Vulnerabilities > Centos

DATE CVE VULNERABILITY TITLE RISK
2022-02-18 CVE-2021-20315 Improper Locking vulnerability in multiple products
A locking protection bypass flaw was found in some versions of gnome-shell as shipped within CentOS Stream 8, when the "Application menu" or "Window list" GNOME extensions are enabled.
low complexity
gnome centos CWE-667
6.1
2020-03-31 CVE-2020-5291 Improper Privilege Management vulnerability in multiple products
Bubblewrap (bwrap) before version 0.4.1, if installed in setuid mode and the kernel supports unprivileged user namespaces, then the `bwrap --userns2` option can be used to make the setuid process keep running as root while being traceable.
8.5
2017-10-05 CVE-2017-1000253 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015).
local
low complexity
redhat centos linux CWE-119
7.8
2012-02-02 CVE-2011-4144 Unspecified vulnerability in EMC Documentum Content Server 6.0, 6.5 before SP2 P02, 6.5 SP3 before SP3 P02, and 6.6 before P02 allows local users to obtain "highest super user privileges" by leveraging system administrator privileges.
local
low complexity
emc centos
6.8
2009-10-06 CVE-2009-3564 Permissions, Privileges, and Access Controls vulnerability in Reductivelabs Puppet 0.24.6
puppetmasterd in puppet 0.24.6 does not reset supplementary groups when it switches to a different user, which might allow local users to access restricted files.
4.7
2007-12-18 CVE-2007-6283 Information Exposure vulnerability in multiple products
Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions, which allows local users to perform unauthorized named commands, such as causing a denial of service by stopping named.
local
low complexity
redhat fedoraproject oracle centos CWE-200
4.9