Vulnerabilities > Theforeman

DATE CVE VULNERABILITY TITLE RISK
2018-10-12 CVE-2018-14664 Cross-site Scripting vulnerability in Theforeman Foreman 1.18.0
A flaw was found in foreman from versions 1.18.
network
low complexity
theforeman CWE-79
5.4
2018-09-21 CVE-2018-14643 Unspecified vulnerability in Theforeman Foreman
An authentication bypass flaw was found in the smart_proxy_dynflow component used by Foreman.
network
low complexity
theforeman
critical
9.8
2018-09-10 CVE-2016-7078 Information Exposure vulnerability in Theforeman Foreman 1.15.0
foreman before version 1.15.0 is vulnerable to an information leak through organizations and locations feature.
network
low complexity
theforeman CWE-200
4.3
2018-09-10 CVE-2016-7077 Information Exposure vulnerability in Theforeman Foreman
foreman before 1.14.0 is vulnerable to an information leak.
network
low complexity
theforeman CWE-200
4.3
2018-08-22 CVE-2017-2662 Unspecified vulnerability in Theforeman Katello 3.4.5
A flaw was found in Foreman's katello plugin version 3.4.5.
network
low complexity
theforeman
4.3
2018-08-01 CVE-2016-8639 Cross-site Scripting vulnerability in multiple products
It was found that foreman before 1.13.0 is vulnerable to a stored XSS via an organization or location name.
network
low complexity
theforeman redhat CWE-79
5.4
2018-08-01 CVE-2016-8634 Unspecified vulnerability in Theforeman Foreman 1.14.0
A vulnerability was found in foreman 1.14.0.
network
low complexity
theforeman
5.4
2018-07-31 CVE-2016-8613 Unspecified vulnerability in Theforeman Foreman 1.5.1
A flaw was found in foreman 1.5.1.
network
low complexity
theforeman
6.1
2018-07-27 CVE-2016-9595 Link Following vulnerability in multiple products
A flaw was found in katello-debug before 3.4.0 where certain scripts and log files used insecure temporary files.
local
low complexity
theforeman redhat CWE-59
5.5
2018-07-26 CVE-2017-7535 Cross-site Scripting vulnerability in Theforeman Foreman
foreman before version 1.16.0 is vulnerable to a stored XSS in organizations/locations assignment to hosts.
network
low complexity
theforeman CWE-79
6.1