CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

394 matches found

Positive Technologies•added 2014/02/05 12:0 a.m.•4 views

PT-2014-2132 · Red Hat · Spacewalk

Name of the Vulnerable Software and Affected Versions: Spacewalk version 1.6 Description: The issue concerns multiple cross-site scripting XSS vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. The vectors related to this issue are Search forms...

4.3CVSS5.7AI score0.00499EPSS

Exploits0References5

NVD•added 2013/12/02 4:36 a.m.•13 views

CVE-2012-0414

Cross-site scripting XSS vulnerability in the Spacewalk service in SUSE Manager 1.2 for SUSE Linux Enterprise SLE 11 SP1 allows remote attackers to inject arbitrary web script or HTML via an image name...

4.3CVSS5.8AI score0.00515EPSS

Exploits0References3

Prion•added 2013/12/02 4:36 a.m.•20 views

Cross site scripting

4.3CVSS6.2AI score0.00515EPSS

Exploits0References3Affected Software1

Tenable Nessus•added 2013/11/13 12:0 a.m.•25 views

RHEL 5 / 6 : spacewalk-java in Satellite Server (RHSA-2013:1514)

Updated spacewalk-java packages that fix one security issue are now available for Red Hat Satellite 5.3, 5.4, 5.5 and 5.6. The Red Hat Security Response Team has rated this update as having a critical security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

7.5CVSS5.6AI score0.00704EPSS

Exploits0References3

RedHat Linux•added 2013/11/12 4:13 p.m.•31 views

Critical: Red Hat Security Advisory: spacewalk-java security update

Updated spacewalk-java packages that fix one security issue are now available for Red Hat Satellite 5.3, 5.4, 5.5 and 5.6. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

7.5CVSS5.9AI score0.00704EPSS

Exploits0References2

Tenable Nessus•added 2013/01/24 12:0 a.m.•19 views

RHEL 5 / 6 : spacewalk-backend (RHSA-2012:0101)

Updated spacewalk-backend packages that fix one security issue and two bugs are now available for Red Hat Network Satellite 5.4. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

4.3CVSS6.8AI score0.00358EPSS

Exploits0References3

Tenable Nessus•added 2013/01/24 12:0 a.m.•23 views

RHEL 5 / 6 : Red Hat Network Proxy spacewalk-backend (RHSA-2012:0102)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2012:0102 advisory. Red Hat Network RHN Proxy provides a mechanism for caching content, such as package updates from Red Hat or custom content created for an...

4.9CVSS5.6AI score0.00358EPSS

Exploits0References5

Prion•added 2012/08/08 10:26 a.m.•15 views

Design/Logic Flaw

The SUSE Audit Log Keeper daemon before 0.2.1-0.4.6.1 for SUSE Manager and Spacewalk uses world-readable permissions for /etc/auditlog-keeper.conf, which allows local users to obtain passwords by reading this file...

2.1CVSS6.7AI score0.00067EPSS

Exploits0References2Affected Software1

CVE•added 2012/08/08 10:0 a.m.•53 views

CVE-2012-0421

The CVE affects the SUSE Audit Log Keeper daemon used with SUSE Manager and Spacewalk. It arises from world-readable permissions on /etc/auditlog-keeper.conf, allowing local users to read passwords stored there, as described for versions before 0.2.1-0.4.6.1. Impact is local confidentiality leaka...

2.1CVSS6.5AI score0.00067EPSS

Exploits0References2Affected Software1

Prion•added 2012/06/16 12:55 a.m.•13 views

Design/Logic Flaw

spacewalk-backend in Red Hat Network Satellite 5.4 on Red Hat Enterprise Linux 6 does not properly authorize or authenticate uploads to the NULL organization when modwsgi is used, which allows remote attackers to cause a denial of service /var partition disk consumption and failed updates via a...

5CVSS7.1AI score0.01791EPSS

Exploits0References6Affected Software1

Cvelist•added 2012/06/16 12:0 a.m.•23 views

CVE-2012-1145

6.6AI score0.01791EPSS

Exploits0References6

CVE•added 2012/06/16 12:0 a.m.•69 views

CVE-2012-1145

Summary (supported by connected documents): CVE-2012-1145 affects Red Hat Network Satellite’s spacewalk-backend on Red Hat Enterprise Linux 6. A remote attacker could upload packages to the NULL organization (via mod_wsgi) without proper authorization/authentication, leading to disk-space exhaust...

5CVSS6.8AI score0.01791EPSS

Exploits0References6Affected Software1

RedHat Linux•added 2012/03/29 6:31 p.m.•27 views

Moderate: Red Hat Security Advisory: Red Hat Network Satellite spacewalk-backend security update

Updated spacewalk-backend packages that fix one security issue are now available for Red Hat Network Satellite 5.4 on Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, whi...

5CVSS5.9AI score0.01791EPSS

Exploits0References2

RedHat Linux•added 2012/02/06 6:16 p.m.•1 views

Spacewalk: RHN user password disclosure upon failed system registration

Spacewalk-backend in Red Hat Network RHN Satellite and Proxy 5.4 includes cleartext user passwords in an error message when a system registration XML-RPC call fails, which allows remote administrators to obtain the password by reading 1 the server log and 2 an email...

4.3CVSS5.8AI score0.00358EPSS

Exploits0References4

RedHat Linux•added 2012/02/06 6:16 p.m.•2 views

Spacewalk: RHN user password disclosure upon failed system registration

4.3CVSS5.8AI score0.00358EPSS

Exploits0References4

RedHat Linux•added 2011/09/15 5:43 p.m.•4 views

Satellite: XSS flaw(s) in filter handling

Multiple cross-site scripting XSS vulnerabilities in Spacewalk 1.6, as used in Red Hat Network RHN Satellite, allow remote attackers to inject arbitrary web script or HTML via the "Filter by Synopsis" field and other unspecified filter forms...

4.3CVSS5.8AI score0.00725EPSS

Exploits0References4

RedHat Linux•added 2011/09/15 5:43 p.m.•1 views

Spacewalk: login page open redirect via url_bounce

Open redirect vulnerability in Spacewalk 1.6, as used in Red Hat Network RHN Satellite, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the urlbounce parameter...

5.8CVSS6AI score0.00171EPSS

Exploits0References4

RedHat Linux•added 2011/09/15 5:43 p.m.•1 views

Satellite/Spacewalk: XSS on the Lost Password page

Cross-site scripting XSS vulnerability in the Lookup Login/Password form in Spacewalk 1.6, as used in Red Hat Network RHN Satellite, allows remote attackers to inject arbitrary web script or HTML via the URI...

4.3CVSS5.9AI score0.00575EPSS

Exploits0References4

RedHat Linux•added 2011/09/15 5:43 p.m.•3 views

Satellite/Spacewalk: XSS flaw in channels search

Multiple cross-site scripting XSS vulnerabilities in Spacewalk 1.6, as used in Red Hat Network RHN Satellite, allow remote attackers to inject arbitrary web script or HTML via vectors related to Search forms...

4.3CVSS5.8AI score0.00499EPSS

Exploits0References4

RedHat Linux•added 2011/09/15 5:43 p.m.•0 views

Spacewalk: XSS on SystemGroupList.do page

Cross-site scripting XSS vulnerability in Spacewalk 1.6, as used in Red Hat Network RHN Satellite, allows remote attackers to inject arbitrary web script or HTML via the QueryString to the SystemGroupList.do page...

4.3CVSS5.9AI score0.00389EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by