Max CVSS 7.5 Min CVSS 2.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2014-3674 7.5
Red Hat OpenShift Enterprise before 2.2 does not properly restrict access to gears, which allows remote attackers to access the network resources of arbitrary gears via unspecified vectors.
13-02-2023 - 00:41 13-11-2014 - 21:32
CVE-2014-3602 2.1
Red Hat OpenShift Enterprise before 2.2 allows local users to obtain IP address and port number information for remote systems by reading /proc/net/tcp.
13-02-2023 - 00:40 13-11-2014 - 21:32
CVE-2014-0234 7.5
The default configuration of broker.conf in Red Hat OpenShift Enterprise 2.x before 2.1 has a password of "mooo" for a Mongo account, which allows remote attackers to hijack the broker by providing this password, related to the openshift.sh script in
13-02-2023 - 00:37 12-02-2020 - 01:15
CVE-2014-0175 7.5
mcollective has a default password set at install
13-02-2023 - 00:34 13-12-2019 - 13:15
CVE-2014-0084 2.1
Ruby gem openshift-origin-node before 2014-02-14 does not contain a cronjob timeout which could result in a denial of service in cron.daily and cron.weekly.
13-02-2023 - 00:31 21-11-2019 - 15:15
CVE-2013-0256 4.3
darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL.
09-09-2021 - 12:28 01-03-2013 - 05:40
CVE-2013-0269 7.5
The JSON gem before 1.5.5, 1.6.x before 1.6.8, and 1.7.x before 1.7.7 for Ruby allows remote attackers to cause a denial of service (resource consumption) or bypass the mass assignment protection mechanism via a crafted JSON document that triggers th
09-12-2017 - 02:29 13-02-2013 - 01:55
Back to Top Mark selected
Back to Top