Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
enterprise mrg vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-3467
Apache QPID 0.14, 0.16, and previous versions uses a NullAuthenticator mechanism to authenticate catch-up shadow connections to AMQP brokers, which allows remote malicious users to bypass authentication.
Apache Qpid
Apache Qpid 0.6
Apache Qpid 0.14
Apache Qpid 0.5
NA
CVE-2011-3620
Apache Qpid 0.12 does not properly verify credentials during the joining of a cluster, which allows remote malicious users to obtain access to the messaging functionality and job functionality of a cluster by leveraging knowledge of a cluster-username.
Apache Qpid 0.12
NA
CVE-2012-1575
Multiple cross-site scripting (XSS) vulnerabilities in Cumin before r5238 allow remote malicious users to inject arbitrary web script or HTML via vectors involving (1) widgets or (2) pages.
Trevor Mckay Cumin
NA
CVE-2011-2925
Cumin in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0 records broker authentication credentials in a log file, which allows local users to bypass authentication and perform unauthorized actions on jobs and message queues via a direct connection to the broker.
Redhat Enterprise Mrg 2.0
NA
CVE-2010-4526
Race condition in the sctp_icmp_proto_unreachable function in net/sctp/input.c in Linux kernel 2.6.11-rc2 up to and including 2.6.33 allows remote malicious users to cause a denial of service (panic) via an ICMP unreachable message to a socket that is already locked by a user, wh...
Linux Linux Kernel 2.6.11
Linux Linux Kernel
Redhat Enterprise Mrg 1.0
Vmware Esx 4.1
Vmware Esx 4.0
NA
CVE-2010-4179
The installation documentation for Red Hat Enterprise Messaging, Realtime and Grid (MRG) 1.3 recommends that Condor should be configured so that the MRG Management Console (cumin) can submit jobs for users, which creates a trusted channel with insufficient access control that all...
Redhat Enterprise Mrg 1.3
NA
CVE-2009-5005
The Cluster::deliveredEvent function in cluster/Cluster.cpp in Apache Qpid, as used in Red Hat Enterprise MRG prior to 1.3 and other products, allows remote malicious users to cause a denial of service (daemon crash and cluster outage) via invalid AMQP data.
Apache Qpid
Redhat Enterprise Mrg 1.0.2
Redhat Enterprise Mrg 1.1.2
Redhat Enterprise Mrg 1.0.3
Redhat Enterprise Mrg 1.1.1
Redhat Enterprise Mrg 1.0
Redhat Enterprise Mrg 1.2
Redhat Enterprise Mrg
Redhat Enterprise Mrg 1.0.1
NA
CVE-2009-5006
The SessionAdapter::ExchangeHandlerImpl::checkAlternate function in broker/SessionAdapter.cpp in the C++ Broker component in Apache Qpid prior to 0.6, as used in Red Hat Enterprise MRG prior to 1.3 and other products, allows remote authenticated users to cause a denial of service...
Apache Qpid
Redhat Enterprise Mrg 1.2
Redhat Enterprise Mrg 1.0.2
Redhat Enterprise Mrg 1.1.2
Redhat Enterprise Mrg 1.0.3
Redhat Enterprise Mrg 1.0
Redhat Enterprise Mrg
Redhat Enterprise Mrg 1.0.1
Redhat Enterprise Mrg 1.1.1
NA
CVE-2010-3701
lib/MessageStoreImpl.cpp in Red Hat Enterprise MRG prior to 1.2.2 allows remote authenticated users to cause a denial of service (stack memory exhaustion and broker crash) via a large persistent message.
Redhat Enterprise Mrg 1.0
Redhat Enterprise Mrg 1.0.3
Redhat Enterprise Mrg 1.0.1
Redhat Enterprise Mrg
Redhat Enterprise Mrg 1.1.1
Redhat Enterprise Mrg 1.1.2
Redhat Enterprise Mrg 1.0.2
NA
CVE-2010-3083
sys/ssl/SslSocket.cpp in qpidd in Apache Qpid, as used in Red Hat Enterprise MRG prior to 1.2.2 and other products, when SSL is enabled, allows remote malicious users to cause a denial of service (daemon outage) by connecting to the SSL port but not participating in an SSL handsh...
Apache Qpid 0.6
Apache Qpid 0.5
Redhat Enterprise Mrg
Redhat Enterprise Mrg 1.1.2
Redhat Enterprise Mrg 1.0.3
Redhat Enterprise Mrg 1.1.1
Redhat Enterprise Mrg 1.0.2
Redhat Enterprise Mrg 1.0.1
Redhat Enterprise Mrg 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7