Vulnerabilities > Redhat > Enterprise MRG > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-14 | CVE-2015-7553 | Race Condition vulnerability in Redhat Enterprise Linux, Enterprise MRG and Kernel-Rt Race condition in the kernel in Red Hat Enterprise Linux 7, kernel-rt and Red Hat Enterprise MRG 2, when the nfnetlink_log module is loaded, allows local users to cause a denial of service (panic) by creating netlink sockets. | 4.7 |
| 2016-06-27 | CVE-2016-4470 | The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command. | 5.5 |
| 2014-07-19 | CVE-2012-2682 | Improper Input Validation vulnerability in Redhat Enterprise MRG 2.5 Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, allows attackers with certain database privileges to cause a denial of service (inaccessible page) via a non-ASCII character in the name of a link. | 5.0 |
| 2014-07-11 | CVE-2014-0174 | Information Exposure vulnerability in Redhat Enterprise MRG 2.5 Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie. | 4.3 |
| 2014-06-05 | CVE-2014-3940 | Race Condition vulnerability in multiple products The Linux kernel through 3.14.5 does not properly consider the presence of hugetlb entries, which allows local users to cause a denial of service (memory corruption or system crash) by accessing certain memory locations, as demonstrated by triggering a race condition via numa_maps read operations during hugepage migration, related to fs/proc/task_mmu.c and mm/mempolicy.c. | 4.0 |
| 2014-04-30 | CVE-2013-6445 | Cryptographic Issues vulnerability in Redhat Enterprise MRG 2.5 Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, uses the DES-based crypt function to hash passwords, which makes it easier for attackers to obtain sensitive information via a brute-force attack. | 5.0 |
| 2013-12-23 | CVE-2013-4404 | Permissions, Privileges, and Access Controls vulnerability in Redhat Enterprise MRG 2.4 cumin in Red Hat Enterprise MRG Grid 2.4 does not properly enforce user roles, which allows remote authenticated users to bypass intended role restrictions and obtain sensitive information or perform privileged operations via unspecified vectors. | 6.5 |
| 2013-10-11 | CVE-2009-5136 | Improper Input Validation vulnerability in multiple products The policy definition evaluator in Condor before 7.4.2 does not properly handle attributes in a WANT_SUSPEND policy that evaluate to an UNDEFINED state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job. | 4.0 |
| 2013-10-09 | CVE-2013-4284 | Resource Management Errors vulnerability in Redhat Enterprise MRG 2.4 Cumin, as used in Red Hat Enterprise MRG 2.4, allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted Ajax update request. | 5.0 |
| 2013-08-23 | CVE-2013-1909 | Improper Input Validation vulnerability in multiple products The Python client in Apache Qpid before 2.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 5.8 |