Vulnerabilities > Redhat > Satellite > Low

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-18	CVE-2018-2952	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). network high complexity oracle debian canonical hp redhat netapp	3.7
2018-04-19	CVE-2018-2790	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). network high complexity oracle redhat debian canonical hp schneider-electric	3.1
2018-04-16	CVE-2018-5382	Improper Validation of Integrity Check Value vulnerability in multiple products The default BKS keystore use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS keystore. local low complexity bouncycastle redhat CWE-354	3.6
2018-02-09	CVE-2017-10689	Improper Privilege Management vulnerability in multiple products In previous versions of Puppet Agent it was possible to install a module with world writable permissions. local low complexity puppet canonical redhat CWE-269	2.1
2018-01-18	CVE-2018-2579	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). network high complexity oracle redhat debian canonical schneider-electric hp	3.7
2017-10-19	CVE-2017-10345	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). network high complexity oracle debian redhat netapp	2.6
2017-06-06	CVE-2014-8180	Improper Authentication vulnerability in Mongodb MongoDB on Red Hat Satellite 6 allows local users to bypass authentication by logging in with an empty password and delete information which can cause a Denial of Service. local low complexity mongodb redhat CWE-287	2.1
2017-04-24	CVE-2017-3539	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). network high complexity oracle redhat debian	2.1
2015-12-07	CVE-2015-5006	Information Exposure vulnerability in multiple products IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR2, 7 R1 before SR3 FP20, 7 before SR9 FP20, 6 R1 before SR8 FP15, and 6 before SR16 FP15 allow physically proximate attackers to obtain sensitive information by reading the Kerberos Credential Cache. local low complexity ibm redhat suse CWE-200	2.1
2014-02-14	CVE-2012-6149	Cross-site Scripting vulnerability in Redhat Satellite, Satellite 5 Managed DB and Spacewalk-Java Multiple cross-site scripting (XSS) vulnerabilities in systems/sdc/notes.jsp in Spacewalk and Red Hat Network (RHN) Satellite 5.6 allow remote attackers to inject arbitrary web script or HTML via the (1) subject or (2) content values of a note in a system.addNote XML-RPC call. network redhat CWE-79	3.5