Vulnerabilities > Redhat > Enterprise Linux > High

DATE CVE VULNERABILITY TITLE RISK
2020-12-11 CVE-2020-27786 A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue.
local
low complexity
linux redhat netapp
7.8
2020-12-08 CVE-2020-25692 A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs.
network
low complexity
openldap redhat netapp
7.5
2020-12-06 CVE-2020-29573 Out-of-bounds Write vulnerability in multiple products
sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \x00\x04\x00\x00\x00\x00\x00\x00\x00\x04 value to sprintf.
network
low complexity
gnu redhat netapp CWE-787
7.5
2020-12-03 CVE-2020-27778 Access of Uninitialized Pointer vulnerability in multiple products
A flaw was found in Poppler in the way certain PDF files were converted into HTML.
network
low complexity
freedesktop redhat debian CWE-824
7.5
2020-12-03 CVE-2020-14351 A flaw was found in the Linux kernel.
local
low complexity
linux redhat debian
7.8
2020-12-03 CVE-2020-14339 Unspecified vulnerability in Redhat Enterprise Linux and Libvirt
A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QEMU process.
local
low complexity
redhat
8.8
2020-11-27 CVE-2020-25708 Divide By Zero vulnerability in multiple products
A divide by zero issue was found to occur in libvncserver-0.9.12.
network
low complexity
libvncserver-project redhat debian CWE-369
7.5
2020-11-17 CVE-2020-25705 A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports.
network
high complexity
linux redhat
7.4
2020-11-05 CVE-2020-25661 Unspecified vulnerability in Redhat Enterprise Linux 8.3
A Red Hat only CVE-2020-12351 regression issue was found in the way the Linux kernel's Bluetooth implementation handled L2CAP packets with A2MP CID.
low complexity
redhat
8.8
2020-10-20 CVE-2020-25648 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3.
network
low complexity
mozilla redhat fedoraproject oracle CWE-770
7.5