CVE-2014-0175
https://notcve.org/view.php?id=CVE-2014-0175
mcollective has a default password set at install mcollective presenta una contraseña predeterminada establecida en la instalación. • https://access.redhat.com/security/cve/cve-2014-0175 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0175 https://security-tracker.debian.org/tracker/CVE-2014-0175 • CWE-798: Use of Hard-coded Credentials •
CVE-2014-0163
https://notcve.org/view.php?id=CVE-2014-0163
Openshift has shell command injection flaws due to unsanitized data being passed into shell commands. OpenShift presenta fallos de inyección de comandos de shell debido a que los datos no saneados son pasados a los comandos de shell. • https://access.redhat.com/security/cve/cve-2014-0163 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0163 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2013-0163
https://notcve.org/view.php?id=CVE-2013-0163
OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS Un cartucho haproxy de OpenShift: un /tmp predecible en el enlace de conexión set-proxy que podría facilitar una DoS. • https://access.redhat.com/security/cve/cve-2013-0163 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0163 • CWE-668: Exposure of Resource to Wrong Sphere •
CVE-2013-2103
https://notcve.org/view.php?id=CVE-2013-2103
OpenShift cartridge allows remote URL retrieval El cartucho de OpenShift permite la recuperación remota de la URL. • https://access.redhat.com/security/cve/cve-2013-2103 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2103 • CWE-20: Improper Input Validation •
CVE-2012-6135
https://notcve.org/view.php?id=CVE-2012-6135
RubyGems passenger 4.0.0 betas 1 and 2 allows remote attackers to delete arbitrary files during the startup process. RubyGems passenger versión 4.0.0 betas 1 y 2, permite a atacantes remotos eliminar archivos arbitrarios durante el proceso de inicio. • http://www.openwall.com/lists/oss-security/2013/03/02/1 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-6135 https://exchange.xforce.ibmcloud.com/vulnerabilities/82533 https://security-tracker.debian.org/tracker/CVE-2012-6135 https://www.securityfocus.com/bid/58259 • CWE-20: Improper Input Validation •