| Max CVSS | 7.5 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2013-2119 | 4.6 |
Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby allows local users to cause a denial of service (prevent application start) or gain privileges by pre-creating a temporary "config" file in a directory with a predictable name in /tm
|
13-02-2023 - 04:42 | 03-01-2014 - 18:54 | |
| CVE-2014-3674 | 7.5 |
Red Hat OpenShift Enterprise before 2.2 does not properly restrict access to gears, which allows remote attackers to access the network resources of arbitrary gears via unspecified vectors.
|
13-02-2023 - 00:41 | 13-11-2014 - 21:32 | |
| CVE-2014-3602 | 2.1 |
Red Hat OpenShift Enterprise before 2.2 allows local users to obtain IP address and port number information for remote systems by reading /proc/net/tcp.
|
13-02-2023 - 00:40 | 13-11-2014 - 21:32 | |
| CVE-2014-0234 | 7.5 |
The default configuration of broker.conf in Red Hat OpenShift Enterprise 2.x before 2.1 has a password of "mooo" for a Mongo account, which allows remote attackers to hijack the broker by providing this password, related to the openshift.sh script in
|
13-02-2023 - 00:37 | 12-02-2020 - 01:15 | |
| CVE-2014-0175 | 7.5 |
mcollective has a default password set at install
|
13-02-2023 - 00:34 | 13-12-2019 - 13:15 | |
| CVE-2014-0084 | 2.1 |
Ruby gem openshift-origin-node before 2014-02-14 does not contain a cronjob timeout which could result in a denial of service in cron.daily and cron.weekly.
|
13-02-2023 - 00:31 | 21-11-2019 - 15:15 | |
| CVE-2013-4136 | 4.4 |
ext/common/ServerInstanceDir.h in Phusion Passenger gem before 4.0.6 for Ruby allows local users to gain privileges or possibly change the ownership of arbitrary directories via a symlink attack on a directory with a predictable name in /tmp/.
|
10-10-2013 - 19:09 | 30-09-2013 - 21:55 |