Vulnerabilities > Redhat > Enterprise Linux FOR IBM Z Systems > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-03-10 CVE-2021-3733 Resource Exhaustion vulnerability in multiple products
There's a flaw in urllib's AbstractBasicAuthHandler class.
network
low complexity
python redhat fedoraproject netapp CWE-400
6.5
2022-03-03 CVE-2021-3602 Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products
An information disclosure flaw was found in Buildah, when building containers using chroot isolation.
local
low complexity
buildah-project redhat CWE-212
5.5
2022-03-02 CVE-2021-3677 A flaw was found in postgresql.
network
low complexity
postgresql redhat fedoraproject
6.5
2022-02-18 CVE-2016-2124 Improper Authentication vulnerability in multiple products
A flaw was found in the way samba implemented SMB1 authentication.
network
high complexity
samba debian fedoraproject redhat canonical CWE-287
5.9
2022-02-18 CVE-2021-3930 Off-by-one Error vulnerability in multiple products
An off-by-one error was found in the SCSI device emulation in QEMU.
local
low complexity
qemu redhat debian CWE-193
6.5
2021-11-23 CVE-2021-3672 Cross-site Scripting vulnerability in multiple products
A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking.
5.6
2021-05-27 CVE-2020-14301 An information disclosure vulnerability was found in libvirt in versions before 6.3.0.
network
low complexity
redhat netapp
6.5
2021-01-05 CVE-2020-27842 There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0.
local
low complexity
uclouvain fedoraproject debian redhat oracle
5.5
2019-02-04 CVE-2019-7317 Use After Free vulnerability in multiple products
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
5.3
2018-01-09 CVE-2017-15129 Race Condition vulnerability in multiple products
A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11.
local
high complexity
linux fedoraproject canonical redhat CWE-362
4.7