Satellite

DATE	CVE	VULNERABILITY TITLE	RISK
2017-05-23	CVE-2016-9843	The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation. network low complexity zlib opensuse debian canonical oracle redhat apple netapp mariadb nodejs critical	9.8
2017-05-23	CVE-2016-9842	The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers. network low complexity gnu opensuse debian canonical oracle redhat apple nodejs	8.8
2017-05-23	CVE-2016-9841	inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. network low complexity zlib opensuse debian canonical oracle redhat apple netapp nodejs critical	9.8
2017-05-23	CVE-2016-9840	inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. network low complexity zlib opensuse debian canonical oracle redhat apple nodejs	8.8
2017-04-24	CVE-2017-3544	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). network oracle redhat debian google	4.3
2017-04-24	CVE-2017-3539	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). network high complexity oracle redhat debian	2.1
2017-04-24	CVE-2017-3533	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). network oracle redhat debian	4.3
2017-04-13	CVE-2016-2104	Cross-site Scripting vulnerability in Redhat Satellite 5.7 Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Satellite 5 allow remote attackers to inject arbitrary web script or HTML via (1) the label parameter to admin/BunchDetail.do; (2) the package_name, (3) search_subscribed_channels, or (4) channel_filter parameter to software/packages/NameOverview.do; or unspecified vectors related to (5) <input:hidden> or (6) <bean:message> tags. network low complexity redhat CWE-79	6.1
2017-03-13	CVE-2017-5929	Deserialization of Untrusted Data vulnerability in multiple products QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components. network low complexity qos redhat CWE-502 critical	9.8
2017-02-03	CVE-2016-10165	Out-of-bounds Read vulnerability in multiple products The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read. local low complexity littlecms debian canonical opensuse redhat netapp CWE-125	7.1