High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-08-26	CVE-2021-20260	Insufficiently Protected Credentials vulnerability in Theforeman Foreman A flaw was found in the Foreman project. local low complexity theforeman CWE-522	7.8
2022-08-22	CVE-2021-3590	Cleartext Transmission of Sensitive Information vulnerability in multiple products A flaw was found in Foreman project. network low complexity theforeman redhat CWE-319	8.8
2022-03-30	CVE-2021-3456	Incorrect Authorization vulnerability in Theforeman Smart Proxy Salt An improper authorization handling flaw was found in Foreman. local low complexity theforeman CWE-863	7.1
2022-03-23	CVE-2021-3589	Missing Authentication for Critical Function vulnerability in multiple products An authorization flaw was found in Foreman Ansible. network high complexity theforeman redhat CWE-306	8.0
2021-12-23	CVE-2021-3584	A server side remote code execution vulnerability was found in Foreman project. network low complexity theforeman redhat	7.2
2021-06-07	CVE-2021-20259	Unspecified vulnerability in Theforeman Foremanfogproxmox A flaw was found in the Foreman project. local low complexity theforeman	7.8
2019-12-10	CVE-2013-4120	Resource Exhaustion vulnerability in Theforeman Katello Katello has a Denial of Service vulnerability in API OAuth authentication network low complexity theforeman CWE-400	7.5
2019-08-01	CVE-2014-8183	It was found that foreman, versions 1.x.x before 1.15.6, in Satellite 6 did not properly enforce access controls on certain resources. network low complexity theforeman redhat	7.4
2018-06-21	CVE-2017-2672	Improper Privilege Management vulnerability in multiple products A flaw was found in foreman before version 1.15 in the logging of adding and registering images. network low complexity theforeman redhat CWE-269	8.8
2018-04-16	CVE-2016-9593	Credentials Management vulnerability in multiple products foreman-debug before version 1.15.0 is vulnerable to a flaw in foreman-debug's logging. network low complexity theforeman redhat CWE-255	8.8