• CVE-2016-4738

    NVD Listing: https://nvd.nist.gov/vuln/detail/CVE-2016-4738 

    libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

    CVE-2016-4738
    CentOS
    CentOS 7
    1.1.28-6_ol001.el7
    libxslt
    8.8

  • CentOS End of Life Guide for Enterprise

    Resources for CentOS end of life including migration tips, CentOS alternatives, and support for EOL deployments.

  • EOL Software Risks

    In this video, learn about EOL software risks including non-compliance, exploited CVEs, and compatibility issues that can negatively impact your business.

  • CVE-2025-26465

    NVD Listing: https://nvd.nist.gov/vuln/detail/CVE-2025-26465 

    A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.

    CVE-2025-26465
    CentOS
    CentOS 7
    7.4p1-23_ol007.el7
    openssh
    6.8

  • CVE-2019-3859

    NVD Listing: https://nvd.nist.gov/vuln/detail/CVE-2019-3859 

    An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.

    Note: Red Hat has scored this vulnerability as 5.0 (Medium), based on distribution-specific mitigations.

    CVE-2019-3859
    CentOS
    CentOS 7
    1.8.0-4_ol002.el7_9.1
    libssh2
    9.1

  • CVE-2019-3860

    NVD Listing: https://nvd.nist.gov/vuln/detail/CVE-2019-3860 

    An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.

    Note: Red Hat has scored this vulnerability as 5.0 (Medium), based on distribution-specific mitigations

     

    CVE-2019-3860
    CentOS
    CentOS 7
    1.8.0-4_ol003.el7_9.1
    libssh2
    9.1

  • CVE-2017-1000381

    NVD Listing: https://nvd.nist.gov/vuln/detail/CVE-2017-1000381 

    The c-ares function `ares_parse_naptr_reply()`, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way.

    CVE-2017-1000381
    CentOS
    CentOS 7
    1.10.0-3_ol001.el7
    c-ares
    7.5

  • CVE-2020-27617

    NVD Listing: https://nvd.nist.gov/vuln/detail/CVE-2020-27617 

    eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can crash the QEMU process via packet data that lacks a valid Layer 3 protocol.

    CVE-2020-27617
    CentOS
    CentOS 7
    1.5.3-175_ol001.el7_9.6
    qemu-kvm
    6.5

  • CentOS 7 Migration Recommendations

    CentOS 7 becomes end-of-life on June 30, 2024. In this video, experts from OpenLogic offer CentOS 7 migration tips and guidance for planning a CentOS 7 migration.