Vulnerabilities > Redhat > Enterprise Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-05 | CVE-2021-20254 | Out-of-bounds Read vulnerability in multiple products A flaw was found in samba. | 6.8 |
| 2021-04-19 | CVE-2021-20208 | Improper Privilege Management vulnerability in multiple products A flaw was found in cifs-utils in versions before 6.13. | 6.1 |
| 2021-04-19 | CVE-2021-3505 | Insufficient Entropy vulnerability in multiple products A flaw was found in libtpms in versions before 0.8.0. | 5.5 |
| 2021-04-08 | CVE-2021-3482 | Out-of-bounds Write vulnerability in multiple products A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. | 6.5 |
| 2021-04-08 | CVE-2021-3448 | A flaw was found in dnsmasq in versions before 2.85. | 4.0 |
| 2021-04-01 | CVE-2021-20291 | Improper Locking vulnerability in multiple products A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. | 6.5 |
| 2021-03-26 | CVE-2021-20197 | Link Following vulnerability in multiple products There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. | 6.3 |
| 2021-03-26 | CVE-2020-35518 | Information Exposure Through Discrepancy vulnerability in Redhat 389 Directory Server When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. | 5.0 |
| 2021-03-26 | CVE-2020-35508 | Improper Initialization vulnerability in multiple products A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. | 4.5 |
| 2021-03-25 | CVE-2021-3446 | Use of Insufficiently Random Values vulnerability in multiple products A flaw was found in libtpms in versions before 0.8.2. | 5.5 |