Vulnerabilities > Redhat > Enterprise Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-02 | CVE-2020-14383 | A flaw was found in samba's DNS server. | 6.5 |
| 2020-11-17 | CVE-2020-25705 | Use of Insufficiently Random Values vulnerability in multiple products A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. | 5.8 |
| 2020-11-05 | CVE-2020-25662 | Improper Initialization vulnerability in Redhat Enterprise Linux 8.3 A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. | 6.5 |
| 2020-10-07 | CVE-2020-14355 | Classic Buffer Overflow vulnerability in multiple products Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. | 6.6 |
| 2020-10-06 | CVE-2020-25641 | Infinite Loop vulnerability in multiple products A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. | 5.5 |
| 2020-09-23 | CVE-2020-14370 | Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. | 5.3 |
| 2020-09-15 | CVE-2020-14331 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. | 6.6 |
| 2020-09-15 | CVE-2020-10759 | Improper Verification of Cryptographic Signature vulnerability in Redhat Enterprise Linux 7.0/8.0 A PGP signature bypass flaw was found in fwupd (all versions), which could lead to the installation of unsigned firmware. | 6.0 |
| 2020-09-14 | CVE-2020-0570 | Untrusted Search Path vulnerability in multiple products Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access. | 4.4 |
| 2020-09-03 | CVE-2020-14373 | Use After Free vulnerability in multiple products A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of ghostscript-9.25. | 5.5 |