Filtered by vendor Redhat Subscriptions
Filtered by product Enterprise Mrg Subscriptions
Total 612 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2012-4446 2 Apache, Redhat 2 Qpid, Enterprise Mrg 2024-11-21 N/A
The default configuration for Apache Qpid 0.20 and earlier, when the federation_tag attribute is enabled, accepts AMQP connections without checking the source user ID, which allows remote attackers to bypass authentication and have other unspecified impact via an AMQP request.
CVE-2012-4398 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2024-11-21 N/A
The __request_module function in kernel/kmod.c in the Linux kernel before 3.4 does not set a certain killable attribute, which allows local users to cause a denial of service (memory consumption) via a crafted application.
CVE-2012-3520 2 Linux, Redhat 2 Linux Kernel, Enterprise Mrg 2024-11-21 N/A
The Netlink implementation in the Linux kernel before 3.2.30 does not properly handle messages that lack SCM_CREDENTIALS data, which might allow local users to spoof Netlink communication via a crafted message, as demonstrated by a message to (1) Avahi or (2) NetworkManager.
CVE-2012-3511 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2024-11-21 N/A
Multiple race conditions in the madvise_remove function in mm/madvise.c in the Linux kernel before 3.4.5 allow local users to cause a denial of service (use-after-free and system crash) via vectors involving a (1) munmap or (2) close system call.
CVE-2012-3493 2 Condor Project, Redhat 2 Condor, Enterprise Mrg 2024-11-21 N/A
The command_give_request_ad function in condor_startd.V6/command.cpp Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 allows remote attackers to obtain sensitive information, and possibly control or start arbitrary jobs, via a ClassAd request to the condor_startd port, which leaks the ClaimId.
CVE-2012-3492 2 Condor Project, Redhat 2 Condor, Enterprise Mrg 2024-11-21 N/A
The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories even when they have weak permissions, which allows remote attackers to impersonate users by renaming a user's authentication directory.
CVE-2012-3491 2 Condor Project, Redhat 2 Condor, Enterprise Mrg 2024-11-21 N/A
src/condor_schedd.V6/schedd.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the permissions of jobs, which allows remote authenticated users to remove arbitrary idle jobs via unspecified vectors.
CVE-2012-3467 2 Apache, Redhat 2 Qpid, Enterprise Mrg 2024-11-21 N/A
Apache QPID 0.14, 0.16, and earlier uses a NullAuthenticator mechanism to authenticate catch-up shadow connections to AMQP brokers, which allows remote attackers to bypass authentication.
CVE-2012-3460 1 Redhat 1 Enterprise Mrg 2024-11-21 9.8 Critical
cumin: At installation postgresql database user created without password
CVE-2012-3459 2 Redhat, Trevor Mckay 2 Enterprise Mrg, Cumin 2024-11-21 N/A
Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote authenticated users to modify Condor attributes and possibly gain privileges via crafted additional parameters in an HTTP POST request, which triggers a job attribute change request to Condor.
CVE-2012-3430 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2024-11-21 N/A
The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socket.
CVE-2012-3416 2 Condor Project, Redhat 2 Condor, Enterprise Mrg 2024-11-21 N/A
Condor before 7.8.2 allows remote attackers to bypass host-based authentication and execute actions such as ALLOW_ADMINISTRATOR or ALLOW_WRITE by connecting from a system with a spoofed reverse DNS hostname.
CVE-2012-3400 3 Canonical, Linux, Redhat 4 Ubuntu Linux, Linux Kernel, Enterprise Linux and 1 more 2024-11-21 N/A
Heap-based buffer overflow in the udf_load_logicalvol function in fs/udf/super.c in the Linux kernel before 3.4.5 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted UDF filesystem.
CVE-2012-3375 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2024-11-21 N/A
The epoll_ctl system call in fs/eventpoll.c in the Linux kernel before 3.2.24 does not properly handle ELOOP errors in EPOLL_CTL_ADD operations, which allows local users to cause a denial of service (file-descriptor consumption and system crash) via a crafted application that attempts to create a circular epoll dependency. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-1083.
CVE-2012-2735 2 Redhat, Trevor Mckay 2 Enterprise Mrg, Cumin 2024-11-21 N/A
Session fixation vulnerability in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote attackers to hijack web sessions via a crafted session cookie.
CVE-2012-2734 2 Redhat, Trevor Mckay 2 Enterprise Mrg, Cumin 2024-11-21 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to hijack the authentication of arbitrary users for requests that execute commands via unspecified vectors.
CVE-2012-2685 2 Redhat, Trevor Mckay 2 Enterprise Mrg, Cumin 2024-11-21 N/A
Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote authenticated users to cause a denial of service (memory consumption) via a large size in an image request.
CVE-2012-2684 2 Redhat, Trevor Mckay 2 Enterprise Mrg, Cumin 2024-11-21 N/A
Multiple SQL injection vulnerabilities in the get_sample_filters_by_signature function in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to execute arbitrary SQL commands via the (1) agent or (2) object id.
CVE-2012-2683 2 Redhat, Trevor Mckay 2 Enterprise Mrg, Cumin 2024-11-21 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) "error message displays" or (2) "in source HTML on certain pages."
CVE-2012-2682 1 Redhat 1 Enterprise Mrg 2024-11-21 N/A
Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, allows attackers with certain database privileges to cause a denial of service (inaccessible page) via a non-ASCII character in the name of a link.