Vulnerabilities > Redhat > Low

DATE CVE VULNERABILITY TITLE RISK
2020-11-23 CVE-2020-25688 Use of Hard-coded Credentials vulnerability in Redhat Advanced Cluster Management for Kubernetes
A flaw was found in rhacm versions before 2.0.5 and before 2.1.0.
low complexity
redhat CWE-798
3.5
2020-10-06 CVE-2020-25743 NULL Pointer Dereference vulnerability in multiple products
hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call.
local
low complexity
qemu redhat CWE-476
3.2
2020-03-16 CVE-2020-1736 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified.
local
low complexity
redhat fedoraproject CWE-732
3.3
2020-03-16 CVE-2020-1738 Argument Injection or Modification vulnerability in Redhat products
A flaw was found in Ansible Engine when the module package or service is used and the parameter 'use' is not specified.
local
high complexity
redhat CWE-88
3.9
2020-03-12 CVE-2020-1739 A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument "password" of svn module, it is used on svn command line, disclosing to other users within the same node.
local
low complexity
redhat fedoraproject debian
3.9
2020-02-14 CVE-2020-8991 Memory Leak vulnerability in Redhat Lvm2 2.02.00
vg_lookup in daemons/lvmetad/lvmetad-core.c in LVM2 2.02 mismanages memory, leading to an lvmetad memory leak, as demonstrated by running pvs.
local
low complexity
redhat CWE-401
2.3
2020-01-31 CVE-2015-6815 Infinite Loop vulnerability in multiple products
The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors.
3.5
2020-01-15 CVE-2020-2583 Improper Handling of Exceptional Conditions vulnerability in multiple products
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization).
3.7
2020-01-15 CVE-2020-2590 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security).
network
high complexity
oracle redhat debian canonical opensuse mcafee netapp
3.7
2020-01-15 CVE-2020-2654 Vulnerability in the Java SE product of Oracle Java SE (component: Libraries).
network
high complexity
oracle redhat debian canonical netapp mcafee opensuse
3.7