Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-03-26	CVE-2020-35518	Information Exposure Through Discrepancy vulnerability in Redhat 389 Directory Server When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. network low complexity redhat CWE-203	5.3
2021-03-26	CVE-2020-35508	A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. local high complexity linux redhat netapp	4.5
2021-03-25	CVE-2021-3446	Use of Insufficiently Random Values vulnerability in multiple products A flaw was found in libtpms in versions before 0.8.2. local low complexity libtpms-project redhat fedoraproject CWE-330	5.5
2021-03-25	CVE-2021-3443	A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. local low complexity jasper-project redhat fedoraproject	5.5
2021-03-23	CVE-2021-3409	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable to the out-of-bounds read/write access issues previously found in the SDHCI controller emulation code. local low complexity qemu redhat fedoraproject debian CWE-119	5.7
2021-03-19	CVE-2019-10225	Unspecified vulnerability in Redhat Openshift and Openshift Container Platform A flaw was found in atomic-openshift of openshift-4.2 where the basic-user RABC role in OpenShift Container Platform doesn't sufficiently protect the GlusterFS StorageClass against leaking of the restuserkey. network low complexity redhat	6.3
2021-03-18	CVE-2021-3416	A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. local low complexity qemu fedoraproject redhat debian	6.0
2021-03-18	CVE-2019-3867	Unspecified vulnerability in Redhat Quay 2.0.0/3.0.0 A vulnerability was found in the Quay web application. low complexity redhat	4.1
2021-03-16	CVE-2019-3897	Unspecified vulnerability in Redhat Certification It has been discovered in redhat-certification that any unauthorized user may download any file under /var/www/rhcert, provided they know its name. network low complexity redhat	5.3
2021-03-11	CVE-2021-20261	A race condition was found in the Linux kernels implementation of the floppy disk drive controller driver software. local high complexity linux redhat	6.4