CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

394 matches found

ATTACKERKB•added 2014/02/05 6:55 p.m.•3 views

CVE-2011-3344

A flaw was found in Spacewalk. A remote attacker can exploit a cross-site scripting XSS vulnerability in the Lookup Login/Password form by injecting arbitrary web script or HTML via the URI. This can lead to information disclosure or unauthorized actions within the user's browser session...

5.4CVSS5.9AI score0.00575EPSS

Exploits0References8

Prion•added 2014/02/05 6:55 p.m.•16 views

Cross site scripting

Cross-site scripting XSS vulnerability in Spacewalk 1.6, as used in Red Hat Network RHN Satellite, allows remote attackers to inject arbitrary web script or HTML via the QueryString to the SystemGroupList.do page...

4.3CVSS6.1AI score0.00389EPSS

Exploits0References3Affected Software1

Prion•added 2014/02/05 6:55 p.m.•18 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Spacewalk 1.6, as used in Red Hat Network RHN Satellite, allow remote attackers to inject arbitrary web script or HTML via the "Filter by Synopsis" field and other unspecified filter forms...

4.3CVSS6.1AI score0.00725EPSS

Exploits0References3Affected Software1

ATTACKERKB•added 2014/02/05 6:55 p.m.•1 views

CVE-2011-2927

A flaw was found in Spacewalk and Red Hat Network Satellite. This vulnerability, known as cross-site scripting XSS, allows remote attackers to inject malicious web scripts or HTML into web pages viewed by other users. The flaw is triggered through vectors related to Search forms, enabling attacke...

5.4CVSS5.9AI score0.00499EPSS

Exploits0References6

ATTACKERKB•added 2014/02/05 6:55 p.m.•2 views

CVE-2012-0059

A flaw was found in Spacewalk-backend. This information disclosure vulnerability occurs when a system registration XML-RPC call fails, causing cleartext user passwords to be included in error messages. Remote administrators can exploit this by reading server logs and emails, leading to the...

4.9CVSS5.8AI score0.00358EPSS

Exploits0References4

Prion•added 2014/02/05 6:55 p.m.•16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Spacewalk 1.6, as used in Red Hat Network RHN Satellite, allow remote attackers to inject arbitrary web script or HTML via vectors related to Search forms...

4.3CVSS6AI score0.00499EPSS

Exploits0References3Affected Software1

Cvelist•added 2014/02/05 6:0 p.m.•27 views

CVE-2011-2927 Spacewalk: spacewalk and red hat network satellite: cross-site scripting vulnerability via search forms

5.4CVSS5.6AI score0.00499EPSS

Exploits0References4

Cvelist•added 2014/02/05 6:0 p.m.•27 views

CVE-2011-1594 Spacewalk: spacewalk: open redirect vulnerability enables phishing attacks via url parameter

A flaw was found in Spacewalk, as used in Red Hat Network Satellite. This open redirect vulnerability allows remote attackers to redirect users to arbitrary web sites by manipulating a URL in the urlbounce parameter. This can enable attackers to conduct phishing attacks, potentially leading to...

6.5CVSS6.5AI score0.00171EPSS

Exploits0References4

Cvelist•added 2014/02/05 6:0 p.m.•29 views

CVE-2011-3344 Spacewalk: spacewalk: cross-site scripting via uri in lookup login/password form

5.4CVSS5.6AI score0.00575EPSS

Exploits0References5

CVE•added 2014/02/05 6:0 p.m.•58 views

CVE-2011-2920

CVE-2011-2920 corresponds to multiple XSS flaws in Spacewalk 1.6 used by Red Hat Network Satellite. The Spacewalk web interface has vulnerabilities that allow remote attackers to inject arbitrary script/HTML, notably via the Filter by Synopsis field. Public references from SUSE and Red Hat descri...

5.5CVSS6.2AI score0.00725EPSS

Exploits0References4Affected Software2

CVE•added 2014/02/05 6:0 p.m.•53 views

CVE-2011-2927

CVE-2011-2927 is an XSS vulnerability affecting Spacewalk 1.6 as used by Red Hat Network Satellite. The issue enables a remote attacker to inject scripts via Search form vectors in the RHN Satellite web interface. Connected sources (SUSE, Red Hat advisory RHSA-2011:1299, Veracode listing) confirm...

5.4CVSS5.9AI score0.00499EPSS

Exploits0References4Affected Software2

CVE•added 2014/02/05 6:0 p.m.•61 views

CVE-2011-2919

CVE-2011-2919 is a cross-site scripting (XSS) vulnerability in Spacewalk 1.6 as used with Red Hat Network Satellite. The issue allows a remote attacker to inject arbitrary web script or HTML via the QueryString to the SystemGroupList.do page. Connected documents corroborate the vulnerability in R...

4.3CVSS5.8AI score0.00389EPSS

Exploits0References3Affected Software2

CVE•added 2014/02/05 6:0 p.m.•53 views

CVE-2011-1594

CVE-2011-1594 is an Open Redirect in Spacewalk 1.6 used by Red Hat Network Satellite. The flaw allows remote attackers to redirect users to arbitrary sites via the url_bounce parameter, enabling phishing-like redirects. Multiple references (RHSA-2011:1299, SUSE CVE page) indicate an open‑redirect...

6.5CVSS6AI score0.00171EPSS

Exploits0References4Affected Software2

Cvelist•added 2014/02/05 6:0 p.m.•27 views

CVE-2011-2920 Spacewalk: spacewalk: cross-site scripting vulnerability allows arbitrary web script execution.

A flaw was found in Spacewalk and Red Hat Network Satellite. This cross-site scripting XSS vulnerability allows a remote attacker to inject arbitrary web script or HTML into web pages through various input fields, such as the "Filter by Synopsis" field. This could lead to the execution of malicio...

5.5CVSS5.8AI score0.00725EPSS

Exploits0References4

Cvelist•added 2014/02/05 6:0 p.m.•28 views

CVE-2011-2919

5.6AI score0.00389EPSS

Exploits0References3

Cvelist•added 2014/02/05 6:0 p.m.•29 views

CVE-2012-0059 Spacewalk-backend: spacewalk-backend: information disclosure via cleartext passwords in error messages

4.9CVSS6.6AI score0.00358EPSS

Exploits0References3

CVE•added 2014/02/05 6:0 p.m.•60 views

CVE-2011-3344

CVE-2011-3344 is a cross-site scripting (XSS) flaw in the Spacewalk/RHN Satellite web interface, exposed via the Lookup Login/Password form in Spacewalk 1.6. The root cause is a reflected XSS vulnerability in the URI handling of the RHN Satellite web UI, allowing remote attackers to inject arbitr...

5.4CVSS5.9AI score0.00575EPSS

Exploits0References5Affected Software2

Positive Technologies•added 2014/02/05 12:0 a.m.•2 views

PT-2014-2131 · Red Hat · Spacewalk

Name of the Vulnerable Software and Affected Versions: Spacewalk version 1.6 Description: The issue allows remote attackers to inject arbitrary web script or HTML via the "Filter by Synopsis" field and other unspecified filter forms, potentially leading to cross-site scripting XSS attacks...

4.3CVSS5.6AI score0.00725EPSS

Exploits0References5

Positive Technologies•added 2014/02/05 12:0 a.m.•3 views

PT-2014-2144 · Red Hat · Spacewalk

Name of the Vulnerable Software and Affected Versions: Spacewalk version 1.6 Description: A cross-site scripting XSS issue exists in the Lookup Login/Password form, allowing remote attackers to inject arbitrary web script or HTML via the URI. This could potentially lead to unauthorized access or...

4.3CVSS5.7AI score0.00575EPSS

Exploits0References6

Positive Technologies•added 2014/02/05 12:0 a.m.•2 views

PT-2014-2130 · Red Hat · Spacewalk

Name of the Vulnerable Software and Affected Versions: Spacewalk version 1.6 Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via the QueryString to the "SystemGroupList.do" page. This could potentially lead to unauthorized actions on th...

4.3CVSS5.4AI score0.00389EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by