Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: vendors Tag: fedoraproject Clear
ID Title
CVE-2022-0492 KEV [KEV] Authentication Bypass in Linux c (CVE-2022-0492)
authentication bypass in Linux c (CVE-2022-0492). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2022-39399 Vulnerability in java (CVE-2022-39399)
vulnerability in java (CVE-2022-39399). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.0.17, 17.0.5, 19.0.1` or later.
CVE-2022-21619 Vulnerability in java (CVE-2022-21619)
vulnerability in java (CVE-2022-21619). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.351, 11.0.17, 17.0.5, 19.0.1` or later.
CVE-2022-21618 Authentication Bypass in java (CVE-2022-21618)
authentication bypass in java (CVE-2022-21618). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `17.0.5, 19.0.1` or later.
CVE-2022-21549 Unsafe Deserialization in java (CVE-2022-21549)
vulnerability in java (CVE-2022-21549). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `17.0.4` or later.
CVE-2022-21540 Use-After-Free in java (CVE-2022-21540)
vulnerability in java (CVE-2022-21540). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.351, 8.0.341, 11.0.16, 17.0.4, 18.0.2` or later.
CVE-2022-21293 Vulnerability in java (CVE-2022-21293)
vulnerability in java (CVE-2022-21293). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
CVE-2022-21291 Vulnerability in java (CVE-2022-21291)
vulnerability in java (CVE-2022-21291). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
CVE-2022-21283 Vulnerability in java (CVE-2022-21283)
vulnerability in java (CVE-2022-21283). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.0.14, 17.0.2` or later.
CVE-2021-35556 Vulnerability in java (CVE-2021-35556)
vulnerability in java (CVE-2021-35556). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.321, 8.0.311, 11.0.13, 17.0.1` or later.
CVE-2024-27004 Vulnerability in linux (CVE-2024-27004)
vulnerability in linux (CVE-2024-27004). Risk of unauthorized operations or information disclosure.
CVE-2024-27013 Vulnerability in linux (CVE-2024-27013)
vulnerability in linux (CVE-2024-27013). Risk of unauthorized operations or information disclosure.
CVE-2024-26988 Out-of-Bounds Write in c (CVE-2024-26988)
out-of-bounds write in c (CVE-2024-26988). Successful exploitation can lead to full system takeover.
CVE-2024-27012 Vulnerability in linux (CVE-2024-27012)
vulnerability in linux (CVE-2024-27012). Risk of unauthorized operations or information disclosure.
CVE-2024-28960 An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory.
An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory.
CVE-2023-6246 Vulnerability in privilege-escalation (CVE-2023-6246)
vulnerability in privilege-escalation (CVE-2023-6246). Successful exploitation can lead to full system takeover.
CVE-2023-6779 Vulnerability in gnu (CVE-2023-6779)
vulnerability in gnu (CVE-2023-6779). Risk of unauthorized operations or information disclosure.
CVE-2023-6780 Vulnerability in gnu (CVE-2023-6780)
vulnerability in gnu (CVE-2023-6780). Risk of unauthorized operations or information disclosure.
CVE-2023-51767 Vulnerability in openbsd (CVE-2023-51767)
vulnerability in openbsd (CVE-2023-51767). Successful exploitation can lead to full system takeover.
CVE-2023-48795 Vulnerability in russh (CVE-2023-48795)
vulnerability in russh (CVE-2023-48795). Data can be tampered with by attackers. Mitigation: upgrade to `0.40.2` or later.
CVE-2023-4911 KEV [KEV] Vulnerability in Gnu c (CVE-2023-4911)
vulnerability in Gnu c (CVE-2023-4911). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2023-38545 Out-of-Bounds Write in haxx (CVE-2023-38545)
out-of-bounds write in haxx (CVE-2023-38545). Successful exploitation can lead to full system takeover.
CVE-2023-44487 KEV [KEV] Vulnerability in Ietf golang.org/x/net (CVE-2023-44487)
vulnerability in Ietf golang.org/x/net (CVE-2023-44487). Risk of unauthorized operations or information disclosure. Exploitable via ``Channel``. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `0.17.0` or later.
CVE-2023-43615 Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow.
Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow.
CVE-2023-4806 Use-After-Free in gnu (CVE-2023-4806)
vulnerability in gnu (CVE-2023-4806). Risk of unauthorized operations or information disclosure.
CVE-2023-4527 Vulnerability in gnu (CVE-2023-4527)
vulnerability in gnu (CVE-2023-4527). Risk of unauthorized operations or information disclosure.
