High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-03-03	CVE-2020-27779	A flaw was found in grub2 in versions prior to 2.06. local high complexity gnu redhat fedoraproject netapp	7.5
2021-03-03	CVE-2020-25647	Out-of-bounds Write vulnerability in multiple products A flaw was found in grub2 in versions prior to 2.06. low complexity gnu redhat fedoraproject netapp CWE-787	7.6
2021-03-03	CVE-2020-25632	Use After Free vulnerability in multiple products A flaw was found in grub2 in versions prior to 2.06. local low complexity gnu redhat fedoraproject netapp CWE-416	8.2
2021-03-03	CVE-2020-14372	Incomplete Blacklist vulnerability in multiple products A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. local high complexity gnu redhat fedoraproject netapp CWE-184	7.5
2021-02-23	CVE-2021-20194	Improper Input Validation vulnerability in multiple products There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARDENED_USERCOPY not set, and BPF hook to getsockopt is registered). local low complexity linux redhat CWE-20	7.8
2021-02-23	CVE-2020-27782	Resource Exhaustion vulnerability in Redhat products A flaw was found in the Undertow AJP connector. network low complexity redhat CWE-400	7.8
2021-02-23	CVE-2020-14359	Authentication Bypass by Primary Weakness vulnerability in Redhat Louketo Proxy A vulnerability was found in all versions of Keycloak Gatekeeper, where on using lower case HTTP headers (via cURL) an attacker can bypass our Gatekeeper. network low complexity redhat CWE-305	7.5
2020-12-18	CVE-2020-27781	Insufficiently Protected Credentials vulnerability in multiple products User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. local low complexity redhat fedoraproject CWE-522	7.1
2020-12-11	CVE-2020-27786	Use After Free vulnerability in multiple products A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. local low complexity linux redhat netapp CWE-416	7.8
2020-12-08	CVE-2020-27822	Memory Leak vulnerability in Redhat Wildfly A flaw was found in Wildfly affecting versions 19.0.0.Final, 19.1.0.Final, 20.0.0.Final, 20.0.1.Final, and 21.0.0.Final. network redhat CWE-401	7.1