VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Redhat
>
Satellite
> Medium
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2021-06-02
CVE-2020-14335
Unspecified vulnerability in Redhat Satellite 6.0
A flaw was found in Red Hat Satellite, which allows a privileged attacker to read OMAPI secrets through the ISC DHCP of Smart-Proxy.
local
low complexity
redhat
5.5
5.5
2021-05-27
CVE-2020-10716
A flaw was found in Red Hat Satellite's Job Invocation, where the "User Input" entry was not properly restricted to the view.
network
low complexity
redhat
theforeman
6.5
6.5
2021-04-08
CVE-2021-3413
A flaw was found in Red Hat Satellite in tfm-rubygem-foreman_azure_rm in versions before 2.2.0.
network
low complexity
theforeman
redhat
6.3
6.3
2021-02-23
CVE-2021-20256
Unspecified vulnerability in Redhat Satellite 6.0
A flaw was found in Red Hat Satellite.
local
low complexity
redhat
5.3
5.3
2020-05-06
CVE-2020-10693
A flaw was found in Hibernate Validator version 6.1.2.Final.
network
low complexity
redhat
ibm
quarkus
oracle
5.3
5.3
2020-01-02
CVE-2014-3590
Cross-Site Request Forgery (CSRF) vulnerability in Redhat Satellite 6.0
Versions of Foreman as shipped with Red Hat Satellite 6 does not check for a correct CSRF token in the logout action.
network
low complexity
redhat
CWE-352
6.5
6.5
2019-12-13
CVE-2014-0241
Insufficiently Protected Credentials vulnerability in multiple products
rubygem-hammer_cli_foreman: File /etc/hammer/cli.modules.d/foreman.yml world readable
local
low complexity
theforeman
redhat
CWE-522
5.5
5.5
2019-12-03
CVE-2013-2101
Cross-site Scripting vulnerability in multiple products
Katello has multiple XSS issues in various entities
network
low complexity
theforeman
redhat
CWE-79
5.4
5.4
2019-12-02
CVE-2012-5562
Cleartext Transmission of Sensitive Information vulnerability in Redhat Satellite
rhn-proxy: may transmit credentials over clear-text when accessing RHN Satellite
low complexity
redhat
CWE-319
6.5
6.5
2019-11-05
CVE-2013-6461
XML Entity Expansion vulnerability in multiple products
Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits
network
low complexity
nokogiri
debian
redhat
CWE-776
6.5
6.5
«
Previous
1
2
(current)
3
4
5
...
9
10
»
Next