execution via Untrusted Data Deserialization
May 28, 2021
CVSS 7.5
EPSS 0.78
CVE-2021-32642
HIGH
radsecproxy - Configuration Injection via Crafted RadSec Peer Discovery DNS Records
May 28, 2021
CVSS 7.0
EPSS 0.01
CVE-2021-33620
MEDIUM
Squid < 4.15 and 5.x < 5.0.6 - Denial of Service via HTTP Response Header
May 28, 2021
CVSS 6.5
EPSS 0.80
CVE-2021-20292
MEDIUM
Linux Kernel < 5.9 - Use-After-Free in Nouveau DRM Subsystem
May 28, 2021
CVSS 6.7
EPSS 0.01
CVE-2021-20240
HIGH
gdk-pixbuf < 2.42.0 - Integer Underflow via Crafted GIF Image
May 28, 2021
CVSS 8.8
EPSS 0.02
CVE-2021-20239
LOW
Linux kernel <5.4.92 - Info Disclosure
May 28, 2021
CVSS 3.3
EPSS 0.00
CVE-2021-20236
CRITICAL
ZeroMQ < 4.3.3 - Stack Buffer Overflow via Topic Subscription Requests
May 28, 2021
CVSS 9.8
EPSS 0.02
CVE-2021-31808
MEDIUM
Squid < 4.15 and 5.x < 5.0.6 - Denial of Service via HTTP Range Request
May 27, 2021
CVSS 6.5
EPSS 0.05
CVE-2021-33200
HIGH
Linux kernel <5.12.7 - Privilege Escalation
May 27, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-31806
MEDIUM
Squid < 4.15 and 5.x < 5.0.6 - Denial of Service via HTTP Range Request Processing
May 27, 2021
CVSS 6.5
EPSS 0.96
CVE-2021-31535
CRITICAL
libX11 < 1.7.1 - Remote Code Execution via XLookupColor Request
May 27, 2021
CVSS 9.8
EPSS 0.11
CVE-2021-31525
MEDIUM
GO < 1.15.12 - Denial of Service
May 27, 2021
CVSS 5.9
EPSS 0.04
CVE-2021-30465
HIGH
runc < 1.0.0-rc95 - Container Filesystem Breakout via Directory Traversal Race Condition
May 27, 2021
CVSS 8.5
EPSS 0.07
CVE-2021-28662
MEDIUM
Squid 4.0.1-4.14 and 5.0-5.0.5 - Denial of Service via HTTP Response Header
May 27, 2021
CVSS 6.5
EPSS 0.72
CVE-2021-28652
MEDIUM
Squid < 4.15 and 5.x < 5.0.6 - Authenticated Denial of Service via Cache Manager API Short Query String
May 27, 2021
CVSS 4.9
EPSS 0.04
Products
fedora 5,353
extra_packages_for_enterprise_linux 76
389_directory_server 39
sssd 19
fedora_core 8
389_administration_server 1
anaconda 1
arm_installer 1
commons 1
coolkey 1
crypto-utils 1
fedmsg 1
fedora_linux_kernel 1
python-fedora 1
sectool 1
selinux-policy 1
spin-kickstarts 1
supybot-fedora 1
unbound 1
Quick Filters