Vulnerabilities > Redhat > Enterprise Linux FOR Power Little Endian EUS > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-08-26 CVE-2021-3669 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
A flaw was found in the Linux kernel.
local
low complexity
linux ibm debian fedoraproject redhat CWE-770
5.5
2022-08-23 CVE-2021-3975 Use After Free vulnerability in multiple products
A use-after-free flaw was found in libvirt.
6.5
2022-08-22 CVE-2021-3659 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection.
local
low complexity
linux fedoraproject redhat CWE-476
5.5
2022-07-06 CVE-2021-3695 Out-of-bounds Write vulnerability in multiple products
A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area.
local
high complexity
gnu fedoraproject redhat netapp CWE-787
4.5
2022-07-06 CVE-2021-3696 Out-of-bounds Write vulnerability in multiple products
A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader.
local
high complexity
gnu redhat netapp CWE-787
4.5
2022-03-10 CVE-2021-3733 Resource Exhaustion vulnerability in multiple products
There's a flaw in urllib's AbstractBasicAuthHandler class.
network
low complexity
python redhat fedoraproject netapp CWE-400
6.5
2022-03-04 CVE-2021-3744 Memory Leak vulnerability in multiple products
A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption).
5.5
2022-02-18 CVE-2016-2124 Improper Authentication vulnerability in multiple products
A flaw was found in the way samba implemented SMB1 authentication.
network
high complexity
samba debian fedoraproject redhat canonical CWE-287
5.9
2022-02-16 CVE-2021-3551 Cleartext Storage of Sensitive Information vulnerability in multiple products
A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file.
4.4
2021-11-23 CVE-2021-3672 Cross-site Scripting vulnerability in multiple products
A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking.
5.6