Vulnerabilities > Redhat > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-08-28 CVE-2014-0141 Cross-site Scripting vulnerability in Redhat Satellite 6.0.3
Cross-site scripting (XSS) vulnerability in Red Hat Satellite 6.0.3.
network
low complexity
redhat CWE-79
6.1
6.1
2017-08-24 CVE-2015-5293 Improper Access Control vulnerability in Redhat Enterprise Virtualization Manager
Red Hat Enterprise Virtualization Manager 3.6 and earlier gives valid SLAAC IPv6 addresses to interfaces when "boot protocol" is set to None, which might allow remote attackers to communicate with a system designated to be unreachable.
network
high complexity
redhat CWE-284
5.9
5.9
2017-08-22 CVE-2016-6311 Information Exposure vulnerability in Redhat Jboss Enterprise Application Platform 7.0
Get requests in JBoss Enterprise Application Platform (EAP) 7 disclose internal IP addresses to remote attackers.
network
low complexity
redhat CWE-200
5.3
5.3
2017-08-22 CVE-2016-6310 Information Exposure vulnerability in Redhat Enterprise Virtualization
oVirt Engine discloses the ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD in /var/log/ovirt-engine/engine.log file in RHEV before 4.0.
local
low complexity
redhat CWE-200
5.5
5.5
2017-08-10 CVE-2016-6794 When a SecurityManager is configured, a web application's ability to read system properties should be controlled by the SecurityManager.
network
low complexity
apache debian redhat netapp canonical oracle
5.3
5.3
2017-08-10 CVE-2016-0762 Information Exposure Through Discrepancy vulnerability in multiple products
The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist.
network
high complexity
apache canonical debian redhat netapp oracle CWE-203
5.9
5.9
2017-08-08 CVE-2017-3651 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump).
network
low complexity
oracle mariadb debian redhat
4.3
4.3
2017-08-08 CVE-2017-3641 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML).
network
low complexity
oracle debian redhat mariadb
4.9
4.9
2017-08-08 CVE-2017-3636 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs).
local
low complexity
oracle debian redhat mariadb
5.3
5.3
2017-08-08 CVE-2017-10243 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAX-WS).
network
low complexity
oracle debian netapp redhat
6.5
6.5