Enterprise MRG

DATE	CVE	VULNERABILITY TITLE	RISK
2020-12-11	CVE-2020-27825	Race Condition vulnerability in multiple products A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). local high complexity linux redhat debian netapp CWE-362	5.7
2020-12-11	CVE-2020-27786	Use After Free vulnerability in multiple products A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. local low complexity linux redhat netapp CWE-416	7.8
2020-09-09	CVE-2020-1749	Cleartext Transmission of Sensitive Information vulnerability in multiple products A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. network low complexity linux redhat CWE-319	7.5
2020-06-09	CVE-2020-10757	Type Confusion vulnerability in multiple products A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. local low complexity linux opensuse redhat fedoraproject debian canonical netapp CWE-843	7.8
2020-05-12	CVE-2020-12826	Integer Overflow or Wraparound vulnerability in multiple products A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. local linux redhat canonical CWE-190	4.4
2020-05-08	CVE-2019-14898	Improper Locking vulnerability in multiple products The fix for CVE-2019-11599, affecting the Linux kernel before 5.0.10 was not complete. local high complexity linux redhat CWE-667	7.0
2020-02-19	CVE-2012-6685	XML Entity Expansion vulnerability in multiple products Nokogiri before 1.5.4 is vulnerable to XXE attacks network low complexity nokogiri redhat CWE-776	5.0
2019-11-21	CVE-2012-3460	Improper Input Validation vulnerability in Redhat Enterprise MRG 2.0 cumin: At installation postgresql database user created without password network low complexity redhat CWE-20	7.5
2019-11-06	CVE-2014-8181	Improper Initialization vulnerability in Redhat Enterprise Linux and Enterprise MRG The kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SG_IO buffer, which may leaking sensitive information to userspace. local low complexity redhat CWE-665	2.1
2019-11-05	CVE-2013-6461	XML Entity Expansion vulnerability in multiple products Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits network nokogiri debian redhat CWE-776	4.3