Vulnerabilities > Redhat > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-23 | CVE-2020-25688 | Use of Hard-coded Credentials vulnerability in Redhat Advanced Cluster Management for Kubernetes A flaw was found in rhacm versions before 2.0.5 and before 2.1.0. | 3.5 |
| 2020-10-06 | CVE-2020-25743 | NULL Pointer Dereference vulnerability in multiple products hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call. | 3.2 |
| 2020-03-16 | CVE-2020-1736 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. | 3.3 |
| 2020-03-16 | CVE-2020-1738 | Argument Injection or Modification vulnerability in Redhat products A flaw was found in Ansible Engine when the module package or service is used and the parameter 'use' is not specified. | 3.9 |
| 2020-03-12 | CVE-2020-1739 | Information Exposure vulnerability in multiple products A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument "password" of svn module, it is used on svn command line, disclosing to other users within the same node. | 3.9 |
| 2020-02-14 | CVE-2020-8991 | Memory Leak vulnerability in Redhat Lvm2 2.02.00 vg_lookup in daemons/lvmetad/lvmetad-core.c in LVM2 2.02 mismanages memory, leading to an lvmetad memory leak, as demonstrated by running pvs. | 2.3 |
| 2020-01-31 | CVE-2015-6815 | Infinite Loop vulnerability in multiple products The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors. | 3.5 |
| 2020-01-15 | CVE-2020-2583 | Improper Handling of Exceptional Conditions vulnerability in multiple products Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). | 3.7 |
| 2020-01-15 | CVE-2020-2590 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). | 3.7 |
| 2020-01-15 | CVE-2020-2654 | Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). | 3.7 |