Vulnerabilities > Redhat

DATE CVE VULNERABILITY TITLE RISK
2021-05-28 CVE-2021-20236 Classic Buffer Overflow vulnerability in multiple products
A flaw was found in the ZeroMQ server in versions before 4.3.3.
network
low complexity
zeromq redhat fedoraproject CWE-120
7.5
2021-05-28 CVE-2021-20239 Untrusted Pointer Dereference vulnerability in multiple products
A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol.
local
low complexity
linux redhat fedoraproject CWE-822
2.1
2021-05-28 CVE-2021-20292 USE After Free vulnerability in multiple products
There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem.
local
low complexity
linux fedoraproject redhat CWE-416
7.2
2021-05-27 CVE-2020-14301 Improper Cross-Boundary Removal of Sensitive Data vulnerability in Redhat Enterprise Linux and Libvirt
An information disclosure vulnerability was found in libvirt in versions before 6.3.0.
network
low complexity
redhat CWE-212
4.0
2021-05-27 CVE-2020-14327 Server-Side Request Forgery (SSRF) vulnerability in Redhat Ansible Tower
A Server-side request forgery (SSRF) flaw was found in Ansible Tower in versions before 3.6.5 and before 3.7.2.
local
low complexity
redhat CWE-918
2.1
2021-05-27 CVE-2020-14328 Server-Side Request Forgery (SSRF) vulnerability in Redhat Ansible Tower
A flaw was found in Ansible Tower in versions before 3.7.2.
local
low complexity
redhat CWE-918
2.1
2021-05-27 CVE-2020-14329 Information Exposure vulnerability in Redhat Ansible Tower
A data exposure flaw was found in Ansible Tower in versions before 3.7.2, where sensitive data can be exposed from the /api/v2/labels/ endpoint.
local
low complexity
redhat CWE-200
2.1
2021-05-27 CVE-2020-1702 Resource Exhaustion vulnerability in multiple products
A malicious container image can consume an unbounded amount of memory when being pulled to a container runtime host, such as Red Hat Enterprise Linux using podman, or OpenShift Container Platform.
4.3
2021-05-27 CVE-2020-1761 Improperly Implemented Security Check for Standard vulnerability in Redhat Openshift
A flaw was found in the OpenShift web console, where the access token is stored in the browser's local storage.
network
redhat CWE-358
4.3
2021-05-27 CVE-2020-10688 Cross-Site Scripting vulnerability in Redhat Resteasy
A cross-site scripting (XSS) flaw was found in RESTEasy in versions before 3.11.1.Final and before 4.5.3.Final, where it did not properly handle URL encoding when the RESTEASY003870 exception occurs.
network
redhat CWE-79
4.3