The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of CentOS

Apache Tomcat: code execution via Enabled AJP Connector
An attacker can use a vulnerability via Enabled AJP Connector of Apache Tomcat, in order to run code...
bulletinapr2020, CERTFR-2020-AVI-112, cpujul2020, CVE-2020-1938, DLA-2133-1, DLA-2209-1, DSA-4673-1, DSA-4680-1, FEDORA-2020-04ac174fa9, FEDORA-2020-c870aa8378, HPESBUX04015, openSUSE-SU-2020:0345-1, openSUSE-SU-2020:0597-1, RHSA-2020:0855-01, RHSA-2020:0912-01, RHSA-2020:1478-01, RHSA-2020:1479-01, RHSA-2020:2779-01, RHSA-2020:2780-01, RHSA-2020:2781-01, RHSA-2020:2783-01, RHSA-2020:2840-01, SUSE-SU-2020:0598-1, SUSE-SU-2020:0631-1, SUSE-SU-2020:0632-1, SUSE-SU-2020:0725-1, SUSE-SU-2020:1111-1, SUSE-SU-2020:1126-1, SUSE-SU-2020:1272-1, SUSE-SU-2020:14342-1, VIGILANCE-VUL-31664
MariaDB: privilege escalation via wsrep_provider/notify_cmd
An attacker can bypass restrictions via wsrep_provider/notify_cmd of MariaDB, in order to escalate his privileges...
CVE-2021-27928, DLA-2605-1, RHSA-2021:1240-01, RHSA-2021:1241-01, RHSA-2021:1242-01, VIGILANCE-VUL-34894
Linux kernel: memory leak via unix_stream_recvmsg
An attacker can create a memory leak via unix_stream_recvmsg() of the Linux kernel, in order to trigger a denial of service...
CERTFR-2021-AVI-201, CERTFR-2021-AVI-303, CVE-2021-20265, RHBUG-1908827, RHSA-2021:0856-01, RHSA-2021:0857-01, RHSA-2021:1288-01, VIGILANCE-VUL-34830
Linux kernel: information disclosure via iscsi_host_get_param
A local attacker can read a memory fragment via iscsi_host_get_param() of the Linux kernel, in order to obtain sensitive information...
CERTFR-2021-AVI-191, CERTFR-2021-AVI-211, CERTFR-2021-AVI-217, CERTFR-2021-AVI-220, CERTFR-2021-AVI-241, CERTFR-2021-AVI-242, CERTFR-2021-AVI-264, CERTFR-2021-AVI-266, CERTFR-2021-AVI-278, CERTFR-2021-AVI-284, CERTFR-2021-AVI-303, CERTFR-2021-AVI-312, CERTFR-2021-AVI-324, CVE-2021-27365, DLA-2586-1, DLA-2610-1, openSUSE-SU-2021:0532-1, RHSA-2021:1069-01, RHSA-2021:1070-01, RHSA-2021:1071-01, RHSA-2021:1081-01, RHSA-2021:1093-01, RHSA-2021:1171-01, RHSA-2021:1173-01, RHSA-2021:1267-01, RHSA-2021:1272-01, RHSA-2021:1279-01, RHSA-2021:1288-01, RHSA-2021:1289-01, RHSA-2021:1295-01, RHSA-2021:1373-01, RHSA-2021:1376-01, RHSA-2021:1377-01, SSA:2021-072-01, SUSE-SU-2021:1175-1, SUSE-SU-2021:1176-1, SUSE-SU-2021:1177-1, SUSE-SU-2021:1210-1, SUSE-SU-2021:1211-1, SUSE-SU-2021:1238-1, USN-4883-1, USN-4887-1, USN-4889-1, USN-4901-1, VIGILANCE-VUL-34764
Linux kernel: read-write access via iscsi_if_recv_msg
An attacker can bypass access restrictions via iscsi_if_recv_msg() of the Linux kernel, in order to read or alter data...
CERTFR-2021-AVI-191, CERTFR-2021-AVI-211, CERTFR-2021-AVI-217, CERTFR-2021-AVI-220, CERTFR-2021-AVI-241, CERTFR-2021-AVI-242, CERTFR-2021-AVI-264, CERTFR-2021-AVI-266, CERTFR-2021-AVI-278, CERTFR-2021-AVI-284, CERTFR-2021-AVI-303, CERTFR-2021-AVI-312, CERTFR-2021-AVI-324, CVE-2021-27364, DLA-2586-1, DLA-2610-1, openSUSE-SU-2021:0532-1, RHSA-2021:1069-01, RHSA-2021:1070-01, RHSA-2021:1071-01, RHSA-2021:1081-01, RHSA-2021:1093-01, RHSA-2021:1171-01, RHSA-2021:1173-01, RHSA-2021:1267-01, RHSA-2021:1272-01, RHSA-2021:1279-01, RHSA-2021:1288-01, RHSA-2021:1289-01, RHSA-2021:1295-01, RHSA-2021:1373-01, RHSA-2021:1376-01, RHSA-2021:1377-01, SSA:2021-072-01, SUSE-SU-2021:1175-1, SUSE-SU-2021:1176-1, SUSE-SU-2021:1177-1, SUSE-SU-2021:1210-1, SUSE-SU-2021:1211-1, SUSE-SU-2021:1238-1, USN-4883-1, USN-4887-1, USN-4889-1, USN-4901-1, VIGILANCE-VUL-34763
Linux kernel: read-write access via iSCSI show_transport_handle
An attacker can bypass access restrictions via iSCSI show_transport_handle() of the Linux kernel, in order to read or alter data...
