Vulnerabilities > Redhat > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-15 | CVE-2020-2659 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). | 3.7 |
| 2020-01-09 | CVE-2010-3282 | Cleartext Storage of Sensitive Information vulnerability in multiple products 389 Directory Server before 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server before B.08.10.03, when audit logging is enabled, logs the Directory Manager password (nsslapd-rootpw) in cleartext when changing cn=config:nsslapd-rootpw, which might allow local users to obtain sensitive information by reading the log. | 3.3 |
| 2019-12-10 | CVE-2019-13762 | Improper Locking vulnerability in multiple products Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 79.0.3945.79 allowed a local attacker to spoof downloaded files via local code. | 3.3 |
| 2019-12-06 | CVE-2012-2148 | Improper Privilege Management vulnerability in Redhat products An issue exists in the property replacements feature in any descriptor in JBoxx AS 7.1.1 ignores java security policies | 3.3 |
| 2019-11-27 | CVE-2012-6655 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products An issue exists AccountService 0.6.37 in the user_change_password_authorized_cb() function in user.c which could let a local users obtain encrypted passwords. | 3.3 |
| 2019-11-27 | CVE-2016-4980 | Use of Insufficiently Random Values vulnerability in multiple products A password generation weakness exists in xquest through 2016-06-13. | 2.5 |
| 2019-11-09 | CVE-2009-3552 | Improper Certificate Validation vulnerability in Redhat Enterprise Virtualization Manager 2.2 In RHEV-M VDC 2.2.0, it was found that the SSL certificate was not verified when using the client-side Red Hat Enterprise Virtualization Manager interface (a Windows Presentation Foundation (WPF) XAML browser application) to connect to the Red Hat Enterprise Virtualization Manager. | 3.1 |
| 2019-11-05 | CVE-2016-4983 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files. | 3.3 |
| 2019-11-05 | CVE-2016-1000002 | Information Exposure vulnerability in multiple products gdm3 3.14.2 and possibly later has an information leak before screen lock | 2.4 |
| 2019-10-16 | CVE-2019-2945 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). | 3.1 |