Lucene search
K

70 matches found

RedHat Linux
RedHat Linux
added 2026/07/01 5:32 p.m.6 views

foreman: Foreman: Unauthorized modification of host configurations via broken access control

A flaw was found in Foreman. This broken access control vulnerability allows an authenticated user with host-edit permissions to retarget an existing lookup value override to a different host. This is achieved by modifying the match field through nested host attributes, effectively bypassing...

6.5CVSS5.7AI score0.00242EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/07/01 5:31 p.m.7 views

foreman: Foreman: Unauthorized modification of host configurations via broken access control

A flaw was found in Foreman. This broken access control vulnerability allows an authenticated user with host-edit permissions to retarget an existing lookup value override to a different host. This is achieved by modifying the match field through nested host attributes, effectively bypassing...

6.5CVSS5.7AI score0.00242EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/07/01 1:28 p.m.8 views

CVE-2026-5136 Foreman: foreman: privilege escalation to administrator-level access via usergroup role assignment manipulation

A flaw was found in Foreman. The Usergroup model in Foreman does not properly validate role assignments against the calling user's permissions. This allows an authenticated user with usergroup management permissions to attach arbitrary roles, including administrative roles, to a user group and th...

8.8CVSS5.8AI score0.00297EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/07/01 1:27 p.m.10 views

CVE-2026-5136

A flaw was found in Foreman. The Usergroup model in Foreman does not properly validate role assignments against the calling user's permissions. This allows an authenticated user with usergroup management permissions to attach arbitrary roles, including administrative roles, to a user group and th...

8.8CVSS5.8AI score0.00297EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.6 views

PT-2026-54785

Name of the Vulnerable Software and Affected Versions Foreman affected versions not specified Description A broken access control issue allows an authenticated user with host-edit permissions to retarget an existing lookup value override to a different host. This is performed by modifying the mat...

6.5CVSS6AI score0.00242EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.15 views

PT-2026-54788

Name of the Vulnerable Software and Affected Versions foreman affected versions not specified Description Authenticated users with 'view keypairs' permission can bypass taxonomy scoping, which is a mechanism used to restrict access to resources based on organizational boundaries. This allows them...

6.5CVSS6AI score0.00253EPSS
Exploits0References10
OSV
OSV
added 2026/06/30 11:16 a.m.4 views

UBUNTU-CVE-2026-13316

A flaw has been found in foreman when HTTP parameters are modified in httpproxiescontroller and httpproxy files. Attackers can perform an SSRF attack and steal cloud metadata service on AWS/GCP/Azure environment through foreman component...

4.4CVSS5.7AI score0.00105EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/26 12:53 p.m.3 views

CVE-2026-1961 Forman: foreman: remote code execution via command injection in websocket proxy

A flaw was found in Foreman. A remote attacker could exploit a command injection vulnerability in Foreman's WebSocket proxy implementation. This vulnerability arises from the system's use of unsanitized hostname values from compute resource providers when constructing shell commands. By operating...

8CVSS6.5AI score0.01408EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/11/10 12:0 a.m.5 views

RHEL 9 : Satellite 6.17.6 Async Update (Important) (RHSA-2025:19832)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:19832 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity t...

8CVSS7.3AI score0.00605EPSS
Exploits0References15
RedHat Linux
RedHat Linux
added 2025/11/06 2:27 a.m.7 views

Important: Red Hat Security Advisory: Satellite 6.15.5.6 Async Update

An update is now available for Red Hat Satellite 6.15 for RHEL 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

8CVSS6.8AI score0.00605EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/11/05 11:49 p.m.11 views

Important: Red Hat Security Advisory: Satellite 6.17.6 Async Update

A new release is now available for Red Hat Satellite 6.17 for RHEL 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

8CVSS6.8AI score0.00605EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 2025/11/05 11:49 p.m.7 views

foreman: OS command injection via ct_location and fcct_location parameters

A flaw was found in Red Hat Satellite Foreman component. This vulnerability allows an authenticated user with editsettings permissions to achieve arbitrary command execution on the underlying operating system via insufficient server-side validation of command whitelisting...

8CVSS6AI score0.00573EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/11/05 7:32 a.m.3 views

CVE-2025-10622 Foreman: os command injection via ct_location and fcct_location parameters

A flaw was found in Red Hat Satellite Foreman component. This vulnerability allows an authenticated user with editsettings permissions to achieve arbitrary command execution on the underlying operating system via insufficient server-side validation of command whitelisting...

8CVSS6.5AI score0.00573EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2013-0223

Malware in sbrugna...

6.5CVSS6.4AI score0.01078EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-26780

Malware in sbrugna...

6.1CVSS6.3AI score0.00242EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-26779

Malware in sbrugna...

7.1CVSS6.8AI score0.00194EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2013-0213

Malware in sbrugna...

5CVSS6.4AI score0.01667EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-1955

Malware in sbrugna...

4CVSS6.1AI score0.01925EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-9477

Malware in sbrugna...

6.1CVSS6.2AI score0.01094EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-11746

Malware in sbrugna...

6.5CVSS6.8AI score0.01378EPSS
Exploits0References4
Rows per page
Query Builder