Cumin

cumin

Vendor: Trevor Mckay • 9 CVEs

CVEs (9)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2012-3459 2Redhat Trevor Mckay 2Cumin Enterprise Mrg Apr 29, 2026 Sep 28, 2012 N/A· v4 N/A· v3 4.9 MEDIUM· v2 Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote authenticated users to modify Condor attributes and possibly gain privileges via crafted additional parameters i...Show more Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote authenticated users to modify Condor attributes and possibly gain privileges via crafted additional parameters in an HTTP POST request, which triggers a job attribute change request to Condor.Show less
CVE-2012-2735 2Redhat Trevor Mckay 2Cumin Enterprise Mrg Apr 29, 2026 Sep 28, 2012 N/A· v4 N/A· v3 4.9 MEDIUM· v2 Session fixation vulnerability in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote attackers to hijack web sessions via a crafted session cookie.
CVE-2012-2734 2Redhat Trevor Mckay 2Cumin Enterprise Mrg Apr 29, 2026 Sep 28, 2012 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Multiple cross-site request forgery (CSRF) vulnerabilities in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to hijack the authentication of arbitrary...Show more Multiple cross-site request forgery (CSRF) vulnerabilities in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to hijack the authentication of arbitrary users for requests that execute commands via unspecified vectors.Show less
CVE-2012-2685 2Redhat Trevor Mckay 2Cumin Enterprise Mrg Apr 29, 2026 Sep 28, 2012 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote authenticated users to cause a denial of service (memory consumption) via a large size in an image request.
CVE-2012-2684 2Redhat Trevor Mckay 2Cumin Enterprise Mrg Apr 29, 2026 Sep 28, 2012 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple SQL injection vulnerabilities in the get_sample_filters_by_signature function in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to execute ar...Show more Multiple SQL injection vulnerabilities in the get_sample_filters_by_signature function in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to execute arbitrary SQL commands via the (1) agent or (2) object id.Show less
CVE-2012-2683 2Redhat Trevor Mckay 2Cumin Enterprise Mrg Apr 29, 2026 Sep 28, 2012 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Multiple cross-site scripting (XSS) vulnerabilities in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to inject arbitrary web script or HTML via unspe...Show more Multiple cross-site scripting (XSS) vulnerabilities in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) "error message displays" or (2) "in source HTML on certain pages."Show less
CVE-2012-2681 2Redhat Trevor Mckay 2Cumin Enterprise Mrg Apr 29, 2026 Sep 28, 2012 N/A· v4 N/A· v3 5.8 MEDIUM· v2 Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, uses predictable random numbers to generate session keys, which makes it easier for remote attackers to guess the session key.
CVE-2012-2680 2Redhat Trevor Mckay 2Cumin Enterprise Mrg Apr 29, 2026 Sep 28, 2012 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, does not properly restrict access to resources, which allows remote attackers to obtain sensitive information via unspecified...Show more Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, does not properly restrict access to resources, which allows remote attackers to obtain sensitive information via unspecified vectors related to (1) "web pages," (2) "export functionality," and (3) "image viewing."Show less
CVE-2012-1575 1Trevor Mckay 1Cumin Apr 29, 2026 Apr 22, 2012 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Multiple cross-site scripting (XSS) vulnerabilities in Cumin before r5238 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) widgets or (2) pages.