High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-12-11	CVE-2020-27786	A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. local low complexity linux redhat netapp	7.8
2020-12-08	CVE-2020-25692	A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. network low complexity openldap redhat netapp	7.5
2020-12-06	CVE-2020-29573	Out-of-bounds Write vulnerability in multiple products sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \x00\x04\x00\x00\x00\x00\x00\x00\x00\x04 value to sprintf. network low complexity gnu redhat netapp CWE-787	7.5
2020-12-03	CVE-2020-27778	Access of Uninitialized Pointer vulnerability in multiple products A flaw was found in Poppler in the way certain PDF files were converted into HTML. network low complexity freedesktop redhat debian CWE-824	7.5
2020-12-03	CVE-2020-14351	A flaw was found in the Linux kernel. local low complexity linux redhat debian	7.8
2020-12-03	CVE-2020-14339	Unspecified vulnerability in Redhat Enterprise Linux and Libvirt A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QEMU process. local low complexity redhat	8.8
2020-11-27	CVE-2020-25708	Divide By Zero vulnerability in multiple products A divide by zero issue was found to occur in libvncserver-0.9.12. network low complexity libvncserver-project redhat debian CWE-369	7.5
2020-11-23	CVE-2020-25660	A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it does not verify Ceph clients correctly and is then vulnerable to replay attacks in Nautilus. low complexity redhat fedoraproject	8.8
2020-11-17	CVE-2020-25705	A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. network high complexity linux redhat	7.4
2020-11-17	CVE-2020-14389	Use of Password Hash With Insufficient Computational Effort vulnerability in Redhat Keycloak It was found that Keycloak before version 12.0.0 would permit a user with only view-profile role to manage the resources in the new account console, allowing access and modification of data the user was not intended to have. network low complexity redhat CWE-916	8.1