A command injection vulnerability in GPFS / Spectrum Scale allows attackers to escalate privileges to root
The VX binary on SGI ICE-X supercomputers can be used to escalate privileges to root.
It is possible for users of ICE-X supercomputers to gain access to backups of system configuration databases.
It is possible to bypass authentication within Moab in order to impersonate and run commands/operations as arbitrary users. The issue is believed to affect all versions of Moab prior to versions 7.2.9 and Moab 8.
Moab provides two methods to authenticate messages sent by users (e.g. job submissions). The default scheme which is widely used is insecure and can be circumvented in order to impersonate other users and perform operations on their behalf.
A buffer overflow exists in older versions of TORQUE which can be exploited in order to remotely execute code from an unauthenticated perspective. This issue is exploitable in all versions of the 2.5 branch, up to and including 2.5.13.