Vulnerabilities > Redhat > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-01 | CVE-2021-20306 | Unspecified vulnerability in Redhat Descision Manager, Jbpm and Process Automation A flaw was found in the BPMN editor in version jBPM 7.51.0.Final. | 4.3 |
| 2021-06-01 | CVE-2021-3543 | Use After Free vulnerability in multiple products A flaw null pointer dereference in the Nitro Enclaves kernel driver was found in the way that Enclaves VMs forces closures on the enclave file descriptor. | 6.7 |
| 2021-05-28 | CVE-2021-3514 | NULL Pointer Dereference vulnerability in Redhat 389 Directory Server When using a sync_repl client in 389-ds-base, an authenticated attacker can cause a NULL pointer dereference using a specially crafted query, causing a crash. | 6.5 |
| 2021-05-28 | CVE-2020-1729 | Incorrect Authorization vulnerability in Redhat Smallrye Config A flaw was found in SmallRye's API through version 1.6.1. | 4.4 |
| 2021-05-28 | CVE-2020-27826 | Execution with Unnecessary Privileges vulnerability in Redhat Keycloak A flaw was found in Keycloak before version 12.0.0 where it is possible to update the user's metadata attributes using Account REST API. | 4.2 |
| 2021-05-28 | CVE-2021-20201 | A flaw was found in spice in versions before 0.14.92. | 5.3 |
| 2021-05-28 | CVE-2021-20292 | Use After Free vulnerability in multiple products There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. | 6.7 |
| 2021-05-27 | CVE-2020-14301 | Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products An information disclosure vulnerability was found in libvirt in versions before 6.3.0. | 6.5 |
| 2021-05-27 | CVE-2020-14327 | Server-Side Request Forgery (SSRF) vulnerability in Redhat Ansible Tower A Server-side request forgery (SSRF) flaw was found in Ansible Tower in versions before 3.6.5 and before 3.7.2. | 5.5 |
| 2021-05-27 | CVE-2020-1761 | Unspecified vulnerability in Redhat Openshift A flaw was found in the OpenShift web console, where the access token is stored in the browser's local storage. | 6.1 |