Vulnerabilities > Redhat > Satellite > 5.7

DATE CVE VULNERABILITY TITLE RISK
2018-08-20 CVE-2018-1656 Path Traversal vulnerability in multiple products
The IBM Java Runtime Environment's Diagnostic Tooling Framework for Java (DTFJ) (IBM SDK, Java Technology Edition 6.0 , 7.0, and 8.0) does not protect against path traversal attacks when extracting compressed dump files.
network
low complexity
ibm redhat oracle CWE-22
6.5
2018-08-20 CVE-2018-1517 Improper Input Validation vulnerability in multiple products
A flaw in the java.math component in IBM SDK, Java Technology Edition 6.0, 7.0, and 8.0 may allow an attacker to inflict a denial-of-service attack with specially crafted String data.
network
low complexity
ibm redhat CWE-20
7.5
2018-08-09 CVE-2018-10931 It was found that cobbler 2.6.x exposed all functions from its CobblerXMLRPCInterface class over XMLRPC.
network
low complexity
cobbler-project redhat
critical
9.8
2018-07-30 CVE-2017-7514 Unspecified vulnerability in Redhat Satellite
A cross-site scripting (XSS) flaw was found in how the failed action entry is processed in Red Hat Satellite before version 5.8.0.
network
low complexity
redhat
5.4
2018-07-27 CVE-2017-7470 Unspecified vulnerability in Redhat Satellite and Spacewalk
It was found that spacewalk-channel can be used by a non-admin user or disabled users to perform administrative tasks due to an incorrect authorization check in backend/server/rhnChannel.py.
network
low complexity
redhat
critical
9.8
2018-07-26 CVE-2017-12175 Unspecified vulnerability in Redhat Satellite
Red Hat Satellite before 6.5 is vulnerable to a XSS in discovery rule when you are entering filter and you use autocomplete functionality.
network
low complexity
redhat
5.4
2018-07-26 CVE-2017-7538 Cross-site Scripting vulnerability in Redhat Satellite
A cross-site scripting (XSS) flaw was found in how an organization name is displayed in Satellite 5, before 5.8.
network
low complexity
redhat CWE-79
5.4
2018-07-18 CVE-2018-2973 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JSSE).
network
high complexity
oracle redhat netapp hp
5.9
2018-07-18 CVE-2018-2952 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency).
network
high complexity
oracle debian canonical hp redhat netapp
3.7
2018-07-18 CVE-2018-2940 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries).
network
low complexity
oracle hp redhat netapp
4.3