Vulnerabilities > Redhat > Enterprise Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-12 | CVE-2020-25657 | Covert Timing Channel vulnerability in multiple products A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption API via the timed processing of valid PKCS#1 v1.5 Ciphertext. | 5.9 |
| 2021-01-05 | CVE-2020-27842 | Out-of-bounds Read vulnerability in multiple products There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. | 5.5 |
| 2021-01-04 | CVE-2020-35507 | NULL Pointer Dereference vulnerability in multiple products There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. | 5.5 |
| 2020-12-15 | CVE-2020-27777 | Missing Authorization vulnerability in multiple products A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. | 6.7 |
| 2020-12-15 | CVE-2020-25712 | Heap-based Buffer Overflow vulnerability in multiple products A flaw was found in xorg-x11-server before 1.20.10. | 4.6 |
| 2020-12-11 | CVE-2020-27825 | Race Condition vulnerability in multiple products A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). | 5.7 |
| 2020-12-03 | CVE-2020-27783 | Cross-site Scripting vulnerability in multiple products A XSS vulnerability was discovered in python-lxml's clean module. | 6.1 |
| 2020-12-03 | CVE-2020-14351 | Use After Free vulnerability in multiple products A flaw was found in the Linux kernel. | 4.6 |
| 2020-12-03 | CVE-2020-14318 | Incorrect Privilege Assignment vulnerability in multiple products A flaw was found in the way samba handled file and directory permissions. | 4.3 |
| 2020-12-02 | CVE-2020-25656 | Use After Free vulnerability in multiple products A flaw was found in the Linux kernel. | 4.1 |