Enterprise Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2021-03-26	CVE-2021-20197	There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. local high complexity gnu redhat netapp broadcom	6.3
2021-03-26	CVE-2020-35518	Information Exposure Through Discrepancy vulnerability in Redhat 389 Directory Server When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. network low complexity redhat CWE-203	5.3
2021-03-26	CVE-2020-35508	A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. local high complexity linux redhat netapp	4.5
2021-03-25	CVE-2021-3466	A flaw was found in libmicrohttpd. network low complexity gnu redhat fedoraproject critical	9.8
2021-03-25	CVE-2021-3446	Use of Insufficiently Random Values vulnerability in multiple products A flaw was found in libtpms in versions before 0.8.2. local low complexity libtpms-project redhat fedoraproject CWE-330	5.5
2021-03-25	CVE-2021-3443	A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. local low complexity jasper-project redhat fedoraproject	5.5
2021-03-23	CVE-2021-3409	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable to the out-of-bounds read/write access issues previously found in the SDHCI controller emulation code. local low complexity qemu redhat fedoraproject debian CWE-119	5.7
2021-03-23	CVE-2021-20270	Infinite Loop vulnerability in multiple products An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword. network low complexity pygments redhat fedoraproject debian CWE-835	7.5
2021-03-19	CVE-2019-10196	A flaw was found in http-proxy-agent, prior to version 2.1.0. network low complexity http-proxy-agent-project fedoraproject redhat critical	9.8
2021-03-18	CVE-2021-3416	A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. local low complexity qemu fedoraproject redhat debian	6.0