Vulnerabilities > Theforeman > Foreman > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-09-22 CVE-2022-3874 OS Command Injection vulnerability in multiple products
A command injection flaw was found in foreman.
network
low complexity
redhat theforeman CWE-78
critical
 9.1
9.1
2023-09-20 CVE-2023-0462 Code Injection vulnerability in multiple products
An arbitrary code execution flaw was found in Foreman.
network
low complexity
theforeman redhat CWE-94
critical
 9.1
9.1
2023-09-20 CVE-2023-0118 OS Command Injection vulnerability in multiple products
An arbitrary code execution flaw was found in Foreman.
network
low complexity
theforeman redhat CWE-78
critical
 9.1
9.1
2021-12-23 CVE-2021-3584 OS Command Injection vulnerability in multiple products
A server side remote code execution vulnerability was found in Foreman project.
network
low complexity
theforeman redhat CWE-78
critical
 9.0
9.0
2018-09-21 CVE-2018-14643 DEPRECATED: Authentication Bypass Issues vulnerability in Theforeman Foreman
An authentication bypass flaw was found in the smart_proxy_dynflow component used by Foreman.
network
low complexity
theforeman CWE-592
critical
 9.8
9.8