Vulnerabilities > Redhat > Satellite
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-27 | CVE-2017-7470 | Unspecified vulnerability in Redhat Satellite and Spacewalk It was found that spacewalk-channel can be used by a non-admin user or disabled users to perform administrative tasks due to an incorrect authorization check in backend/server/rhnChannel.py. | 9.8 |
| 2018-07-26 | CVE-2017-12175 | Unspecified vulnerability in Redhat Satellite Red Hat Satellite before 6.5 is vulnerable to a XSS in discovery rule when you are entering filter and you use autocomplete functionality. | 5.4 |
| 2018-07-26 | CVE-2017-7538 | Cross-site Scripting vulnerability in Redhat Satellite A cross-site scripting (XSS) flaw was found in how an organization name is displayed in Satellite 5, before 5.8. | 5.4 |
| 2018-07-18 | CVE-2018-2973 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JSSE). | 5.9 |
| 2018-07-18 | CVE-2018-2952 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). | 3.7 |
| 2018-07-18 | CVE-2018-2940 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). | 4.3 |
| 2018-06-21 | CVE-2017-2672 | Improper Privilege Management vulnerability in multiple products A flaw was found in foreman before version 1.15 in the logging of adding and registering images. | 8.8 |
| 2018-06-18 | CVE-2018-1090 | Information Exposure vulnerability in multiple products In Pulp before version 2.16.2, secrets are passed into override_config when triggering a task and then become readable to all users with read access on the distributor/importer. | 7.5 |
| 2018-06-01 | CVE-2016-1000338 | Improper Verification of Cryptographic Signature vulnerability in multiple products In Bouncy Castle JCE Provider version 1.55 and earlier the DSA does not fully validate ASN.1 encoding of signature on verification. | 7.5 |
| 2018-05-16 | CVE-2018-11212 | Divide By Zero vulnerability in multiple products An issue was discovered in libjpeg 9a and 9d. | 6.5 |