|
701
|
6.4
4.4
|
MEDIUM
Local
|
There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. When a (high privileged) process allocates a ptp…
|
CWE-416
Use After Free
|
CVE-2020-10690
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 13:55
2020-05-9
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
702
|
5.5
2.1
|
MEDIUM
Local
|
An information-disclosure flaw was found in Grafana through 6.7.3. The database directory /var/lib/grafana and database file /var/lib/grafana/grafana.db are world readable. This can result in exposur…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-12458
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 13:59
2020-04-30
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
703
|
6.5
4.0
|
MEDIUM
Network
|
An issue was discovered in qemuDomainGetStatsIOThread in qemu/qemu_driver.c in libvirt 4.10.0 though 6.x before 6.1.0. A memory leak was found in the virDomainListGetStats libvirt API that is respons…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2020-12430
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 13:59
2020-04-29
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
704
|
5.3
5.4
|
MEDIUM
Network
|
A flaw was found in all ipa versions 4.x.x through 4.8.0. When sending a very long password (>= 1,000,000 characters) to the server, the password hashing process could exhaust memory and CPU leading …
|
-
|
CVE-2020-1722
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 14:11
2020-04-28
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
705
|
7.0
5.9
|
HIGH
Local
|
An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when stor…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-1751
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 14:11
2020-04-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
706
|
7.5
5.0
|
HIGH
Network
|
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissi…
|
CWE-346
Origin Validation Error
|
CVE-2020-11868
|
cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 13:58
2020-04-17
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
707
|
5.3
5.0
|
MEDIUM
Network
|
A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. The server or client could crash when the connection hasn't been f…
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-1730
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 14:11
2020-04-14
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
708
|
5.5
2.1
|
MEDIUM
Local
|
An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. arch/powerpc/kernel/idle_book3s.S does not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, …
|
NVD-CWE-noinfo
|
CVE-2020-11669
|
cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 13:58
2020-04-11
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
709
|
6.8
2.3
|
MEDIUM
Adjacent
|
A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 gu…
|
CWE-200
Information Exposure
|
CVE-2020-2732
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 14:26
2020-04-9
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
710
|
8.8
9.3
|
HIGH
Network
|
A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTP(s) server and then write…
|
CWE-22
Path Traversal
|
CVE-2020-10696
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 13:55
2020-04-1
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|