Vulnerabilities > Redhat > Enterprise Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-09 | CVE-2021-20245 | A flaw was found in ImageMagick in coders/webp.c. | 5.5 |
| 2021-03-09 | CVE-2021-20244 | A flaw was found in ImageMagick in MagickCore/visual-effects.c. | 5.5 |
| 2021-03-04 | CVE-2021-3404 | Out-of-bounds Write vulnerability in multiple products In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a heap buffer overflow which can be triggered via a crafted file. | 6.8 |
| 2021-03-04 | CVE-2021-3403 | Double Free vulnerability in multiple products In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a double free which can be triggered via a crafted file. | 6.8 |
| 2021-03-04 | CVE-2020-25639 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions prior to 5.12-rc1 in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC. | 4.4 |
| 2021-03-03 | CVE-2021-20225 | Out-of-bounds Write vulnerability in multiple products A flaw was found in grub2 in versions prior to 2.06. | 6.7 |
| 2021-03-03 | CVE-2020-27749 | Stack-based Buffer Overflow vulnerability in multiple products A flaw was found in grub2 in versions prior to 2.06. | 6.7 |
| 2021-02-23 | CVE-2021-20229 | Incorrect Authorization vulnerability in multiple products A flaw was found in PostgreSQL in versions before 13.2. | 4.0 |
| 2021-02-11 | CVE-2021-20188 | Incorrect Authorization vulnerability in multiple products A flaw was found in podman before 1.7.0. | 6.9 |
| 2021-01-26 | CVE-2020-35513 | Privilege Dropping / Lowering Errors vulnerability in multiple products A flaw incorrect umask during file or directory modification in the Linux kernel NFS (network file system) functionality was found in the way user create and delete object using NFSv4.2 or newer if both simultaneously accessing the NFS by the other process that is not using new NFSv4.2. | 4.9 |