Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-26	CVE-2020-10769	Out-of-bounds Read vulnerability in multiple products A buffer over-read flaw was found in RH kernel versions before 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. local low complexity redhat opensuse CWE-125	5.5
2020-06-26	CVE-2020-10753	Injection vulnerability in multiple products A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). network low complexity redhat fedoraproject opensuse linuxfoundation canonical CWE-74	6.5
2020-06-22	CVE-2020-1727	Improper Input Validation vulnerability in Redhat Keycloak A vulnerability was found in Keycloak before 9.0.2, where every Authorization URL that points to an IDP server lacks proper input validation as it allows a wide range of characters. network low complexity redhat CWE-20	5.4
2020-06-22	CVE-2019-3865	Cross-site Scripting vulnerability in Redhat Quay 2.0.0 A vulnerability was found in quay-2, where a stored XSS vulnerability has been found in the super user function of quay. network low complexity redhat CWE-79	6.1
2020-06-18	CVE-2020-10782	Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Ansible Tower 3.7.0 An exposure of sensitive information flaw was found in Ansible version 3.7.0. local low complexity redhat CWE-732	6.5
2020-06-15	CVE-2018-16848	Resource Exhaustion vulnerability in Redhat Openstack-Mistral A Denial of Service (DoS) condition is possible in OpenStack Mistral in versions up to and including 7.0.3. network low complexity redhat CWE-400	6.5
2020-06-10	CVE-2020-10755	Insufficiently Protected Credentials vulnerability in multiple products An insecure-credentials flaw was found in all openstack-cinder versions before openstack-cinder 14.1.0, all openstack-cinder 15.x.x versions before openstack-cinder 15.2.0 and all openstack-cinder 16.x.x versions before openstack-cinder 16.1.0. network low complexity redhat canonical CWE-522	6.5
2020-06-09	CVE-2020-10761	Reachable Assertion vulnerability in multiple products An assertion failure issue was found in the Network Block Device(NBD) Server in all QEMU versions before QEMU 5.0.1. network low complexity qemu redhat opensuse canonical CWE-617	5.0
2020-06-03	CVE-2020-10749	A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. network high complexity linuxfoundation redhat fedoraproject	6.0
2020-06-02	CVE-2020-10703	NULL Pointer Dereference vulnerability in Redhat Libvirt A NULL pointer dereference was found in the libvirt API responsible introduced in upstream version 3.10.0, and fixed in libvirt 6.0.0, for fetching a storage pool based on its target path. network low complexity redhat CWE-476	6.5