|
691
|
6.4
4.4
|
MEDIUM
Local
|
GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported direc…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2020-15705
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 14:06
2020-07-30
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
692
|
4.2
4.0
|
MEDIUM
Network
|
libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subject…
|
CWE-295
Improper Certificate Validation
|
CVE-2020-15719
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 14:06
2020-07-14
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
693
|
5.5
2.1
|
MEDIUM
Local
|
A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort (…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2019-19338
|
cpe:2.3:o:redhat:enterprise_linux:6.0:*
|
|
|
|
|
2024-11-21 13:34
2020-07-14
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
694
|
6.5
2.1
|
MEDIUM
Local
|
An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo reques…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-10756
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 13:56
2020-07-10
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
695
|
5.5
2.1
|
MEDIUM
Local
|
A buffer over-read flaw was found in RH kernel versions before 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-10769
|
cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 13:56
2020-06-27
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
696
|
5.0
4.0
|
MEDIUM
Network
|
An assertion failure issue was found in the Network Block Device(NBD) Server in all QEMU versions before QEMU 5.0.1. This flaw occurs when an nbd-client sends a spec-compliant request that is near th…
|
CWE-617
Reachable Assertion
|
CVE-2020-10761
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 13:56
2020-06-9
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
697
|
7.8
6.9
|
HIGH
Local
|
A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privi…
|
CWE-119 CWE-843
Incorrect Access of Indexable Resource ('Range Error') Type Confusion
|
CVE-2020-10757
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 13:56
2020-06-9
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
698
|
6.0
6.0
|
MEDIUM
Network
|
A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A m…
|
NVD-CWE-Other
|
CVE-2020-10749
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 13:55
2020-06-3
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
699
|
5.9
4.3
|
MEDIUM
Network
|
A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's categor…
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-10711
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 13:55
2020-05-23
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
700
|
5.3
4.4
|
MEDIUM
Local
|
A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. Because exec_id in include/linux/sched.h is only 32 bits, an integer overflow can interfere with a…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2020-12826
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 14:00
2020-05-13
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|