• CVE-2023-5156

    NVD Listing: https://nvd.nist.gov/vuln/detail/CVE-2023-5156 

    A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash.

    CVE-2023-5156
    CentOS
    CentOS 7
    2.17-326_ol005.el7_9.3
    glibc
    7.5

  • CVE-2024-38428

    NVD Listing: https://nvd.nist.gov/vuln/detail/CVE-2024-38428

    url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent.

    CVE-2024-38428
    CentOS
    CentOS 7
    1.14-18_ol001.el7.1
    wget
    9.1

  • CVE-2021-45078

    NVD Listing: https://nvd.nist.gov/vuln/detail/CVE-2021-45078 

    stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix for CVE-2018-12699.

    CVE-2021-45078
    CentOS
    CentOS 7
    2.27-44.base_ol001.el7.1
    binutils
    7.8

  • CVE-2022-29404

    NVD Listing: https://nvd.nist.gov/vuln/detail/CVE-2022-29404 

    In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.

    CVE-2022-29404
    CentOS
    CentOS 7
    2.4.6-99_ol004.el7.1
    httpd
    7.5

  • CVE-2023-4806

    NVD Listing: https://nvd.nist.gov/vuln/detail/CVE-2023-4806 

    A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.

    CVE-2023-4806
    CentOS
    CentOS 7
    2.17-326_ol005.el7_9.3
    glibc
    5.9

  • CVE-2017-8804

    NVD Listing: https://nvd.nist.gov/vuln/detail/CVE-2017-8804 

    The xdr_bytes and xdr_string functions in the GNU C Library (aka glibc or libc6) 2.25 mishandle failures of buffer deserialization, which allows remote attackers to cause a denial of service (virtual memory allocation, or memory consumption if an overcommit setting is not used) via a crafted UDP packet to port 111, a related issue to CVE-2017-8779. NOTE: [Information provided from upstream and references

    CVE-2017-8804
    CentOS
    CentOS 7
    2.17-326_ol007.el7_9.3
    glibc
    7.5

  • CVE-2024-24795

    NVD Listing: https://nvd.nist.gov/vuln/detail/CVE-2024-24795 

    HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack. Users are recommended to upgrade to version 2.4.59, which fixes this issue.

    CVE-2024-24795
    CentOS
    CentOS 7
    2.4.6-99_ol006.el7.1
    httpd
    n/a

  • CVE-2024-1975

    NVD Listing: https://nvd.nist.gov/vuln/detail/CVE-2024-1975 

    If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG(0) signed requests. This issue affects BIND 9 versions 9.0.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.49-S1, and 9.18.11-S1 through 9.18.27-S1.

    CVE-2024-1975
    CentOS
    CentOS 7
    9.11.4-26.P2_ol001.el7_9.16
    bind
    7.5