Where
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how fedora compares to other vendors in security performance

View Risk Score →

Dark Reading'Dirty Frag' Exploit Poised to Blow Up on Enterprise Linux Distros

Exploited
First published (updated )
News
Dark Reading

oss-secSystemd vsock sshd

First published (updated )
https://seclists.org/oss-sec/2025/q4/344

Questionable CVE's ported against dnsmasq

First published (updated )
https://seclists.org/oss-sec/2025/q4/121

Fedora shim-x64The Fedora Secure Boot CA certificate shipped with shim-x64 in Fedora 38 was expired which could lea…

Risk 5
Severity
1
First published (updated )
REDHAT-BUG-2388707

Fedora shim-x64Shim: expired secure boot certificate

Risk 24
Severity
4.1
First published (updated )
CVE-2023-5342
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Local information disclosuin apport and systemd-codump

First published (updated )
https://seclists.org/oss-sec/2025/q2/183

Fedora Linux KernelThe Linux Kernel lockdown mode for kernel versions starting on 6.12 and above for Fedora Linux has t…

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-2345615

Fedora RepositoryFedora Repository fedoraIntCallUser default credentials

Risk 33
Severity
8.7
EPSS
0.04%
First published (updated )
CVE-2025-23012

Fedora RepositoryFedora Repository archive extraction path traversal

Risk 56
Severity
8.8
EPSS
0.04%
First published (updated )
CVE-2025-23011

Fedora KojiCurrently, the fields in the query string are not sanitized for special characters in Fedora Koji

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-2316047
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

feedback quested garding depcation of TLS 1.0/1.1

First published (updated )
https://seclists.org/oss-sec/2024/q3/153

linux-distros application for CentOS Project's Hyperscale SIG

First published (updated )
https://seclists.org/oss-sec/2024/q3/106

linux-distros application for CentOS Project's Hyperscale SIG

First published (updated )
https://seclists.org/oss-sec/2024/q3/104

The RegisterWhat can be done to protect open source devs from next xz backdoor drama?

First published (updated )
News
The Register

CVE-2024-1048: grub2-set-bootflag may be abused to fill up /boot, bypass RLIMIT_NPROC

First published (updated )
https://seclists.org/oss-sec/2024/q1/112
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

BleepingComputerCISA orders federal agencies to patch Looney Tunables Linux bug

Zeroday
First published (updated )
News
BleepingComputer

CVE-2023-4911: Local Privilege Escalation in the glibc's ld.so

First published (updated )
https://seclists.org/oss-sec/2023/q4/42

Fedoraproject FedoraBottles before 51.0 mishandles YAML load, which allows remote code execution via a crafted file.

Risk 68
Severity
7.8
First published (updated )
CVE-2023-22970

Fedoraproject FedoraInsufficient randomness in generation of DNS query IDs in c-ares

Risk 40
Severity
6.5
First published (updated )
CVE-2023-31147

ubuntu/c-aresBuffer Underwrite in ares_inet_net_pton()

Risk 61
Severity
6.4
First published (updated )
CVE-2023-31130
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Fedoraproject FedoraAutoTools does not set CARES_RANDOM_FILE during cross compilation

Risk 40
Severity
6.5
First published (updated )
CVE-2023-31124

pip/requestsUnintended leak of Proxy-Authorization header in requests

Risk 38
Severity
6.1
First published (updated )
CVE-2023-32681

ubuntu/avahiA vulnerability was found in the avahi library. This flaw allows an unprivileged user to make a dbus…

Risk 37
Severity
6.2
First published (updated )
CVE-2023-1981

Red Hat dnsmasqdnsmasq, as shipped with Fedora and Red Hat Enterprise Linux, has a default configuration that makes…

Risk 18
Severity
4
First published (updated )
REDHAT-BUG-1851342

Fedora gdNull Pointer Dereference

Risk 5
Severity
1
First published (updated )
REDHAT-BUG-1600727
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Fedora pure-ftpdWhen rebasing pure-ftpd in Fedora 26, 27 and Rawhide, a packaging error occurred due to which the or…

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-1493114

KDE ArtsRace Condition

Risk 18
Severity
4
First published (updated )
REDHAT-BUG-1280543

Fedora AtomicIt was reported that Fedora Atomic updates are trivially vulnerable to a MITM attack. Upstream fix:…

Risk 32
Severity
7
First published (updated )
REDHAT-BUG-1231800

Fedora Pacemaker Configuration SystemThe pcs daemon (pcsd) in PCS 0.9.137 and earlier does not include the HTTPOnly flag in a Set-Cookie …

Risk 22
Severity
4.3
First published (updated )
CVE-2015-3983

redhat Enterprise Linux High AvailabilityThe pcs daemon (pcsd) in PCS 0.9.137 and earlier does not set the secure flag for a cookie in an htt…

Risk 47
Severity
6.8
First published (updated )
CVE-2015-1848
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203