Lucene search
K

160 matches found

CVE
CVE
added 2012/09/28 5:0 p.m.61 views

CVE-2012-2685

CVE-2012-2685 details (MODE C): In Cumin, components used in Red Hat Enterprise Messaging/Realtime/Grid (MRG) 2.0, versions prior to 0.1.5444 allow remote authenticated users to cause a denial of service by requesting images of a large size, triggering memory consumption on the Cumin server. The ...

4CVSS6.2AI score0.02156EPSS
Exploits1References6Affected Software2
CVE
CVE
added 2012/09/28 5:0 p.m.70 views

CVE-2012-2681

CVE-2012-2681 affects Cumin before 0.1.5444 used in Red Hat Enterprise Messaging/Realtime/Grid (MRG) 2.0. It uses predictable random numbers to generate session keys, making it easier for remote attackers to guess the session key. Connected advisories indicate Red Hat security updates for the Gri...

5.8CVSS6.6AI score0.02203EPSS
Exploits1References6Affected Software2
CVE
CVE
added 2012/09/28 5:0 p.m.69 views

CVE-2012-3459

CVE-2012-3459 affects Cumin (as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0). The vulnerability arises when remote authenticated users send crafted additional parameters in an HTTP POST, triggering a Condor job attribute change request and potentially enabling privilege esc...

4.9CVSS6.5AI score0.01571EPSS
Exploits0References6Affected Software2
Cvelist
Cvelist
added 2012/09/28 5:0 p.m.23 views

CVE-2012-3459

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0, allows remote authenticated users to modify Condor attributes and possibly gain privileges via crafted additional parameters in an HTTP POST request, which triggers a job attribute change request to Condor...

6.4AI score0.01571EPSS
Exploits0References6
Cvelist
Cvelist
added 2012/09/28 5:0 p.m.27 views

CVE-2012-2685

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0, allows remote authenticated users to cause a denial of service memory consumption via a large size in an image request...

6.1AI score0.02156EPSS
Exploits1References6
Cvelist
Cvelist
added 2012/09/28 5:0 p.m.33 views

CVE-2012-2735

Session fixation vulnerability in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0, allows remote attackers to hijack web sessions via a crafted session cookie...

6.4AI score0.01571EPSS
Exploits0References6
CVE
CVE
added 2012/09/28 5:0 p.m.63 views

CVE-2012-2683

CVE-2012-2683 corresponds to multiple cross-site scripting vulnerabilities in Cumin used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.x. Affected component: Cumin web interface; root cause: XSS in error message displays and in source HTML on certain pages. Impact: remote attackers ...

4.3CVSS5.5AI score0.02083EPSS
Exploits0References8Affected Software2
Positive Technologies
Positive Technologies
added 2012/09/28 12:0 a.m.6 views

PT-2012-4224 · Red Hat · Cumin +1

Name of the Vulnerable Software and Affected Versions: Cumin versions prior to 0.1.5444 Red Hat Enterprise Messaging, Realtime, and Grid MRG version 2.0 Description: A session fixation issue allows remote attackers to hijack web sessions via a crafted session cookie. Recommendations: For Cumin...

4.9CVSS6.4AI score0.01571EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2012/09/28 12:0 a.m.6 views

PT-2012-4223 · Red Hat · Cumin +1

Name of the Vulnerable Software and Affected Versions: Cumin versions prior to 0.1.5444 Red Hat Enterprise Messaging, Realtime, and Grid MRG version 2.0 Description: The issue allows remote attackers to hijack the authentication of arbitrary users for requests that execute commands...

6.8CVSS7.2AI score0.00917EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2012/09/28 12:0 a.m.4 views

PT-2012-4179 · Red Hat · Cumin +1

Name of the Vulnerable Software and Affected Versions: Cumin versions prior to 0.1.5444 Red Hat Enterprise Messaging, Realtime, and Grid MRG version 2.0 Description: The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to error message displays ...

4.3CVSS6AI score0.02083EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2012/09/19 5:41 p.m.5 views

cumin: allows for editing internal Condor job attributes

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0, allows remote authenticated users to modify Condor attributes and possibly gain privileges via crafted additional parameters in an HTTP POST request, which triggers a job attribute change request to Condor...

4.9CVSS5.9AI score0.01571EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/09/19 5:41 p.m.10 views

cumin: CSRF flaw

Multiple cross-site request forgery CSRF vulnerabilities in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0, allow remote attackers to hijack the authentication of arbitrary users for requests that execute commands via unspecified vectors...

6.8CVSS6AI score0.00917EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2012/09/19 5:41 p.m.4 views

cumin: DoS via large image requests

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0, allows remote authenticated users to cause a denial of service memory consumption via a large size in an image request...

4CVSS5.8AI score0.02156EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2012/09/19 5:41 p.m.5 views

cumin: SQL injection flaw

Multiple SQL injection vulnerabilities in the getsamplefiltersbysignature function in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0, allow remote attackers to execute arbitrary SQL commands via the 1 agent or 2 object id...

7.5CVSS6.2AI score0.02125EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/09/19 5:41 p.m.6 views

cumin: weak session keys

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0, uses predictable random numbers to generate session keys, which makes it easier for remote attackers to guess the session key...

5.8CVSS5.8AI score0.02203EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2012/09/19 5:41 p.m.9 views

cumin: session fixation flaw

Session fixation vulnerability in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0, allows remote attackers to hijack web sessions via a crafted session cookie...

4.9CVSS5.9AI score0.01571EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/09/19 5:41 p.m.5 views

cumin: authentication bypass flaws

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0, does not properly restrict access to resources, which allows remote attackers to obtain sensitive information via unspecified vectors related to 1 "web pages," 2 "export functionality," and 3 "image viewin...

5CVSS5.9AI score0.02339EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2012/09/19 5:41 p.m.6 views

cumin: multiple XSS flaws

Multiple cross-site scripting XSS vulnerabilities in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to 1 "error message displays" or 2 "in source HTML on...

4.3CVSS5.8AI score0.02083EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/09/19 5:41 p.m.47 views

Moderate: Red Hat Security Advisory: Red Hat Enterprise MRG Grid 2.2 security update

Updated Grid component packages that fix several security issues, add various enhancements and fix multiple bugs are now available for Red Hat Enterprise MRG 2 for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common...

7.5CVSS5.9AI score0.03184EPSS
Exploits4References15
RedHat Linux
RedHat Linux
added 2012/09/19 5:33 p.m.7 views

cumin: DoS via large image requests

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0, allows remote authenticated users to cause a denial of service memory consumption via a large size in an image request...

4CVSS5.8AI score0.02156EPSS
Exploits1References4
Rows per page
Query Builder