Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
theforeman foreman 1.2.0 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2013-0210
The smart proxy Puppet run API in Foreman prior to 1.2.0 allows remote malicious users to execute arbitrary commands via vectors related to escaping and Puppet commands.
Theforeman Foreman 0.2
Theforeman Foreman 0.4.1
Theforeman Foreman 0.3
Theforeman Foreman
Theforeman Foreman 0.1
Theforeman Foreman 0.4
605
VMScore
CVE-2014-0090
Session fixation vulnerability in Foreman prior to 1.4.2 allows remote malicious users to hijack web sessions via the session id cookie.
Theforeman Foreman 1.2.2
Theforeman Foreman 1.2.1
Theforeman Foreman 1.2.0
Theforeman Foreman 1.2.3
Theforeman Foreman
Theforeman Foreman 1.0
Theforeman Foreman 1.4.0
Theforeman Foreman 1.1
605
VMScore
CVE-2013-2113
The create method in app/controllers/users_controller.rb in Foreman prior to 1.2.0-RC2 allows remote authenticated users with permissions to create or edit other users to gain privileges by (1) changing the admin flag or (2) assigning an arbitrary role.
Theforeman Foreman
Redhat Openstack 3.0
Theforeman Foreman 1.1
1 EDB exploit
605
VMScore
CVE-2013-2121
Eval injection vulnerability in the create method in the Bookmarks controller in Foreman prior to 1.2.0-RC2 allows remote authenticated users with permissions to create bookmarks to execute arbitrary code via a controller name attribute.
Theforeman Foreman
Redhat Openstack 3.0
Theforeman Foreman 1.1
1 EDB exploit
383
VMScore
CVE-2015-5152
Foreman after 1.1 and prior to 1.9.0-RC1 does not redirect HTTP requests to HTTPS when the require_ssl setting is set to true, which allows remote malicious users to obtain user credentials via a man-in-the-middle attack.
Theforeman Foreman 1.4.1
Theforeman Foreman 1.3.0
Theforeman Foreman 1.4.3
Theforeman Foreman 1.2.2
Theforeman Foreman 1.4.0
Theforeman Foreman 1.2.1
Theforeman Foreman 1.8.0
Theforeman Foreman 1.7.4
Theforeman Foreman 1.7.5
Theforeman Foreman 1.7.0
Theforeman Foreman 1.4.2
Theforeman Foreman 1.8.1
Theforeman Foreman 1.5.0
Theforeman Foreman 1.2.0
Theforeman Foreman 1.5.2
Theforeman Foreman 1.5.3
Theforeman Foreman 1.2.3
Theforeman Foreman 1.1-1
Theforeman Foreman 1.6.0
Theforeman Foreman 1.8.3
Theforeman Foreman 1.7.1
Theforeman Foreman 1.5.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started