Every CVE whose affected-product data names Condor Project Condor, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (17)
CVE-2012-3416 — CVSS 10.0 (critical): Condor before 7.8.2 allows remote attackers to bypass host-based authentication and execute actions such as ALLOW_ADMINISTRATOR or…
CVE-2012-5390 — CVSS 10.0 (critical): The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 through 7.7.6, 7.8.0 before 7.8.5, and 7.9.0 does no properly…
CVE-2012-5197 — CVSS 10.0 (critical): Multiple unspecified vulnerabilities in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors related to…
CVE-2012-5196 — CVSS 10.0 (critical): Multiple buffer overflows in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors.
CVE-2008-3424 — CVSS 7.5 (high): Condor before 7.0.4 does not properly handle wildcards in the ALLOW_WRITE, DENY_WRITE, HOSTALLOW_WRITE, or HOSTDENY_WRITE configuration…
CVE-2008-3830 — CVSS 7.2 (high): Condor before 7.0.5 does not properly handle when the configuration specifies overlapping netmasks in allow or deny rules, which causes the…
CVE-2009-4133 — CVSS 6.5 (medium): Condor 6.5.4 through 7.2.4, 7.3.x, and 7.4.0, as used in MRG, Grid for MRG, and Grid Execute Node for MRG, allows remote authenticated…
CVE-2012-3492 — CVSS 6.4 (medium): The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication…
CVE-2012-3493 — CVSS 5.8 (medium): The command_give_request_ad function in condor_startd.V6/command.cpp Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 allows remote…
CVE-2008-3829 — CVSS 5.0 (medium): Unspecified vulnerability in the condor_ schedd daemon in Condor before 7.0.5 allows attackers to cause a denial of service (crash) via…
CVE-2008-3828 — CVSS 4.6 (medium): Stack-based buffer overflow in the condor_ schedd daemon in Condor before 7.0.5 allows attackers to cause a denial of service (crash) and…
CVE-2008-3826 — CVSS 4.6 (medium): Unspecified vulnerability in Condor before 7.0.5 allows attackers to execute jobs as other users via unknown vectors.
CVE-2011-4930 — CVSS 4.4 (medium): Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and…
CVE-2012-4462 — CVSS 4.3 (medium): aviary/jobcontrol.py in Condor, as used in Red Hat Enterprise MRG 2.3, when removing a job, allows remote attackers to cause a denial of…
CVE-2012-3491 — CVSS 4.0 (medium): src/condor_schedd.V6/schedd.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the permissions of jobs, which…
CVE-2009-5136 — CVSS 4.0 (medium): The policy definition evaluator in Condor before 7.4.2 does not properly handle attributes in a WANT_SUSPEND policy that evaluate to an…
CVE-2013-4255 — CVSS 3.5 (low): The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle attributes in a (1) PREEMPT, (2) SUSPEND, (3)…