CERTFR-2021-AVI-191, CERTFR-2021-AVI-211, CERTFR-2021-AVI-217, CERTFR-2021-AVI-220, CERTFR-2021-AVI-241, CERTFR-2021-AVI-242, CERTFR-2021-AVI-264, CERTFR-2021-AVI-266, CERTFR-2021-AVI-278, CERTFR-2021-AVI-284, CERTFR-2021-AVI-303, CERTFR-2021-AVI-312, CERTFR-2021-AVI-324, CVE-2021-27363, DLA-2586-1, DLA-2610-1, openSUSE-SU-2021:0532-1, RHSA-2021:1070-01, RHSA-2021:1071-01, RHSA-2021:1081-01, RHSA-2021:1093-01, RHSA-2021:1171-01, RHSA-2021:1267-01, RHSA-2021:1272-01, RHSA-2021:1279-01, RHSA-2021:1289-01, RHSA-2021:1373-01, RHSA-2021:1376-01, SSA:2021-072-01, SUSE-SU-2021:1175-1, SUSE-SU-2021:1176-1, SUSE-SU-2021:1177-1, SUSE-SU-2021:1210-1, SUSE-SU-2021:1211-1, SUSE-SU-2021:1238-1, USN-4883-1, USN-4887-1, USN-4889-1, USN-4901-1, VIGILANCE-VUL-34762
GRUB2: multiple vulnerabilities
An attacker can use several vulnerabilities of GRUB2...
CERTFR-2021-AVI-172, CVE-2020-14372, CVE-2020-25632, CVE-2020-25647, CVE-2020-27749, CVE-2020-27779, CVE-2021-20225, CVE-2021-20233, CVE-2021-3418, DSA-4867-1, FEDORA-2021-5497f7409b, FEDORA-2021-f6c91e2b75, HPESBHF04116, openSUSE-SU-2021:0462-1, RHSA-2021:0696-01, RHSA-2021:0697-01, RHSA-2021:0698-01, RHSA-2021:0699-01, RHSA-2021:0700-01, RHSA-2021:0701-01, RHSA-2021:0702-01, RHSA-2021:0703-01, RHSA-2021:0704-01, SUSE-SU-2021:0679-1, SUSE-SU-2021:0681-1, SUSE-SU-2021:0682-1, SUSE-SU-2021:0683-1, SUSE-SU-2021:0684-1, SUSE-SU-2021:0685-1, SUSE-SU-2021:14659-1, VIGILANCE-VUL-34733
Podman: file reading via Container Files
A local attacker can read a file via Container Files of Podman, in order to obtain sensitive information...
CVE-2021-20188, RHSA-2021:0681-01, RHSA-2021:0705-01, RHSA-2021:0706-01, RHSA-2021:0710-01, VIGILANCE-VUL-34715
Node Core: code execution via DNS Rebinding Localhost6
An attacker can use a vulnerability via DNS Rebinding Localhost6 of Node Core, in order to run code...
CVE-2021-22884, DSA-4863-1, FEDORA-2021-a760169c3c, FEDORA-2021-f6bd75e9d4, openSUSE-SU-2021:0356-1, openSUSE-SU-2021:0357-1, openSUSE-SU-2021:0372-1, openSUSE-SU-2021:0389-1, RHSA-2021:0734-01, RHSA-2021:0735-01, RHSA-2021:0738-01, RHSA-2021:0739-01, RHSA-2021:0740-01, RHSA-2021:0741-01, RHSA-2021:0744-01, RHSA-2021:0827-01, RHSA-2021:0830-01, RHSA-2021:0831-01, SUSE-SU-2021:0648-1, SUSE-SU-2021:0649-1, SUSE-SU-2021:0650-1, SUSE-SU-2021:0651-1, SUSE-SU-2021:0673-1, SUSE-SU-2021:0674-1, SUSE-SU-2021:0686-1, VIGILANCE-VUL-34655
GNU Screen: memory corruption via UTF-8 Character Sequence
An attacker can trigger a memory corruption via UTF-8 Character Sequence of GNU Screen, in order to trigger a denial of service, and possibly to run code...
CVE-2021-26937, DLA-2570-1, DSA-4861-1, FEDORA-2021-5e9894a0c5, FEDORA-2021-9107eeb95c, openSUSE-SU-2021:0304-1, RHSA-2021:0742-01, SUSE-SU-2021:0491-1, SUSE-SU-2021:0492-1, USN-4747-1, USN-4747-2, VIGILANCE-VUL-34605
Our database contains other pages. You can request a free trial to read them.

Display information about CentOS: