Enterprise Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-12	CVE-2020-12826	Integer Overflow or Wraparound vulnerability in multiple products A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. local low complexity linux redhat canonical CWE-190	5.3
2020-05-08	CVE-2020-10690	Use After Free vulnerability in multiple products There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. local high complexity linux redhat debian canonical opensuse netapp CWE-416	6.4
2020-04-29	CVE-2020-12458	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products An information-disclosure flaw was found in Grafana through 6.7.3. local low complexity grafana redhat fedoraproject CWE-732	5.5
2020-04-28	CVE-2020-12430	Memory Leak vulnerability in Redhat Enterprise Linux and Libvirt An issue was discovered in qemuDomainGetStatsIOThread in qemu/qemu_driver.c in libvirt 4.10.0 though 6.x before 6.1.0. network low complexity redhat CWE-401	6.5
2020-04-27	CVE-2020-1722	A flaw was found in all ipa versions 4.x.x through 4.8.0. network high complexity freeipa redhat	5.3
2020-04-17	CVE-2020-1751	Out-of-bounds Write vulnerability in multiple products An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. local high complexity gnu redhat canonical CWE-787	7.0
2020-04-17	CVE-2020-11868	Origin Validation Error vulnerability in multiple products ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp. network low complexity ntp redhat netapp debian opensuse CWE-346	7.5
2020-04-13	CVE-2020-1730	NULL Pointer Dereference vulnerability in multiple products A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. network low complexity libssh canonical netapp redhat fedoraproject oracle CWE-476	5.3
2020-04-10	CVE-2020-11669	An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. local low complexity linux redhat opensuse	5.5
2020-04-08	CVE-2020-2732	Information Exposure vulnerability in Redhat Enterprise Linux 7.0/8.0 A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. low complexity redhat CWE-200	6.8