CVE-2023-4733 Use After Free in GitHub repository vim/vim prior to 9.0.1840.
Use After Free in GitHub repository vim/vim prior to 9.0.1840.
CVE-2023-4750 Use After Free in GitHub repository vim/vim prior to 9.0.1857.
Use After Free in GitHub repository vim/vim prior to 9.0.1857.
CVE-2023-38559 Out-of-Bounds Read in c (CVE-2023-38559)
vulnerability in c (CVE-2023-38559). Risk of unauthorized operations or information disclosure.
CVE-2022-27405 Out-of-Bounds Read in platform/external/freetype (CVE-2022-27405)
vulnerability in platform/external/freetype (CVE-2022-27405). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `13:2023-07-01` or later.
CVE-2023-25136 Vulnerability in openbsd (CVE-2023-25136)
vulnerability in openbsd (CVE-2023-25136). Risk of unauthorized operations or information disclosure.
CVE-2022-46392 Vulnerability in arm (CVE-2022-46392)
vulnerability in arm (CVE-2022-46392). Confidential information can be exposed externally.
CVE-2022-46393 Out-of-Bounds Read in arm (CVE-2022-46393)
vulnerability in arm (CVE-2022-46393). Successful exploitation can lead to full system takeover.
CVE-2022-2601 Vulnerability in gnu (CVE-2022-2601)
vulnerability in gnu (CVE-2022-2601). Successful exploitation can lead to full system takeover.
CVE-2022-21624 Unsafe Deserialization in c (CVE-2022-21624)
vulnerability in c (CVE-2022-21624). Risk of unauthorized operations or information disclosure.
CVE-2022-21626 Vulnerability in c (CVE-2022-21626)
vulnerability in c (CVE-2022-21626). Risk of unauthorized operations or information disclosure.
CVE-2022-38013 Vulnerability in Microsoft.AspNetCore.App.Runtime.linux-arm (CVE-2022-38013)
vulnerability in Microsoft.AspNetCore.App.Runtime.linux-arm (CVE-2022-38013). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.0.9` or later.
CVE-2022-2160 Vulnerability in google (CVE-2022-2160)
vulnerability in google (CVE-2022-2160). Confidential information can be exposed externally.
CVE-2022-34169 Vulnerability in apache (CVE-2022-34169)
vulnerability in apache (CVE-2022-34169). Data can be tampered with by attackers.
CVE-2020-28941 Vulnerability in c (CVE-2020-28941)
vulnerability in c (CVE-2020-28941). Risk of unauthorized operations or information disclosure.
CVE-2022-29145 Vulnerability in Microsoft.AspNetCore.App.Runtime.win-x64 (CVE-2022-29145)
vulnerability in Microsoft.AspNetCore.App.Runtime.win-x64 (CVE-2022-29145). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.0.5` or later.
CVE-2022-29117 .NET and Visual Studio Denial of Service Vulnerability
.NET and Visual Studio Denial of Service Vulnerability
CVE-2022-27406 Out-of-Bounds Read in freetype (CVE-2022-27406)
vulnerability in freetype (CVE-2022-27406). Risk of unauthorized operations or information disclosure.
CVE-2022-0778 Vulnerability in dos (CVE-2022-0778)
vulnerability in dos (CVE-2022-0778). Risk of unauthorized operations or information disclosure.
CVE-2022-24512 Code Injection in Microsoft.NETCore.App.Runtime.linux-arm (CVE-2022-24512)
code injection in Microsoft.NETCore.App.Runtime.linux-arm (CVE-2022-24512). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.0.3` or later.
CVE-2022-24464 Vulnerability in Microsoft.AspNetCore.App.Runtime.linux-arm (CVE-2022-24464)
vulnerability in Microsoft.AspNetCore.App.Runtime.linux-arm (CVE-2022-24464). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.0.3` or later.
CVE-2021-44832 Vulnerability in org.apache.logging.log4j:log4j-core (CVE-2021-44832)
vulnerability in org.apache.logging.log4j:log4j-core (CVE-2021-44832). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.17.1` or later.
CVE-2021-4104 Unsafe Deserialization in apache (CVE-2021-4104)
vulnerability in apache (CVE-2021-4104). Successful exploitation can lead to full system takeover.
CVE-2021-41617 Privilege Escalation in privilege-escalation (CVE-2021-41617)
vulnerability in privilege-escalation (CVE-2021-41617). Successful exploitation can lead to full system takeover.
CVE-2020-1971 Vulnerability in dos (CVE-2020-1971)
vulnerability in dos (CVE-2020-1971). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →