Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Enterprise_mrg
(Redhat)| Repositories |
• https://github.com/torvalds/linux
• https://github.com/mjg59/linux |
| #Vulnerabilities | 74 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2012-09-28 | CVE-2012-3459 | Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote authenticated users to modify Condor attributes and possibly gain privileges via crafted additional parameters in an HTTP POST request, which triggers a job attribute change request to Condor. | Enterprise_mrg, Cumin | N/A | ||
| 2013-07-04 | CVE-2013-2164 | The mmc_ioctl_cdrom_read_data function in drivers/cdrom/cdrom.c in the Linux kernel through 3.10 allows local users to obtain sensitive information from kernel memory via a read operation on a malfunctioning CD-ROM drive. | Linux_kernel, Enterprise_linux, Enterprise_mrg | N/A | ||
| 2013-08-23 | CVE-2013-1909 | The Python client in Apache Qpid before 2.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | Qpid, Enterprise_mrg | N/A | ||
| 2013-10-09 | CVE-2013-4284 | Cumin, as used in Red Hat Enterprise MRG 2.4, allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted Ajax update request. | Enterprise_mrg | N/A | ||
| 2013-10-11 | CVE-2009-5136 | The policy definition evaluator in Condor before 7.4.2 does not properly handle attributes in a WANT_SUSPEND policy that evaluate to an UNDEFINED state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job. | Condor, Enterprise_mrg | N/A | ||
| 2013-10-11 | CVE-2013-4255 | The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle attributes in a (1) PREEMPT, (2) SUSPEND, (3) CONTINUE, (4) WANT_VACATE, or (5) KILL policy that evaluate to an Unconfigured, Undefined, or Error state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job. | Condor, Enterprise_mrg | N/A | ||
| 2013-12-23 | CVE-2013-4404 | cumin in Red Hat Enterprise MRG Grid 2.4 does not properly enforce user roles, which allows remote authenticated users to bypass intended role restrictions and obtain sensitive information or perform privileged operations via unspecified vectors. | Enterprise_mrg | N/A | ||
| 2013-12-23 | CVE-2013-4461 | SQL injection vulnerability in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allows remote attackers to execute arbitrary SQL commands via vectors related to the "filtering table operator." | Enterprise_mrg | N/A | ||
| 2014-06-05 | CVE-2014-3917 | kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number. | Linux_kernel, Enterprise_linux, Enterprise_mrg, Linux_enterprise_desktop | N/A | ||
| 2014-04-30 | CVE-2013-6445 | Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, uses the DES-based crypt function to hash passwords, which makes it easier for attackers to obtain sensitive information via a brute-force attack. | Enterprise_mrg | N/A |