Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2014/07/22 12:0 a.m.48 views

RHEL 6 : kernel-rt (RHSA-2012:0010)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0010 advisory. The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: A...

9.1CVSS6.6AI score0.05689EPSS
Exploits8References30
Prion
Prion
added 2012/09/28 5:55 p.m.21 views

Cross site request forgery (csrf)

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0, allows remote authenticated users to modify Condor attributes and possibly gain privileges via crafted additional parameters in an HTTP POST request, which triggers a job attribute change request to Condor...

4.9CVSS6.9AI score0.01571EPSS
Exploits0References6Affected Software2
Prion
Prion
added 2012/09/28 5:55 p.m.24 views

Design/Logic Flaw

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0, uses predictable random numbers to generate session keys, which makes it easier for remote attackers to guess the session key...

5.8CVSS7AI score0.02203EPSS
Exploits1References6Affected Software2
Prion
Prion
added 2012/09/28 5:55 p.m.19 views

Sql injection

Multiple SQL injection vulnerabilities in the getsamplefiltersbysignature function in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0, allow remote attackers to execute arbitrary SQL commands via the 1 agent or 2 object id...

7.5CVSS9.1AI score0.02125EPSS
Exploits0References7Affected Software2
Prion
Prion
added 2012/09/28 5:55 p.m.25 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to 1 "error message displays" or 2 "in source HTML on...

4.3CVSS6AI score0.02083EPSS
Exploits0References8Affected Software2
Prion
Prion
added 2012/09/28 5:55 p.m.26 views

Information disclosure

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0, does not properly restrict access to resources, which allows remote attackers to obtain sensitive information via unspecified vectors related to 1 "web pages," 2 "export functionality," and 3 "image viewin...

5CVSS6.5AI score0.02339EPSS
Exploits1References6Affected Software2
Cvelist
Cvelist
added 2012/09/28 5:0 p.m.32 views

CVE-2012-2735

Session fixation vulnerability in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0, allows remote attackers to hijack web sessions via a crafted session cookie...

6.4AI score0.01571EPSS
Exploits0References6
CVE
CVE
added 2012/09/28 5:0 p.m.58 views

CVE-2012-2684

CVE-2012-2684 affects Cumin (the MRG web console) used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0. The vulnerability is a SQL injection in the get_sample_filters_by_signature function, exploitable remotely via the (1) agent or (2) object id, as described in the CVE entry. Root ...

7.5CVSS8.4AI score0.02125EPSS
Exploits0References7Affected Software2
CVE
CVE
added 2012/09/28 5:0 p.m.65 views

CVE-2012-2734

CVE-2012-2734 affects Cumin in Red Hat MRG Grid/Messaging stack (MRG 2.0). The vulnerability is a Cross-Site Request Forgery that lets an attacker hijack the authenticated user’s session and cause commands to be executed via unspecified vectors. Affected component: Cumin before 0.1.5444. Impact: ...

6.8CVSS7.7AI score0.00917EPSS
Exploits1References6Affected Software2
CVE
CVE
added 2012/09/28 5:0 p.m.61 views

CVE-2012-2685

CVE-2012-2685 details (MODE C): In Cumin, components used in Red Hat Enterprise Messaging/Realtime/Grid (MRG) 2.0, versions prior to 0.1.5444 allow remote authenticated users to cause a denial of service by requesting images of a large size, triggering memory consumption on the Cumin server. The ...

4CVSS6.2AI score0.02156EPSS
Exploits1References6Affected Software2
CVE
CVE
added 2012/09/28 5:0 p.m.65 views

CVE-2012-3459

CVE-2012-3459 affects Cumin (as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0). The vulnerability arises when remote authenticated users send crafted additional parameters in an HTTP POST, triggering a Condor job attribute change request and potentially enabling privilege esc...

4.9CVSS6.5AI score0.01571EPSS
Exploits0References6Affected Software2
CVE
CVE
added 2012/09/28 5:0 p.m.62 views

CVE-2012-2683

CVE-2012-2683 corresponds to multiple cross-site scripting vulnerabilities in Cumin used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.x. Affected component: Cumin web interface; root cause: XSS in error message displays and in source HTML on certain pages. Impact: remote attackers ...

4.3CVSS5.5AI score0.02083EPSS
Exploits0References8Affected Software2
Cvelist
Cvelist
added 2011/09/19 3:0 p.m.36 views

CVE-2011-2925

Cumin in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0 records broker authentication credentials in a log file, which allows local users to bypass authentication and perform unauthorized actions on jobs and message queues via a direct connection to the broker...

6.4AI score0.00391EPSS
Exploits0References9
Rows per page
Query Builder