Enterprise Mrg@2.0 Security Vulnerabilities and Issues — Enterprise Mrg@2.0 CVE List

Lucene search

RedhatEnterprise Mrg2.0

11 matches found

CVE•added 2012/05/24 11:55 p.m.•101 views

CVE-2011-2699

The IPv6 implementation in the Linux kernel before 3.1 does not generate Fragment Identification values separately for each destination, which makes it easier for remote attackers to cause a denial of service (disrupted networking) by predicting these values and sending crafted packets.

7.8CVSS7.8AI score0.00752EPSS

CVE•added 2012/05/17 11:0 a.m.•98 views

CVE-2012-1097

The regset (aka register set) feature in the Linux kernel before 3.2.10 does not properly handle the absence of .get and .set methods, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a (1) PTRACE_GETREGSET or (2) PTRACE_...

7.8CVSS7.7AI score0.00122EPSS

CVE•added 2012/05/17 11:0 a.m.•88 views

CVE-2012-1090

The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO.

5.5CVSS5.8AI score0.00061EPSS

CVE•added 2012/09/28 5:55 p.m.•52 views

CVE-2012-2735

Session fixation vulnerability in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote attackers to hijack web sessions via a crafted session cookie.

4.9CVSS6.5AI score0.0039EPSS

CVE•added 2012/09/28 5:55 p.m.•49 views

CVE-2012-3459

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote authenticated users to modify Condor attributes and possibly gain privileges via crafted additional parameters in an HTTP POST request, which triggers a job attribute change request to Condor...

4.9CVSS6.5AI score0.00423EPSS

CVE•added 2012/09/28 5:55 p.m.•48 views

CVE-2012-2681

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, uses predictable random numbers to generate session keys, which makes it easier for remote attackers to guess the session key.

5.8CVSS6.6AI score0.00651EPSS

CVE•added 2012/09/28 5:55 p.m.•47 views

CVE-2012-2734

Multiple cross-site request forgery (CSRF) vulnerabilities in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to hijack the authentication of arbitrary users for requests that execute commands via unspecified vectors.

6.8CVSS7.7AI score0.00196EPSS

CVE•added 2012/09/28 5:55 p.m.•44 views

CVE-2012-2683

Multiple cross-site scripting (XSS) vulnerabilities in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) "error message displays" or (2) "in source HTML o...

4.3CVSS5.5AI score0.00467EPSS

CVE•added 2012/09/28 5:55 p.m.•43 views

CVE-2012-2680

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, does not properly restrict access to resources, which allows remote attackers to obtain sensitive information via unspecified vectors related to (1) "web pages," (2) "export functionality," and (3) "image ...

5CVSS6AI score0.006EPSS

CVE•added 2012/09/28 5:55 p.m.•43 views

CVE-2012-2685

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote authenticated users to cause a denial of service (memory consumption) via a large size in an image request.

4CVSS6.2AI score0.01178EPSS

CVE•added 2012/09/28 5:55 p.m.•42 views

CVE-2012-2684

Multiple SQL injection vulnerabilities in the get_sample_filters_by_signature function in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to execute arbitrary SQL commands via the (1) agent or (2) object id.

7.5CVSS8.4AI score0.00605EPSS