Vulnerabilities > Redhat > Enterprise Linux EUS > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-03-10 CVE-2021-3733 Resource Exhaustion vulnerability in multiple products
There's a flaw in urllib's AbstractBasicAuthHandler class.
network
low complexity
python redhat fedoraproject netapp CWE-400
6.5
2022-03-04 CVE-2021-3744 A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption).
local
low complexity
linux fedoraproject debian redhat oracle
5.5
2022-02-18 CVE-2016-2124 Improper Authentication vulnerability in multiple products
A flaw was found in the way samba implemented SMB1 authentication.
network
high complexity
samba debian fedoraproject redhat canonical CWE-287
5.9
2021-11-23 CVE-2021-3672 Cross-site Scripting vulnerability in multiple products
A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking.
5.6
2021-05-27 CVE-2020-14301 An information disclosure vulnerability was found in libvirt in versions before 6.3.0.
network
low complexity
redhat netapp
6.5
2020-10-07 CVE-2020-14355 Classic Buffer Overflow vulnerability in multiple products
Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1.
6.6
2020-07-31 CVE-2020-14311 There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems.
local
low complexity
gnu redhat opensuse canonical
6.0
2020-07-31 CVE-2020-14310 Integer Overflow or Wraparound vulnerability in multiple products
There is an issue on grub2 before version 2.06 at function read_section_as_string().
local
low complexity
gnu redhat opensuse canonical CWE-190
6.0
2020-01-17 CVE-2019-19339 Unspecified vulnerability in Redhat Enterprise Linux and Enterprise Linux EUS
It was found that the Red Hat Enterprise Linux 8 kpatch update did not include the complete fix for CVE-2018-12207.
local
low complexity
redhat
6.5
2020-01-15 CVE-2020-2601 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security).
network
high complexity
oracle debian canonical opensuse netapp redhat
6.8