Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-16	CVE-2021-3551	Cleartext Storage of Sensitive Information vulnerability in multiple products A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. local dogtagpki fedoraproject oracle redhat CWE-312	4.4
2021-11-23	CVE-2021-3672	Cross-site Scripting vulnerability in multiple products A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. network high complexity c-ares-project fedoraproject redhat siemens nodejs pgbouncer CWE-79	5.6
2021-05-27	CVE-2020-14301	Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products An information disclosure vulnerability was found in libvirt in versions before 6.3.0. network low complexity redhat netapp CWE-212	4.0
2020-10-07	CVE-2020-14355	Classic Buffer Overflow vulnerability in multiple products Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. network low complexity spice-project redhat canonical debian opensuse CWE-120	6.6
2020-07-31	CVE-2020-14311	Heap-based Buffer Overflow vulnerability in multiple products There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. local low complexity gnu redhat opensuse canonical CWE-122	6.0
2020-07-31	CVE-2020-14310	Integer Overflow or Wraparound vulnerability in multiple products There is an issue on grub2 before version 2.06 at function read_section_as_string(). local low complexity gnu redhat opensuse canonical CWE-190	6.0
2020-01-17	CVE-2019-19339	Unspecified vulnerability in Redhat Enterprise Linux and Enterprise Linux EUS It was found that the Red Hat Enterprise Linux 8 kpatch update did not include the complete fix for CVE-2018-12207. local low complexity redhat	4.9
2020-01-15	CVE-2020-2659	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). network oracle debian canonical netapp opensuse redhat	4.3
2020-01-15	CVE-2020-2654	Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). network oracle redhat debian canonical netapp mcafee opensuse	4.3
2020-01-15	CVE-2020-2601	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). network oracle debian canonical opensuse netapp redhat	4.3