NVD Listing: https://nvd.nist.gov/vuln/detail/CVE-2024-38474 

Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI. Users are recommended to upgrade to version 2.4.60, which fixes this issue. Some RewriteRules that capture and substitute unsafely will now fail unless rewrite flag "UnsafeAllow3F" is specified.

NVD Listing: https://nvd.nist.gov/vuln/detail/CVE-2022-23219 

The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.

NVD Listing: https://nvd.nist.gov/vuln/detail/CVE-2022-44840 

Heap buffer overflow vulnerability in binutils readelf before 2.40 via function find_section_in_set in file readelf.c.

NVD Listing: https://nvd.nist.gov/vuln/detail/CVE-2022-48560 

A use-after-free exists in Python through 3.9 via heappushpop in heapq.

NVD Listing: https://nvd.nist.gov/vuln/detail/CVE-2023-43804 

urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the `Cookie` HTTP header special or provide any helpers for managing cookies over HTTP, that is the responsibility of the user. However, it is possible for a user to specify a `Cookie` header and unknowingly leak information via HTTP redirects to a different origin if that user doesn't disable redirects explicitly. This issue has been patched in urllib3 version 1.26.17 or 2.0.5.

NVD Listing: https://nvd.nist.gov/vuln/detail/CVE-2024-38475

Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure. Substitutions in server context that use a backreferences or variables as the first segment of the substitution are affected.  Some unsafe RewiteRules will be broken by this change and the rewrite flag "UnsafePrefixStat" can be used to opt back in once ensuring the substitution is appropriately constrained.

NVD Listing: https://nvd.nist.gov/vuln/detail/CVE-2023-26604 

systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.

NVD Listing: https://nvd.nist.gov/vuln/detail/CVE-2023-5156 

A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash.

NVD Listing: https://nvd.nist.gov/vuln/detail/CVE-2021-37322 

GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability via the component cplus-dem.c.

NVD Listing: https://nvd.nist.gov/vuln/detail/CVE-2020-8037 

The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.