Vulnerabilities > Redhat > Enterprise MRG > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-12-11 CVE-2020-27825 A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1).
local
high complexity
linux redhat debian netapp
5.7
2020-05-12 CVE-2020-12826 Integer Overflow or Wraparound vulnerability in multiple products
A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2.
local
low complexity
linux redhat canonical CWE-190
5.3
2019-11-06 CVE-2014-8181 Improper Initialization vulnerability in Redhat Enterprise Linux and Enterprise MRG
The kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SG_IO buffer, which may leaking sensitive information to userspace.
local
low complexity
redhat CWE-665
5.5
2019-11-05 CVE-2013-6461 XML Entity Expansion vulnerability in multiple products
Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits
network
low complexity
nokogiri debian redhat CWE-776
6.5
2019-11-05 CVE-2013-6460 XML Entity Expansion vulnerability in multiple products
Nokogiri gem 1.5.x has Denial of Service via infinite loop when parsing XML documents
network
low complexity
nokogiri debian redhat CWE-776
6.5
2019-04-11 CVE-2019-3459 Out-of-bounds Read vulnerability in multiple products
A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.
6.5
2018-02-09 CVE-2014-8171 Resource Management Errors vulnerability in multiple products
The memory resource controller (aka memcg) in the Linux kernel allows local users to cause a denial of service (deadlock) by spawning new processes within a memory-constrained cgroup.
local
low complexity
linux redhat CWE-399
5.5
2018-01-14 CVE-2017-15128 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12.
local
low complexity
linux redhat CWE-119
5.5
2018-01-14 CVE-2017-15127 A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.
local
low complexity
linux redhat
5.5
2017-10-18 CVE-2014-3706 Improper Certificate Validation vulnerability in Redhat Enterprise MRG 3.0
ovirt-engine, as used in Red Hat MRG 3, allows man-in-the-middle attackers to spoof servers by leveraging failure to verify key attributes in vdsm X.509 certificates.
network
high complexity
redhat CWE-295
5.9