93 matches found
Important: Red Hat Security Advisory: Satellite 6.16.8 Async Update
An update is now available for Red Hat Satellite 6.16 for RHEL 8 and RHEL 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
EUVD-2012-5983
Malware in sbrugna...
EUVD-2012-5986
Malware in sbrugna...
EUVD-2020-3140
Malware in sbrugna...
EUVD-2016-5444
Malware in sbrugna...
EUVD-2015-5188
Malware in sbrugna...
EUVD-2013-6248
Malware in sbrugna...
ROS-20251006-03
A vulnerability in a set of tools that allow companies to manage software subscriptions Candlepin is related to the ability to create data related to another client/tenant. Exploitation vulnerability could allow an attacker acting remotely to gain access to sensitive information...
EUVD-2024-32291
Malicious code in bioql PyPI...
EUVD-2023-24034
Malicious code in bioql PyPI...
EUVD-2021-34011
Malicious code in bioql PyPI...
RHSA-2020:2740 Red Hat Security Advisory: candlepin and satellite security update
Bulletin has no description...
CVE-2024-3716
A flaw was found in foreman-installer when puppet-candlepin is invoked cpdb with the --password parameter. This issue leaks the password in the process list and allows an attacker to take advantage and obtain the password...
CVE-2024-3716
A flaw was found in foreman-installer when puppet-candlepin is invoked cpdb with the --password parameter. This issue leaks the password in the process list and allows an attacker to take advantage and obtain the password...
CVE-2024-3716 Foreman-installer: candlepin database password being leaked to local users via the process list
A flaw was found in foreman-installer when puppet-candlepin is invoked cpdb with the --password parameter. This issue leaks the password in the process list and allows an attacker to take advantage and obtain the password...
CVE-2024-3716
CVE-2024-3716 affects foreman-installer when puppet-candlepin is invoked with cpdb using the --password parameter. The flaw causes the password to be exposed in the process list, enabling a local attacker with access to the host to obtain the credential. The description does not specify a vendor-...
CVE-2024-3716 Foreman-installer: candlepin database password being leaked to local users via the process list
A flaw was found in foreman-installer when puppet-candlepin is invoked cpdb with the --password parameter. This issue leaks the password in the process list and allows an attacker to take advantage and obtain the password...
CVE-2024-3716
A flaw was found in foreman-installer when puppet-candlepin is invoked cpdb with the --password parameter. This issue leaks the password in the process list and allows an attacker to take advantage and obtain the password...
foreman: World readable file containing secrets
A sensitive information exposure vulnerability was found in foreman. Contents of tomcat's server.xml file, which contain passwords to candlepin's keystore and truststore, were found to be world readable...
foreman: World readable file containing secrets
A sensitive information exposure vulnerability was found in foreman. Contents of tomcat's server.xml file, which contain passwords to candlepin's keystore and truststore, were found to be world readable...