Vulnerabilities > Redhat > Enterprise Linux > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-11 | CVE-2020-27786 | A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. | 7.8 |
| 2020-12-08 | CVE-2020-25692 | A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. | 7.5 |
| 2020-12-06 | CVE-2020-29573 | Out-of-bounds Write vulnerability in multiple products sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \x00\x04\x00\x00\x00\x00\x00\x00\x00\x04 value to sprintf. | 7.5 |
| 2020-12-03 | CVE-2020-27778 | Access of Uninitialized Pointer vulnerability in multiple products A flaw was found in Poppler in the way certain PDF files were converted into HTML. | 7.5 |
| 2020-12-03 | CVE-2020-14351 | A flaw was found in the Linux kernel. | 7.8 |
| 2020-12-03 | CVE-2020-14339 | Unspecified vulnerability in Redhat Enterprise Linux and Libvirt A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QEMU process. | 8.8 |
| 2020-11-27 | CVE-2020-25708 | Divide By Zero vulnerability in multiple products A divide by zero issue was found to occur in libvncserver-0.9.12. | 7.5 |
| 2020-11-17 | CVE-2020-25705 | A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. | 7.4 |
| 2020-11-05 | CVE-2020-25661 | Unspecified vulnerability in Redhat Enterprise Linux 8.3 A Red Hat only CVE-2020-12351 regression issue was found in the way the Linux kernel's Bluetooth implementation handled L2CAP packets with A2MP CID. low complexity redhat | 8.8 |
| 2020-10-20 | CVE-2020-25648 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. | 7.5 |