Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2017-08-08	CVE-2017-10067	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). network high complexity oracle debian redhat netapp	5.1
2017-08-08	CVE-2017-10053	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). network low complexity oracle debian redhat netapp phoenixcontact	5.0
2017-04-24	CVE-2017-3544	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). network oracle redhat debian google	4.3
2017-04-24	CVE-2017-3533	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). network oracle redhat debian	4.3
2017-04-13	CVE-2016-2104	Cross-site Scripting vulnerability in Redhat Satellite 5.7 Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Satellite 5 allow remote attackers to inject arbitrary web script or HTML via (1) the label parameter to admin/BunchDetail.do; (2) the package_name, (3) search_subscribed_channels, or (4) channel_filter parameter to software/packages/NameOverview.do; or unspecified vectors related to (5) <input:hidden> or (6) <bean:message> tags. network low complexity redhat CWE-79	6.1
2016-08-05	CVE-2016-3097	Cross-site Scripting vulnerability in Redhat Satellite 5.7 Cross-site scripting (XSS) vulnerability in spacewalk-java in Red Hat Satellite 5.7 allows remote attackers to inject arbitrary web script or HTML via a group name, related to viewing snapshot data. network low complexity redhat CWE-79	6.1
2016-08-05	CVE-2016-3080	Cross-site Scripting vulnerability in Redhat Satellite 5.7 Cross-site scripting (XSS) vulnerability in spacewalk-java in Red Hat Satellite 5.7 allows remote attackers to inject arbitrary web script or HTML via the (1) RHNMD User or (2) Filesystem parameters, related to display of monitoring probes. network low complexity redhat CWE-79	6.1
2016-06-06	CVE-2015-5041	Information Exposure vulnerability in multiple products The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before SR9 FP30, and 7 R1 before SR3 FP30 allows remote attackers to obtain sensitive information or inject data by invoking non-public interface methods. network low complexity ibm suse redhat CWE-200	6.4
2016-05-24	CVE-2016-0264	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) allows remote attackers to execute arbitrary code via unspecified vectors. network suse ibm redhat CWE-119	6.8
2016-04-14	CVE-2016-3079	Cross-site Scripting vulnerability in Redhat Satellite and Spacewalk-Java Multiple cross-site scripting (XSS) vulnerabilities in the Web UI in Spacewalk and Red Hat Satellite 5.7 allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to systems/SystemEntitlements.do; (2) the label parameter to admin/multiorg/EntitlementDetails.do; or the name of a (3) snapshot tag or (4) system group in System Set Manager (SSM). network low complexity redhat CWE-79	6.1