The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of CentOS

Linux kernel: denial of service via NFS Umask
An attacker can trigger a fatal error via NFS Umask of the Linux kernel, in order to trigger a denial of service...
CERTFR-2021-AVI-078, CVE-2020-35513, RHBUG-1911309, RHSA-2021:0336-01, RHSA-2021:0338-01, VIGILANCE-VUL-34458
Node.js ini: privilege escalation via Prototype Pollution
An attacker can bypass restrictions via Prototype Pollution of Node.js ini, in order to escalate his privileges...
CVE-2020-7788, DLA-2503-1, NPM-1589, RHSA-2021:0421-01, RHSA-2021:0485-01, RHSA-2021:0521-01, RHSA-2021:0548-01, RHSA-2021:0549-01, RHSA-2021:0551-01, VIGILANCE-VUL-34091
Linux kernel: use after free via TIOCSPGRP
An attacker can force the usage of a freed memory area via TIOCSPGRP of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
CERTFR-2021-AVI-021, CERTFR-2021-AVI-035, CERTFR-2021-AVI-077, CERTFR-2021-AVI-078, CERTFR-2021-AVI-111, CERTFR-2021-AVI-120, CERTFR-2021-AVI-122, CERTFR-2021-AVI-125, CERTFR-2021-AVI-149, CVE-2020-29661, DLA-2557-1, DSA-4843-1, FEDORA-2020-b732958765, FEDORA-2020-bc0cc81a7a, openSUSE-SU-2021:0075-1, openSUSE-SU-2021:0242-1, RHSA-2021:0354-01, RHSA-2021:0537-01, RHSA-2021:0558-01, RHSA-2021:0686-01, RHSA-2021:0689-01, SUSE-SU-2021:0094-1, SUSE-SU-2021:0095-1, SUSE-SU-2021:0096-1, SUSE-SU-2021:0097-1, SUSE-SU-2021:0098-1, SUSE-SU-2021:0108-1, SUSE-SU-2021:0117-1, SUSE-SU-2021:0118-1, SUSE-SU-2021:0133-1, SUSE-SU-2021:0434-1, SUSE-SU-2021:0437-1, SUSE-SU-2021:0438-1, SUSE-SU-2021:0452-1, SUSE-SU-2021:14630-1, USN-4748-1, USN-4749-1, USN-4750-1, USN-4751-1, USN-4752-1, VIGILANCE-VUL-34082
Linux kernel: use after free via blkdev_get
An attacker can force the usage of a freed memory area via blkdev_get of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
CERTFR-2020-AVI-794, CERTFR-2020-AVI-811, CERTFR-2020-AVI-837, CERTFR-2021-AVI-021, CERTFR-2021-AVI-078, CERTFR-2021-AVI-111, CERTFR-2021-AVI-120, CERTFR-2021-AVI-125, CERTFR-2021-AVI-149, CVE-2020-15436, openSUSE-SU-2020:1153-1, openSUSE-SU-2020:2161-1, openSUSE-SU-2020:2193-1, openSUSE-SU-2020:2260-1, openSUSE-SU-2021:0242-1, RHSA-2021:0336-01, RHSA-2021:0338-01, RHSA-2021:0354-01, SUSE-SU-2020:3713-1, SUSE-SU-2020:3717-1, SUSE-SU-2020:3718-1, SUSE-SU-2020:3748-1, SUSE-SU-2020:3764-1, SUSE-SU-2020:3766-1, SUSE-SU-2020:3798-1, SUSE-SU-2021:0097-1, SUSE-SU-2021:0098-1, SUSE-SU-2021:0434-1, SUSE-SU-2021:0437-1, SUSE-SU-2021:0438-1, SUSE-SU-2021:0452-1, SUSE-SU-2021:14630-1, USN-4752-1, VIGILANCE-VUL-34039
Node.js Ajv: privilege escalation via Prototype Pollution
An attacker can bypass restrictions via Prototype Pollution of Node.js Ajv, in order to escalate his privileges...
CVE-2020-15366, RHSA-2020:5305-01, RHSA-2020:5499-01, RHSA-2021:0421-01, RHSA-2021:0521-01, RHSA-2021:0548-01, RHSA-2021:0551-01, VIGILANCE-VUL-34016
Node.js y18n: privilege escalation via Prototype Pollution
An attacker can bypass restrictions via Prototype Pollution of Node.js y18n, in order to escalate his privileges...
CVE-2020-7774, RHSA-2020:5305-01, RHSA-2020:5499-01, RHSA-2021:0421-01, RHSA-2021:0521-01, RHSA-2021:0548-01, RHSA-2021:0551-01, VIGILANCE-VUL-34015
X.Org Server: buffer overflow via XkbSetDeviceInfo
An attacker can trigger a buffer overflow via XkbSetDeviceInfo of X.Org Server, in order to trigger a denial of service, and possibly to run code...
CVE-2020-25712, DLA-2486-1, DSA-4803-1, FEDORA-2020-c8a7df24d4, FEDORA-2020-e82f9b80eb, openSUSE-SU-2020:2147-1, openSUSE-SU-2020:2186-1, RHSA-2020:5408-01, SUSE-SU-2020:14553-1, SUSE-SU-2020:3582-1, SUSE-SU-2020:3585-1, SUSE-SU-2020:3586-1, SUSE-SU-2020:3587-1, SUSE-SU-2020:3588-1, SUSE-SU-2020:3589-1, USN-4656-1, USN-4656-2, VIGILANCE-VUL-34014
X.Org Server: out-of-bounds memory reading via XkbSetMap
An attacker can force a read at an invalid address via XkbSetMap of X.Org Server, in order to trigger a denial of service, or to obtain sensitive information...
CVE-2020-14360, DLA-2486-1, DSA-4803-1, FEDORA-2020-c8a7df24d4, FEDORA-2020-e82f9b80eb, openSUSE-SU-2020:2147-1, openSUSE-SU-2020:2186-1, RHSA-2020:5408-01, SUSE-SU-2020:14553-1, SUSE-SU-2020:3582-1, SUSE-SU-2020:3585-1, SUSE-SU-2020:3586-1, SUSE-SU-2020:3587-1, SUSE-SU-2020:3588-1, SUSE-SU-2020:3589-1, USN-4656-1, USN-4656-2, VIGILANCE-VUL-34013
Go: code execution via Argument Injection
An attacker can use a vulnerability via Argument Injection of Go, in order to run code...
CVE-2020-28367, DLA-2460-1, openSUSE-SU-2020:2047-1, openSUSE-SU-2020:2067-1, openSUSE-SU-2020:2139-1, RHSA-2020:5493-01, SUSE-SU-2020:3368-1, SUSE-SU-2020:3369-1, VIGILANCE-VUL-33936
Go: code execution via Code Injection
An attacker can use a vulnerability via Code Injection of Go, in order to run code...
CVE-2020-28366, openSUSE-SU-2020:2047-1, openSUSE-SU-2020:2067-1, openSUSE-SU-2020:2139-1, RHSA-2020:5493-01, SUSE-SU-2020:3368-1, SUSE-SU-2020:3369-1, VIGILANCE-VUL-33935
Our database contains other pages. You can request a free trial to read them.

Display information about CentOS: