Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat satellite vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2014-8163
Directory traversal vulnerability in the XMLRPC interface in Red Hat Satellite 5.
Redhat Satellite 5.0
5.5
CVSSv3
CVE-2020-14335
A flaw was found in Red Hat Satellite, which allows a privileged malicious user to read OMAPI secrets through the ISC DHCP of Smart-Proxy. This flaw allows an malicious user to gain control of DHCP records from the network. The highest threat from this vulnerability is to system ...
Redhat Satellite 6.0
6.1
CVSSv3
CVE-2016-2103
Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Satellite 5 allow remote malicious users to inject arbitrary web script or HTML via (1) the list_1680466951_oldfilterval parameter to systems/PhysicalList.do or (2) unspecified vectors involving systems/VirtualSystems...
Redhat Satellite 5.7
4.4
CVSSv3
CVE-2018-5382
The default BKS keystore use an HMAC that is only 16 bits long, which can allow an malicious user to compromise the integrity of a BKS keystore. Bouncy Castle release 1.47 changes the BKS format to a format which uses a 160 bit HMAC instead. This applies to any BKS keystore gener...
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api
Redhat Satellite 6.4
Redhat Satellite Capsule 6.4
NA
CVE-2012-0059
Spacewalk-backend in Red Hat Network (RHN) Satellite and Proxy 5.4 includes cleartext user passwords in an error message when a system registration XML-RPC call fails, which allows remote administrators to obtain the password by reading (1) the server log and (2) an email.
Redhat Network Proxy 5.4
Redhat Satellite 5.4
9.1
CVSSv3
CVE-2023-0118
An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to bypass safe mode in templates and execute arbitrary code on the underlying operating system.
Theforeman Foreman
Redhat Satellite
9.1
CVSSv3
CVE-2023-0462
An arbitrary code execution flaw was found in Foreman. This issue may allow an admin user to execute arbitrary code on the underlying operating system by setting global parameters with a YAML payload.
Theforeman Foreman
Redhat Satellite
6.5
CVSSv3
CVE-2023-5189
A path traversal vulnerability exists in Ansible when extracting tarballs. An attacker could craft a malicious tarball so that when using the galaxy importer of Ansible Automation Hub, a symlink could be dropped on the disk, resulting in files being overwritten.
Redhat Satellite 6.0
Redhat Ansible Automation Platform 2.0
5.3
CVSSv3
CVE-2020-10693
A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows malicious users to bypass input sanitation (escaping, stripping) controls that develope...
Redhat Hibernate Validator 7.0.0
Redhat Hibernate Validator
Ibm Websphere Application Server
Redhat Jboss Enterprise Application Platform 7.2.0
Redhat Jboss Enterprise Application Platform 7.3.0
Redhat Satellite Capsule 6.8
Redhat Satellite 6.8
Quarkus Quarkus
Oracle Weblogic Server 14.1.1.0.0
3 Github repositories
4.9
CVSSv3
CVE-2019-3893
In Foreman it exists that the delete compute resource operation, when executed from the Foreman API, leads to the disclosure of the plaintext password or token for the affected compute resource. A malicious user with the "delete_compute_resource" permission can use this...
Theforeman Foreman
Redhat Satellite 6.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »