Vulnerabilities > Redhat > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-16 | CVE-2020-10748 | Cross-site Scripting vulnerability in Redhat Keycloak and Single Sign-On A flaw was found in Keycloak's data filter, in version 10.0.1, where it allowed the processing of data URLs in some circumstances. | 6.1 |
| 2020-09-16 | CVE-2020-10715 | Improper Input Validation vulnerability in Redhat Openshift A content spoofing vulnerability was found in the openshift/console 3.11 and 4.x. | 4.3 |
| 2020-09-16 | CVE-2020-1710 | Unspecified vulnerability in Redhat products The issue appears to be that JBoss EAP 6.4.21 does not parse the field-name in accordance to RFC7230[1] as it returns a 200 instead of a 400. | 5.3 |
| 2020-09-15 | CVE-2020-14331 | A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. | 6.6 |
| 2020-09-15 | CVE-2020-10759 | Unspecified vulnerability in Redhat Enterprise Linux 7.0/8.0 A PGP signature bypass flaw was found in fwupd (all versions), which could lead to the installation of unsigned firmware. | 6.0 |
| 2020-09-11 | CVE-2020-14332 | A flaw was found in the Ansible Engine when using module_args. | 5.5 |
| 2020-09-11 | CVE-2020-14330 | Information Exposure Through Log Files vulnerability in multiple products An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. | 5.5 |
| 2020-09-03 | CVE-2020-14373 | Use After Free vulnerability in multiple products A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of ghostscript-9.25. | 5.5 |
| 2020-08-31 | CVE-2020-14364 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. | 5.0 |
| 2020-08-24 | CVE-2020-10775 | Open Redirect vulnerability in multiple products An Open redirect vulnerability was found in ovirt-engine versions 4.4 and earlier, where it allows remote attackers to redirect users to arbitrary web sites and attempt phishing attacks. | 5.3 |