VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Redhat
>
Enterprise Linux
> Medium
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2020-05-08
CVE-2020-10690
Use After Free vulnerability in multiple products
There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation.
local
high complexity
linux
redhat
debian
canonical
opensuse
netapp
CWE-416
6.4
6.4
2020-04-29
CVE-2020-12458
Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
An information-disclosure flaw was found in Grafana through 6.7.3.
local
low complexity
grafana
redhat
fedoraproject
CWE-732
5.5
5.5
2020-04-28
CVE-2020-12430
Memory Leak vulnerability in Redhat Enterprise Linux and Libvirt
An issue was discovered in qemuDomainGetStatsIOThread in qemu/qemu_driver.c in libvirt 4.10.0 though 6.x before 6.1.0.
network
low complexity
redhat
CWE-401
6.5
6.5
2020-04-27
CVE-2020-1722
A flaw was found in all ipa versions 4.x.x through 4.8.0.
network
high complexity
freeipa
redhat
5.3
5.3
2020-04-13
CVE-2020-1730
NULL Pointer Dereference vulnerability in multiple products
A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers.
network
low complexity
libssh
canonical
netapp
redhat
fedoraproject
oracle
CWE-476
5.3
5.3
2020-04-10
CVE-2020-11669
An issue was discovered in the Linux kernel before 5.2 on the powerpc platform.
local
low complexity
linux
redhat
opensuse
5.5
5.5
2020-04-08
CVE-2020-2732
Information Exposure vulnerability in Redhat Enterprise Linux 7.0/8.0
A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled.
low complexity
redhat
CWE-200
6.8
6.8
2020-03-20
CVE-2019-10221
Cross-site Scripting vulnerability in multiple products
A Reflected Cross Site Scripting vulnerability was found in all pki-core 10.x.x versions, where the pki-ca module from the pki-core server.
network
low complexity
redhat
dogtagpki
CWE-79
6.1
6.1
2020-03-20
CVE-2019-10179
A vulnerability was found in all pki-core 10.x.x versions, where the Key Recovery Authority (KRA) Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting (XSS) vulnerability.
network
low complexity
redhat
dogtagpki
6.1
6.1
2020-03-18
CVE-2019-10146
A Reflected Cross Site Scripting flaw was found in all pki-core 10.x.x versions module from the pki-core server due to the CA Agent Service not properly sanitizing the certificate request page.
network
high complexity
redhat
dogtagpki
4.7
4.7
«
Previous
1
2
...
32
33
34
(current)
35
36
...
60
61
»
Next