|
631
|
4.9
4.0
|
MEDIUM
Network
|
A flaw incorrect umask during file or directory modification in the Linux kernel NFS (network file system) functionality was found in the way user create and delete object using NFSv4.2 or newer if b…
|
-
|
CVE-2020-35513
|
cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 14:27
2021-01-27
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
632
|
5.9
4.3
|
MEDIUM
Network
|
A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption API via the timed processing of valid PKCS#1 v1.5 Ciphertext. T…
|
-
|
CVE-2020-25657
|
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:*
|
|
|
|
|
2024-11-21 14:18
2021-01-13
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
633
|
5.5
4.3
|
MEDIUM
Local
|
There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An attacker who is able to provide crafted input to be processed by openjpeg could cause a null pointer dereference. The highest im…
|
-
|
CVE-2020-27842
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 14:21
2021-01-6
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
634
|
5.5
4.3
|
MEDIUM
Local
|
There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to caus…
|
-
|
CVE-2020-35507
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 14:27
2021-01-5
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
635
|
9.8
10.0
|
CRITICAL
Network
|
A signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypass SAML Authentication. The highest threat from this vulnerability is to confidentiality, integrity,…
|
-
|
CVE-2020-27846
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 14:21
2020-12-22
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
636
|
6.7
7.2
|
MEDIUM
Local
|
A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors …
|
-
|
CVE-2020-27777
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 14:21
2020-12-16
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
637
|
7.8
4.6
|
HIGH
Local
|
A flaw was found in xorg-x11-server before 1.20.10. A heap-buffer overflow in XkbSetDeviceInfo may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data …
|
-
|
CVE-2020-25712
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 14:18
2020-12-16
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
638
|
5.7
5.4
|
MEDIUM
Local
|
A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, m…
|
-
|
CVE-2020-27825
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 14:21
2020-12-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
639
|
7.8
7.2
|
HIGH
Local
|
A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue.…
|
-
|
CVE-2020-27786
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 14:21
2020-12-11
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
640
|
7.5
5.0
|
HIGH
Network
|
A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sen…
|
-
|
CVE-2020-25692
|
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 14:18
2020-12-8
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|