Latest Vulnerabilities Affecting Theforeman products

Date	CVE	Title	CVSS
2019-04-09	CVE-2019-3893	Information Leak / Disclosure vulnerability in Redhat and Theforeman products	Medium
2019-01-13	CVE-2018-16887	Cross-Site Scripting (XSS) vulnerability in Redhat and Theforeman products	Low
2018-12-14	CVE-2018-14623	SQL Injection vulnerability in Theforeman Katello 3.10.0/3.11.0	Medium
2018-12-07	CVE-2018-16861	Cross-Site Scripting (XSS) vulnerability in Theforeman Foreman	Low
2018-10-12	CVE-2018-14664	Cross-Site Scripting (XSS) vulnerability in Theforeman Foreman 1.18.0	Low
2018-09-21	CVE-2018-14643	Authentication Issues vulnerability in Theforeman Foreman	High
2018-09-10	CVE-2016-7078	Information Leak / Disclosure vulnerability in Theforeman Foreman 1.15.0	Medium
2018-09-10	CVE-2016-7077	Information Leak / Disclosure vulnerability in Theforeman Foreman	Medium
2018-08-22	CVE-2017-2662	Improper Access Control vulnerability in Theforeman Katello 3.4.5	Medium
2018-08-01	CVE-2016-8639	Cross-Site Scripting (XSS) vulnerability in Redhat and Theforeman products	Low
2018-08-01	CVE-2016-8634	Cross-Site Scripting (XSS) vulnerability in Theforeman Foreman 1.14.0	Low
2018-07-31	CVE-2016-8613	Cross-Site Scripting (XSS) vulnerability in Theforeman Foreman 1.5.1	Medium
2018-07-27	CVE-2016-9595	Link Following vulnerability in Redhat and Theforeman products	Low
2018-07-26	CVE-2017-7535	Cross-Site Scripting (XSS) vulnerability in Theforeman Foreman	Medium
2018-06-21	CVE-2017-2672	Improper Access Control vulnerability in Redhat and Theforeman products	Medium

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.