Page 3 of 56 results (0.007 seconds)

CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0

mcollective has a default password set at install mcollective presenta una contraseña predeterminada establecida en la instalación. • https://access.redhat.com/security/cve/cve-2014-0175 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0175 https://security-tracker.debian.org/tracker/CVE-2014-0175 • CWE-798: Use of Hard-coded Credentials •

CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0

Openshift has shell command injection flaws due to unsanitized data being passed into shell commands. OpenShift presenta fallos de inyección de comandos de shell debido a que los datos no saneados son pasados a los comandos de shell. • https://access.redhat.com/security/cve/cve-2014-0163 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0163 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS Un cartucho haproxy de OpenShift: un /tmp predecible en el enlace de conexión set-proxy que podría facilitar una DoS. • https://access.redhat.com/security/cve/cve-2013-0163 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0163 • CWE-668: Exposure of Resource to Wrong Sphere •

CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0

OpenShift cartridge allows remote URL retrieval El cartucho de OpenShift permite la recuperación remota de la URL. • https://access.redhat.com/security/cve/cve-2013-2103 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2103 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

RubyGems passenger 4.0.0 betas 1 and 2 allows remote attackers to delete arbitrary files during the startup process. RubyGems passenger versión 4.0.0 betas 1 y 2, permite a atacantes remotos eliminar archivos arbitrarios durante el proceso de inicio. • http://www.openwall.com/lists/oss-security/2013/03/02/1 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-6135 https://exchange.xforce.ibmcloud.com/vulnerabilities/82533 https://security-tracker.debian.org/tracker/CVE-2012-6135 https://www.securityfocus.com/bid/58259 • CWE-20: Improper Input Validation •