Enterprise Mrg Security Vulnerabilities and Issues — Enterprise Mrg CVE List

Lucene search

RedhatEnterprise Mrg

17 matches found

CVE•added 2017/09/14 4:29 p.m.•229 views

CVE-2015-7553

Race condition in the kernel in Red Hat Enterprise Linux 7, kernel-rt and Red Hat Enterprise MRG 2, when the nfnetlink_log module is loaded, allows local users to cause a denial of service (panic) by creating netlink sockets.

4.7CVSS5.1AI score0.00036EPSS

CVE•added 2013/02/28 7:55 p.m.•102 views

CVE-2013-1774

The chase_port function in drivers/usb/serial/io_ti.c in the Linux kernel before 3.7.4 allows local users to cause a denial of service (NULL pointer dereference and system crash) via an attempted /dev/ttyUSB read or write operation on a disconnected Edgeport USB serial converter.

4CVSS5.8AI score0.00086EPSS

CVE•added 2013/04/29 2:55 p.m.•91 views

CVE-2013-2015

The ext4_orphan_del function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows physically proximate attackers to cause a denial of service (system hang) via a crafted filesystem on removable media, as demonstra...

4.7CVSS4.5AI score0.00092EPSS

CVE•added 2014/06/05 5:55 p.m.•88 views

CVE-2014-3940

The Linux kernel through 3.14.5 does not properly consider the presence of hugetlb entries, which allows local users to cause a denial of service (memory corruption or system crash) by accessing certain memory locations, as demonstrated by triggering a race condition via numa_maps read operations d...

4CVSS6.1AI score0.00041EPSS

CVE•added 2013/03/14 3:10 a.m.•55 views

CVE-2012-4462

aviary/jobcontrol.py in Condor, as used in Red Hat Enterprise MRG 2.3, when removing a job, allows remote attackers to cause a denial of service (condor_schedd restart) via square brackets in the cproc option.

4.3CVSS6.6AI score0.00686EPSS

CVE•added 2014/02/10 6:15 p.m.•53 views

CVE-2011-4930

Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial of service (condor_schedd daemon and failure to launch jobs) and possibly execute arbitrary code vi...

4.4CVSS7.5AI score0.00098EPSS

CVE•added 2011/09/20 5:55 a.m.•52 views

CVE-2011-2925

Cumin in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0 records broker authentication credentials in a log file, which allows local users to bypass authentication and perform unauthorized actions on jobs and message queues via a direct connection to the broker.

4.6CVSS6.5AI score0.00055EPSS

CVE•added 2012/09/28 5:55 p.m.•52 views

CVE-2012-2735

Session fixation vulnerability in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote attackers to hijack web sessions via a crafted session cookie.

4.9CVSS6.5AI score0.0039EPSS

CVE•added 2012/09/28 5:55 p.m.•49 views

CVE-2012-3459

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote authenticated users to modify Condor attributes and possibly gain privileges via crafted additional parameters in an HTTP POST request, which triggers a job attribute change request to Condor...

4.9CVSS6.5AI score0.00423EPSS

CVE•added 2010/10/12 9:0 p.m.•47 views

CVE-2010-3083

sys/ssl/SslSocket.cpp in qpidd in Apache Qpid, as used in Red Hat Enterprise MRG before 1.2.2 and other products, when SSL is enabled, allows remote attackers to cause a denial of service (daemon outage) by connecting to the SSL port but not participating in an SSL handshake.

4.3CVSS6.8AI score0.01785EPSS

CVE•added 2013/12/23 10:55 p.m.•45 views

CVE-2013-4414

Cross-site scripting (XSS) vulnerability in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allows remote attackers to inject arbitrary web script or HTML via the "Max allowance" field in the "Set limit" form.

4.3CVSS5.8AI score0.00296EPSS

CVE•added 2012/09/28 5:55 p.m.•44 views

CVE-2012-2683

Multiple cross-site scripting (XSS) vulnerabilities in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) "error message displays" or (2) "in source HTML o...

4.3CVSS5.5AI score0.00467EPSS

CVE•added 2012/09/28 5:55 p.m.•43 views

CVE-2012-2685

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote authenticated users to cause a denial of service (memory consumption) via a large size in an image request.

4CVSS6.2AI score0.01178EPSS

CVE•added 2010/10/18 5:0 p.m.•42 views

CVE-2009-5006

The SessionAdapter::ExchangeHandlerImpl::checkAlternate function in broker/SessionAdapter.cpp in the C++ Broker component in Apache Qpid before 0.6, as used in Red Hat Enterprise MRG before 1.3 and other products, allows remote authenticated users to cause a denial of service (NULL pointer derefere...

4CVSS6.4AI score0.00469EPSS

CVE•added 2013/10/11 10:55 p.m.•42 views

CVE-2009-5136

The policy definition evaluator in Condor before 7.4.2 does not properly handle attributes in a WANT_SUSPEND policy that evaluate to an UNDEFINED state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job.

4CVSS6.3AI score0.00625EPSS

CVE•added 2010/10/12 9:0 p.m.•40 views

CVE-2010-3701

lib/MessageStoreImpl.cpp in Red Hat Enterprise MRG before 1.2.2 allows remote authenticated users to cause a denial of service (stack memory exhaustion and broker crash) via a large persistent message.

4CVSS6.4AI score0.00625EPSS

CVE•added 2014/07/11 2:55 p.m.•37 views

CVE-2014-0174

Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

4.3CVSS6.2AI score0.00236EPSS