fedoraproject

Top products

The 15 most recently published vulnerabilities affecting fedoraproject.

• CVE-2026-35094Libinput: libinput: information disclosure via dangling pointer in lua plugin handling3.3Apr 1, 2026
• CVE-2026-35093Libinput: libinput: unauthorized code execution and information disclosure through lua bytecode plugins8.8Apr 1, 2026
• CVE-2023-4134Kernel: cyttsp4_core: use-after-free in cyttsp4_watchdog_work()5.5Nov 14, 2024
• CVE-2024-3056Podman: kernel: containers in shared ipc namespace are vulnerable to denial of service attack7.7Aug 2, 2024
• CVE-2024-6293Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)8.8Jun 24, 2024
• CVE-2024-6292Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)8.8Jun 24, 2024
• CVE-2024-6291Use after free in Swiftshader in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)8.8Jun 24, 2024
• CVE-2024-6290Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)8.8Jun 24, 2024
• CVE-2024-38277moodle: QR login key and auto-login key for the Moodle mobile app should be generated as separate keys5.4Jun 18, 2024
• CVE-2024-38276moodle: CSRF risks due to misuse of confirm_sesskey8.8Jun 18, 2024
• CVE-2024-38274moodle: stored XSS via calendar's event title when deleting the event6.1Jun 18, 2024
• CVE-2024-38273moodle: BigBlueButton web service leaks meeting joining information to users who should not have access5.4Jun 18, 2024
• CVE-2024-5847Use after free in PDFium in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium)8.8Jun 11, 2024
• CVE-2024-5846Use after free in PDFium in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium)8.8Jun 11, 2024
• CVE-2024-5845Use after free in Audio in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium)8.8Jun 11, 2024