Vulnerabilities > Redhat > Satellite > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-08-28 | CVE-2014-8163 | Path Traversal vulnerability in Redhat Satellite 5.0 Directory traversal vulnerability in the XMLRPC interface in Red Hat Satellite 5. | 6.5 |
2017-08-28 | CVE-2014-8168 | Improper Access Control vulnerability in Redhat Satellite 6.0 Red Hat Satellite 6 allows local users to access mongod and delete pulp_database. | 6.1 |
2017-08-28 | CVE-2014-0141 | Cross-site Scripting vulnerability in Redhat Satellite 6.0.3 Cross-site scripting (XSS) vulnerability in Red Hat Satellite 6.0.3. | 6.1 |
2017-08-08 | CVE-2017-10243 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAX-WS). | 6.5 |
2017-08-08 | CVE-2017-10109 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). | 5.3 |
2017-08-08 | CVE-2017-10108 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). | 5.3 |
2017-08-08 | CVE-2017-10105 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). | 4.3 |
2017-08-08 | CVE-2017-10053 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). | 5.3 |
2017-04-13 | CVE-2016-2104 | Cross-site Scripting vulnerability in Redhat Satellite 5.7 Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Satellite 5 allow remote attackers to inject arbitrary web script or HTML via (1) the label parameter to admin/BunchDetail.do; (2) the package_name, (3) search_subscribed_channels, or (4) channel_filter parameter to software/packages/NameOverview.do; or unspecified vectors related to (5) <input:hidden> or (6) <bean:message> tags. | 6.1 |
2016-08-05 | CVE-2016-3097 | Cross-site Scripting vulnerability in Redhat Satellite 5.7 Cross-site scripting (XSS) vulnerability in spacewalk-java in Red Hat Satellite 5.7 allows remote attackers to inject arbitrary web script or HTML via a group name, related to viewing snapshot data. | 6.1 |