Vulnerabilities > Redhat > Satellite

DATE CVE VULNERABILITY TITLE RISK
2019-08-01 CVE-2014-8183 It was found that foreman, versions 1.x.x before 1.15.6, in Satellite 6 did not properly enforce access controls on certain resources.
network
low complexity
theforeman redhat
7.4
2019-07-31 CVE-2019-10198 Missing Authentication for Critical Function vulnerability in multiple products
An authentication bypass vulnerability was discovered in foreman-tasks before 0.15.7.
network
low complexity
theforeman redhat CWE-306
6.5
2019-07-30 CVE-2019-11775 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products
All builds of Eclipse OpenJ9 prior to 0.15 contain a bug where the loop versioner may fail to privatize a value that is pulled out of the loop by versioning - for example if there is a condition that is moved out of the loop that reads a field we may not privatize the value of that field in the modified copy of the loop allowing the test to see one value of the field and subsequently the loop to see a modified field value without retesting the condition moved out of the loop.
network
high complexity
eclipse redhat CWE-367
7.4
2019-07-23 CVE-2019-2816 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking).
network
high complexity
oracle debian opensuse hp mcafee canonical redhat
4.8
2019-07-23 CVE-2019-2786 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security).
network
high complexity
oracle opensuse hp canonical redhat
3.4
2019-07-23 CVE-2019-2769 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities).
network
low complexity
oracle debian canonical redhat hp mcafee opensuse
5.3
2019-07-23 CVE-2019-2762 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities).
network
low complexity
oracle canonical opensuse debian redhat mcafee hp
5.3
2019-07-02 CVE-2019-10137 Unspecified vulnerability in Redhat Satellite and Spacewalk
A path traversal flaw was found in spacewalk-proxy, all versions through 2.9, in the way the proxy processes cached client tokens.
network
low complexity
redhat
critical
9.8
2019-07-02 CVE-2019-10136 Unspecified vulnerability in Redhat Satellite and Spacewalk
It was found that Spacewalk, all versions through 2.9, did not safely compute client token checksums.
network
low complexity
redhat
4.3
2019-04-23 CVE-2019-2698 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D).
network
high complexity
oracle redhat debian opensuse canonical hp
8.1