Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Enterprise_mrg
(Redhat)| Repositories |
• https://github.com/torvalds/linux
• https://github.com/mjg59/linux |
| #Vulnerabilities | 74 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2011-09-20 | CVE-2011-2925 | Cumin in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0 records broker authentication credentials in a log file, which allows local users to bypass authentication and perform unauthorized actions on jobs and message queues via a direct connection to the broker. | Enterprise_mrg | N/A | ||
| 2012-09-28 | CVE-2012-2680 | Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, does not properly restrict access to resources, which allows remote attackers to obtain sensitive information via unspecified vectors related to (1) "web pages," (2) "export functionality," and (3) "image viewing." | Enterprise_mrg, Cumin | N/A | ||
| 2012-09-28 | CVE-2012-2681 | Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, uses predictable random numbers to generate session keys, which makes it easier for remote attackers to guess the session key. | Enterprise_mrg, Cumin | N/A | ||
| 2012-09-28 | CVE-2012-2684 | Multiple SQL injection vulnerabilities in the get_sample_filters_by_signature function in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to execute arbitrary SQL commands via the (1) agent or (2) object id. | Enterprise_mrg, Cumin | N/A | ||
| 2012-09-28 | CVE-2012-2685 | Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote authenticated users to cause a denial of service (memory consumption) via a large size in an image request. | Enterprise_mrg, Cumin | N/A | ||
| 2012-09-28 | CVE-2012-3459 | Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote authenticated users to modify Condor attributes and possibly gain privileges via crafted additional parameters in an HTTP POST request, which triggers a job attribute change request to Condor. | Enterprise_mrg, Cumin | N/A | ||
| 2013-07-04 | CVE-2013-2164 | The mmc_ioctl_cdrom_read_data function in drivers/cdrom/cdrom.c in the Linux kernel through 3.10 allows local users to obtain sensitive information from kernel memory via a read operation on a malfunctioning CD-ROM drive. | Linux_kernel, Enterprise_linux, Enterprise_mrg | N/A | ||
| 2013-08-23 | CVE-2013-1909 | The Python client in Apache Qpid before 2.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | Qpid, Enterprise_mrg | N/A | ||
| 2013-10-09 | CVE-2013-4284 | Cumin, as used in Red Hat Enterprise MRG 2.4, allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted Ajax update request. | Enterprise_mrg | N/A | ||
| 2013-10-11 | CVE-2009-5136 | The policy definition evaluator in Condor before 7.4.2 does not properly handle attributes in a WANT_SUSPEND policy that evaluate to an UNDEFINED state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job. | Condor, Enterprise_mrg | N/A |