A vulnerability in the in-band key negotiation exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. Rated low severity (CVSS 2.5). Public exploit code available and no vendor patch available.
Oracle
Information Disclosure
Aws S3 Crypto Sdk
NVD
GitHub
CVSS 3.1
2.5
EPSS
0.2%
In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity.
Denial Of Service
Qemu
Debian Linux
Ubuntu Linux
Leap
NVD
CVSS 3.1
3.8
EPSS
0.4%