fedora Cyber Security Vulnerability Stats and Metrics

Default Credential Vulnerability in Fedora Repository by LYRASIS

CVE-2025-23012

Fedora RepositoryFedora Repository8.7HIGH

Path Traversal in Fedora Repository 3.8.1 Affects File Security

CVE-2025-23011

Fedora RepositoryFedora Repository8.7HIGH

Arbitrary Configuration Parameter Injection Vulnerability in dnf5 D-Bus Daemon

CVE-2024-2746

FedoraDnf5daemon-server8.8HIGH

Local Root Exploit via Configuration Dictionary

CVE-2024-1929

FedoraDnf5daemon-server7.5HIGH

No Limit on Number of Open Sessions Leads to Memory Exhaustion and Impacts Availability

CVE-2024-1930

FedoraDnf5daemon-server6.5MEDIUM

Stack Overflow Bug in ofono's Decode_Deliver_Report Function Could Lead to SMS Attacks

CVE-2023-4235

FedoraOfono

Stack Overflow Bug in ofono Affects SMS Decoding

CVE-2023-4234

FedoraOfono8.1HIGH

Stack Overflow Bug in ofono Affects SMS Decoding

CVE-2023-4233

FedoraOfono

Stack Overflow Bug in ofono Leads to SMS Decoding Vulnerability

CVE-2023-4232

FedoraOfono

Stack Overflow Bug in ofono's Decode_Deliver Function Could Lead to SMS Attacks

CVE-2023-2794

FedoraOfono8.1HIGH

Vulnerability in OSH Service Allows for Token Disclosure and Arbitrary Command Execution

CVE-2024-2243

FedoraCsmock7.6HIGH

Unrestricted Comment Access on Dashboard

CVE-2024-25983

FedoraMoodle5.3MEDIUM

Forum Export Flaw Allows Unauthorized Access to Non-Editing Teachers

CVE-2024-25981

FedoraMoodle5.3MEDIUM

Incorrect Group Restrictions in H5P Attempts Report

CVE-2024-25980

FedoraMoodle5.3MEDIUM

Msa-24-0002: forum search accepted random parameters in its url

CVE-2024-25979

FedoraMoodle5.3MEDIUM

Msa-24-0001: denial of service risk in file picker unzip functionality

CVE-2024-25978

FedoraMoodle7.5HIGH

Timing Variant of Bleichenbacher Attack Affects Cryptlib Cryptographic Library

CVE-2024-0202

Fedoracryptlib5.9MEDIUM

Untrusted Search Path Vulnerability in Yarn

CVE-2021-4435

FedoraYarn7.7HIGH

Pkcs11-provider: side-channel proofing pkcs#1 1.5 paths

CVE-2023-6258

Fedorapkcs11-provider8.1HIGH

W3m: out-of-bounds write in function checktype() in etc.c (incomplete fix for cve-2022-38223)

CVE-2023-4255

FedoraW3m5.5MEDIUM

Tcpreplay: tcprewrite: double free in tcpedit_dlt_cleanup() in plugins/dlt_plugins.c

CVE-2023-4256

FedoraTcpreplay5.5MEDIUM

Openimageio: heap-buffer-overflow in file src/gif.imageio/gifinput.cpp

CVE-2023-3430

FedoraOpenImageIO7.5HIGH

Moodle: duplicating a bigbluebutton activity assigns the same meeting id

CVE-2023-5543

Fedoramoodle3.3LOW

Authenticated remote code execution risk in lesson

CVE-2023-5539

Fedoramoodle👾🟡8.8HIGH

Authenticated remote code execution risk in imscp

CVE-2023-5540

Fedoramoodle👾🟡8.8HIGH

fedora Summary

Vulnerability Published:

Sort By:

23 January 2025

Default Credential Vulnerability in Fedora Repository by LYRASIS

Path Traversal in Fedora Repository 3.8.1 Affects File Security

8 May 2024

Arbitrary Configuration Parameter Injection Vulnerability in dnf5 D-Bus Daemon

Local Root Exploit via Configuration Dictionary

No Limit on Number of Open Sessions Leads to Memory Exhaustion and Impacts Availability

17 April 2024

Stack Overflow Bug in ofono's Decode_Deliver_Report Function Could Lead to SMS Attacks

Stack Overflow Bug in ofono Affects SMS Decoding

Stack Overflow Bug in ofono Affects SMS Decoding

Stack Overflow Bug in ofono Leads to SMS Decoding Vulnerability

10 April 2024

Stack Overflow Bug in ofono's Decode_Deliver Function Could Lead to SMS Attacks

Vulnerability in OSH Service Allows for Token Disclosure and Arbitrary Command Execution

19 February 2024

Unrestricted Comment Access on Dashboard

Forum Export Flaw Allows Unauthorized Access to Non-Editing Teachers

Incorrect Group Restrictions in H5P Attempts Report

Msa-24-0002: forum search accepted random parameters in its url

Msa-24-0001: denial of service risk in file picker unzip functionality

5 February 2024

Timing Variant of Bleichenbacher Attack Affects Cryptlib Cryptographic Library

4 February 2024

Untrusted Search Path Vulnerability in Yarn

30 January 2024

Pkcs11-provider: side-channel proofing pkcs#1 1.5 paths

21 December 2023

W3m: out-of-bounds write in function checktype() in etc.c (incomplete fix for cve-2022-38223)

Tcpreplay: tcprewrite: double free in tcpedit_dlt_cleanup() in plugins/dlt_plugins.c

18 December 2023

Openimageio: heap-buffer-overflow in file src/gif.imageio/gifinput.cpp

9 November 2023

Moodle: duplicating a bigbluebutton activity assigns the same meeting id

Authenticated remote code execution risk in lesson

Authenticated remote code execution risk in imscp