Vulnerabilities > Redhat > Satellite

DATE CVE VULNERABILITY TITLE RISK
2017-08-08 CVE-2017-10090 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries).
network
low complexity
oracle debian netapp redhat
critical
9.6
2017-08-08 CVE-2017-10089 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: ImageIO).
network
low complexity
oracle debian redhat netapp
critical
9.6
2017-08-08 CVE-2017-10087 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries).
network
low complexity
oracle debian redhat netapp
critical
9.6
2017-08-08 CVE-2017-10078 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Scripting).
network
low complexity
oracle debian redhat phoenixcontact netapp
8.1
2017-08-08 CVE-2017-10067 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security).
network
high complexity
oracle debian redhat netapp
7.5
2017-08-08 CVE-2017-10053 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D).
network
low complexity
oracle debian redhat netapp phoenixcontact
5.3
2017-07-17 CVE-2016-4996 Credentials Management vulnerability in Redhat Satellite 6.3
discovery-debug in Foreman before 6.2 when the ssh service has been enabled on discovered nodes displays the root password in plaintext in the system journal when used to log in, which allows local users with access to the system journal to obtain the root password by reading the system journal, or by clicking Logs on the console.
local
high complexity
redhat CWE-255
7.0
2017-05-23 CVE-2016-9843 The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
network
low complexity
zlib opensuse debian canonical oracle redhat apple netapp mariadb nodejs
critical
9.8
2017-05-23 CVE-2016-9842 The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers. 8.8
2017-05-23 CVE-2016-9841 inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
network
low complexity
zlib opensuse debian canonical oracle redhat apple netapp nodejs
critical
9.8