Vulnerabilities > Redhat > Enterprise MRG

DATE CVE VULNERABILITY TITLE RISK
2020-12-11 CVE-2020-27825 A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1).
local
high complexity
linux redhat debian netapp
5.7
2020-12-11 CVE-2020-27786 A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue.
local
low complexity
linux redhat netapp
7.8
2020-09-09 CVE-2020-1749 A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6.
network
low complexity
linux redhat
7.5
2020-06-09 CVE-2020-10757 Type Confusion vulnerability in multiple products
A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages.
7.8
2020-05-12 CVE-2020-12826 Integer Overflow or Wraparound vulnerability in multiple products
A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2.
local
low complexity
linux redhat canonical CWE-190
5.3
2020-05-08 CVE-2019-14898 The fix for CVE-2019-11599, affecting the Linux kernel before 5.0.10 was not complete.
local
high complexity
linux redhat
7.0
2020-02-19 CVE-2012-6685 XML Entity Expansion vulnerability in multiple products
Nokogiri before 1.5.4 is vulnerable to XXE attacks
network
low complexity
nokogiri redhat CWE-776
7.5
2019-11-21 CVE-2012-3460 Improper Input Validation vulnerability in Redhat Enterprise MRG 2.0
cumin: At installation postgresql database user created without password
network
low complexity
redhat CWE-20
critical
9.8
2019-11-06 CVE-2014-8181 Improper Initialization vulnerability in Redhat Enterprise Linux and Enterprise MRG
The kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SG_IO buffer, which may leaking sensitive information to userspace.
local
low complexity
redhat CWE-665
5.5
2019-11-05 CVE-2013-6461 XML Entity Expansion vulnerability in multiple products
Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits
network
low complexity
nokogiri debian redhat CWE-776
6.5