Vulnerabilities > Redhat
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-02 | CVE-2020-14383 | A flaw was found in samba's DNS server. | 6.5 |
| 2020-11-27 | CVE-2020-25708 | Divide By Zero vulnerability in multiple products A divide by zero issue was found to occur in libvncserver-0.9.12. | 7.5 |
| 2020-11-24 | CVE-2020-25640 | Information Exposure Through Log Files vulnerability in Redhat Wildfly A flaw was discovered in WildFly before 21.0.0.Final where, Resource adapter logs plain text JMS password at warning level on connection error, inserting sensitive information in the log file. | 5.3 |
| 2020-11-24 | CVE-2020-10763 | Information Exposure Through Log Files vulnerability in multiple products An information-disclosure flaw was found in the way Heketi before 10.1.0 logs sensitive information. | 5.5 |
| 2020-11-24 | CVE-2020-10762 | Information Exposure Through Log Files vulnerability in Redhat Gluster-Block An information-disclosure flaw was found in the way that gluster-block before 0.5.1 logs the output from gluster-block CLI operations. | 5.5 |
| 2020-11-23 | CVE-2020-25688 | Use of Hard-coded Credentials vulnerability in Redhat Advanced Cluster Management for Kubernetes A flaw was found in rhacm versions before 2.0.5 and before 2.1.0. | 3.5 |
| 2020-11-23 | CVE-2020-25660 | A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it does not verify Ceph clients correctly and is then vulnerable to replay attacks in Nautilus. | 8.8 |
| 2020-11-17 | CVE-2020-25705 | A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. | 7.4 |
| 2020-11-17 | CVE-2020-14389 | Use of Password Hash With Insufficient Computational Effort vulnerability in Redhat Keycloak It was found that Keycloak before version 12.0.0 would permit a user with only view-profile role to manage the resources in the new account console, allowing access and modification of data the user was not intended to have. | 8.1 |
| 2020-11-17 | CVE-2020-10776 | Cross-site Scripting vulnerability in Redhat Keycloak A flaw was found in Keycloak before version 12.0.0, where it is possible to add unsafe schemes for the redirect_uri parameter. | 4.8 |