Vulnerabilities > Redhat > Enterprise Linux EUS
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-12-23 | CVE-2021-3621 | OS Command Injection vulnerability in multiple products A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. | 8.8 |
2021-11-23 | CVE-2021-3672 | Cross-site Scripting vulnerability in multiple products A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. | 5.6 |
2021-07-09 | CVE-2021-3570 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the ptp4l program of the linuxptp package. | 8.8 |
2021-05-27 | CVE-2020-14301 | An information disclosure vulnerability was found in libvirt in versions before 6.3.0. | 6.5 |
2020-10-07 | CVE-2020-14355 | Classic Buffer Overflow vulnerability in multiple products Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. | 6.6 |
2020-08-07 | CVE-2020-9490 | HTTP Request Smuggling vulnerability in multiple products Apache HTTP Server versions 2.4.20 to 2.4.43. | 7.5 |
2020-07-31 | CVE-2020-14311 | There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. | 6.0 |
2020-07-31 | CVE-2020-14310 | Integer Overflow or Wraparound vulnerability in multiple products There is an issue on grub2 before version 2.06 at function read_section_as_string(). | 6.0 |
2020-02-07 | CVE-2019-15606 | Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of authorization based on header value comparisons | 9.8 |
2020-02-07 | CVE-2019-15605 | HTTP Request Smuggling vulnerability in multiple products HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed | 9.8 |