VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Theforeman
>
Foreman
> 1.7.1
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2023-10-03
CVE-2023-4886
A sensitive information exposure vulnerability was found in foreman.
local
low complexity
theforeman
redhat
4.4
4.4
2023-09-20
CVE-2023-0462
Code Injection vulnerability in multiple products
An arbitrary code execution flaw was found in Foreman.
network
low complexity
theforeman
redhat
CWE-94
critical
9.1
9.1
2022-08-22
CVE-2021-3590
Cleartext Transmission of Sensitive Information vulnerability in multiple products
A flaw was found in Foreman project.
network
low complexity
theforeman
redhat
CWE-319
8.8
8.8
2022-08-16
CVE-2020-10710
Insufficiently Protected Credentials vulnerability in Theforeman Foreman
A flaw was found where the Plaintext Candlepin password is disclosed while updating Red Hat Satellite through the satellite-installer.
local
low complexity
theforeman
CWE-522
4.4
4.4
2021-12-23
CVE-2021-3584
A server side remote code execution vulnerability was found in Foreman project.
network
low complexity
theforeman
redhat
7.2
7.2
2021-06-03
CVE-2021-3469
Incorrect Authorization vulnerability in Theforeman Foreman
Foreman versions before 2.3.4 and before 2.4.0 is affected by an improper authorization handling flaw.
network
low complexity
theforeman
CWE-863
5.4
5.4
2021-04-26
CVE-2021-3494
Unspecified vulnerability in Theforeman Foreman
A smart proxy that provides a restful API to various sub-systems of the Foreman is affected by the flaw which can cause a Man-in-the-Middle attack.
network
high complexity
theforeman
5.9
5.9
2019-08-01
CVE-2014-8183
It was found that foreman, versions 1.x.x before 1.15.6, in Satellite 6 did not properly enforce access controls on certain resources.
network
low complexity
theforeman
redhat
7.4
7.4
2018-12-07
CVE-2018-16861
Cross-site Scripting vulnerability in Theforeman Foreman
A cross-site scripting (XSS) flaw was found in the foreman component of satellite.
network
low complexity
theforeman
CWE-79
4.8
4.8
2018-09-10
CVE-2016-7077
Information Exposure vulnerability in Theforeman Foreman
foreman before 1.14.0 is vulnerable to an information leak.
network
low complexity
theforeman
CWE-200
4.3
4.3
«
1
(current)
2
3
»
Next