Vulnerabilities > Redhat > Satellite > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-04-19 CVE-2018-2796 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). 5.3
2018-04-19 CVE-2018-2795 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). 5.3
2018-04-16 CVE-2018-5382 Improper Validation of Integrity Check Value vulnerability in multiple products
The default BKS keystore use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS keystore.
local
low complexity
bouncycastle redhat CWE-354
4.4
2018-04-05 CVE-2018-1096 SQL Injection vulnerability in multiple products
An input sanitization flaw was found in the id field in the dashboard controller of Foreman before 1.16.1.
network
low complexity
theforeman redhat CWE-89
6.5
2018-02-09 CVE-2017-10690 Improper Privilege Management vulnerability in multiple products
In previous versions of Puppet Agent it was possible for the agent to retrieve facts from an environment that it was not classified to retrieve from.
network
low complexity
puppet redhat CWE-269
6.5
2018-02-09 CVE-2017-10689 Improper Privilege Management vulnerability in multiple products
In previous versions of Puppet Agent it was possible to install a module with world writable permissions.
local
low complexity
puppet canonical redhat CWE-269
5.5
2018-01-18 CVE-2018-2678 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). 4.3
2018-01-18 CVE-2018-2677 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). 4.3
2018-01-18 CVE-2018-2663 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). 4.3
2018-01-18 CVE-2018-2657 Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization).
network
low complexity
oracle redhat schneider-electric hp
5.3