Product:

Enterprise_mrg

(Redhat)
Repositories https://github.com/torvalds/linux
https://github.com/mjg59/linux
#Vulnerabilities 74
Date Id Summary Products Score Patch Annotated
2013-10-11 CVE-2013-4255 The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle attributes in a (1) PREEMPT, (2) SUSPEND, (3) CONTINUE, (4) WANT_VACATE, or (5) KILL policy that evaluate to an Unconfigured, Undefined, or Error state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job. Condor, Enterprise_mrg N/A
2013-12-23 CVE-2013-4404 cumin in Red Hat Enterprise MRG Grid 2.4 does not properly enforce user roles, which allows remote authenticated users to bypass intended role restrictions and obtain sensitive information or perform privileged operations via unspecified vectors. Enterprise_mrg N/A
2013-12-23 CVE-2013-4461 SQL injection vulnerability in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allows remote attackers to execute arbitrary SQL commands via vectors related to the "filtering table operator." Enterprise_mrg N/A
2014-06-05 CVE-2014-3917 kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number. Linux_kernel, Enterprise_linux, Enterprise_mrg, Linux_enterprise_desktop N/A
2014-04-30 CVE-2013-6445 Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, uses the DES-based crypt function to hash passwords, which makes it easier for attackers to obtain sensitive information via a brute-force attack. Enterprise_mrg N/A
2014-06-05 CVE-2014-3940 The Linux kernel through 3.14.5 does not properly consider the presence of hugetlb entries, which allows local users to cause a denial of service (memory corruption or system crash) by accessing certain memory locations, as demonstrated by triggering a race condition via numa_maps read operations during hugepage migration, related to fs/proc/task_mmu.c and mm/mempolicy.c. Linux_kernel, Enterprise_linux, Enterprise_mrg N/A
2014-07-11 CVE-2014-0174 Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie. Enterprise_mrg N/A
2014-07-19 CVE-2012-2682 Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, allows attackers with certain database privileges to cause a denial of service (inaccessible page) via a non-ASCII character in the name of a link. Enterprise_mrg N/A
2017-09-19 CVE-2015-7837 The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot restrictions by leveraging improper handling of secure_boot flag across kexec reboot. Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_server_aus, Enterprise_linux_workstation, Enterprise_mrg, Kernel\-Rt 5.5
2019-11-05 CVE-2013-6460 Nokogiri gem 1.5.x has Denial of Service via infinite loop when parsing XML documents Debian_linux, Nokogiri, Cloudforms_management_engine, Enterprise_mrg, Openstack, Satellite, Subscription_asset_manager 6.5