Satellite

DATE	CVE	VULNERABILITY TITLE	RISK
2017-08-08	CVE-2017-10078	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Scripting). network low complexity oracle debian redhat phoenixcontact netapp	5.5
2017-08-08	CVE-2017-10067	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). network high complexity oracle debian redhat netapp	5.1
2017-08-08	CVE-2017-10053	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). network low complexity oracle debian redhat netapp phoenixcontact	5.0
2017-07-17	CVE-2016-4996	Credentials Management vulnerability in Redhat Satellite 6.3 discovery-debug in Foreman before 6.2 when the ssh service has been enabled on discovered nodes displays the root password in plaintext in the system journal when used to log in, which allows local users with access to the system journal to obtain the root password by reading the system journal, or by clicking Logs on the console. local high complexity redhat CWE-255	7.0
2017-06-06	CVE-2014-8180	Improper Authentication vulnerability in Mongodb MongoDB on Red Hat Satellite 6 allows local users to bypass authentication by logging in with an empty password and delete information which can cause a Denial of Service. local low complexity mongodb redhat CWE-287	2.1
2017-05-23	CVE-2016-9843	The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation. network low complexity zlib opensuse debian canonical oracle redhat apple netapp mariadb nodejs critical	9.8
2017-05-23	CVE-2016-9842	The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers. network low complexity zlib opensuse debian canonical oracle redhat apple nodejs	8.8
2017-05-23	CVE-2016-9841	inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. network low complexity zlib opensuse debian canonical oracle redhat apple netapp nodejs critical	9.8
2017-05-23	CVE-2016-9840	inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. network low complexity zlib opensuse debian canonical oracle redhat apple nodejs	8.8
2017-04-24	CVE-2017-3544	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). network oracle redhat debian google	4.3