Lucene search
K

78 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-5454

Malware in sbrugna...

6.5CVSS6.5AI score0.01027EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:43 a.m.5 views

SUSE CVE-2012-5562

A flaw was found in rhn-proxy. This vulnerability may allow the rhn-proxy to transmit user credentials in clear-text when it accesses RHN Satellite. This could lead to information disclosure, where sensitive authentication details are exposed to unauthorized parties...

8.6CVSS6.5AI score0.01027EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:39 a.m.5 views

SUSE CVE-2013-1871

Cross-site scripting XSS vulnerability in account/EditAddress.do in Spacewalk and Red Hat Network RHN Satellite 5.6 allows remote attackers to inject arbitrary web script or HTML via the type parameter...

3.5CVSS6.1AI score0.01593EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:25 a.m.4 views

SUSE CVE-2014-8162

XML external entity XXE in the RPC interface in Spacewalk and Red Hat Network RHN Satellite 5.7 and earlier allows remote attackers to read arbitrary files and possibly have other unspecified impact via unknown vectors...

7.5CVSS7.4AI score0.02694EPSS
Exploits0References5
GitLab Advisory Database
GitLab Advisory Database
added 2022/05/17 12:0 a.m.38 views

Improper Control of Generation of Code ('Code Injection')

CVE-2010-2235 RHN Satellite cobbler: Code injection flaw ACE as root by processing of a specially-crafted kickstart template file...

8.5CVSS2.7AI score0.03327EPSS
Exploits0References7Affected Software1
Veracode
Veracode
added 2020/04/10 1:12 a.m.17 views

Denial Of Service (DoS)

spacewalk-backend is vulnerable to denial of service. It was found that a remote attacker could upload packages to an RHN Satellite server's NULL organization without any authorization or authentication. The NULL organization stores packages synced from RHN Hosted. Although an attacker cannot put...

5CVSS2.9AI score0.03016EPSS
Exploits0References8Affected Software1
Veracode
Veracode
added 2020/04/10 1:6 a.m.23 views

Cross-site Scripting (XSS)

spacewalk-web is vulnerable to cross-site scripting XSS. The vulnerability exists as an authenticated RHN Satellite user could use this flaw to perform a cross-site scripting attack against other authenticated users who are using the RHN Satellite web interface...

3.5CVSS2.1AI score0.01686EPSS
Exploits0References8Affected Software1
Veracode
Veracode
added 2020/04/10 1:6 a.m.23 views

Cross-site Scripting (XSS)

spacewalk-java is vulnerable to cross-site scripting XSS. The vulnerability exists as a remote attacker could use these flaws to perform a cross-site scripting attack against victims using the RHN Satellite web interface...

4.3CVSS2.3AI score0.01474EPSS
Exploits0References7Affected Software3
Veracode
Veracode
added 2020/04/10 1:6 a.m.18 views

Cross-site Scripting (XSS)

spacewalk-web is vulnerable to cross-site scripting XSS. The vulnerability exists as a remote attacker could use these flaws to perform a cross-site scripting attack against victims using the RHN Satellite web interface...

4.3CVSS2.3AI score0.02048EPSS
Exploits0References6Affected Software3
Veracode
Veracode
added 2020/04/10 1:6 a.m.21 views

Cross-site Scripting (XSS)

spacewalk-web is vulnerable to cross-site scripting XSS. The vulnerability exists as multiple cross-site scripting XSS flaws were found in the RHN Satellite web interface. A remote attacker could use these flaws to perform a cross-site scripting attack against victims using the RHN Satellite web...

4.3CVSS2AI score0.01474EPSS
Exploits0References6Affected Software3
Veracode
Veracode
added 2020/04/10 1:6 a.m.18 views

Cross-site Scripting (XSS)

sapcewalk-web is vulnerable to cross-site scripting XSS. The vulnerability exists as a remote attacker could use these flaws to perform a cross-site scripting attack against victims using the RHN Satellite web interface...

4.3CVSS2.3AI score0.01188EPSS
Exploits0References6Affected Software3
Veracode
Veracode
added 2020/04/10 12:59 a.m.16 views

Information Disclosure

spacewalk is vulnerable to information disclosure. A flaw was found in the way RHN Satellite Server managed user authentication. A time delay was not inserted after each failed log in, which could allow a remote attacker to conduct a password guessing attack efficiently...

5.8CVSS3.6AI score0.01262EPSS
Exploits0References9Affected Software2
Veracode
Veracode
added 2020/04/10 12:59 a.m.22 views

Session Fixation

spacewalk is vulnerable to session fixation. A session fixation flaw was found in the way RHN Satellite Server handled session cookies. An RHN Satellite Server user able to pre-set the session cookie in a victim's browser to a valid value could use this flaw to hijack the victim's session after t...

5.8CVSS1.6AI score0.02015EPSS
Exploits0References10Affected Software2
Veracode
Veracode
added 2020/04/10 12:56 a.m.27 views

Authorization Bypass

spacewalk-config is vulnerable to authorization bypass. The vulnerability exists as RHN Satellite incorrectly exposed an obsolete XML-RPC API for configuring package group comps.xml files for channels. An authenticated user could use this flaw to gain access to arbitrary files accessible to the R...

5.5CVSS2.7AI score0.02812EPSS
Exploits1References9Affected Software2
NVD
NVD
added 2019/12/02 7:15 p.m.24 views

CVE-2012-5562

A flaw was found in rhn-proxy. This vulnerability may allow the rhn-proxy to transmit user credentials in clear-text when it accesses RHN Satellite. This could lead to information disclosure, where sensitive authentication details are exposed to unauthorized parties...

8.6CVSS6.5AI score0.01027EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2019/12/02 7:15 p.m.3 views

CVE-2012-5562

A flaw was found in rhn-proxy. This vulnerability may allow the rhn-proxy to transmit user credentials in clear-text when it accesses RHN Satellite. This could lead to information disclosure, where sensitive authentication details are exposed to unauthorized parties...

8.6CVSS6.5AI score0.01027EPSS
Exploits0References5
Cvelist
Cvelist
added 2019/12/02 6:12 p.m.25 views

CVE-2012-5562 Rhn-proxy: rhn-satellite: rhn-proxy: information disclosure via clear-text credential transmission when accessing rhn satellite

A flaw was found in rhn-proxy. This vulnerability may allow the rhn-proxy to transmit user credentials in clear-text when it accesses RHN Satellite. This could lead to information disclosure, where sensitive authentication details are exposed to unauthorized parties...

8.6CVSS6.5AI score0.01027EPSS
Exploits0References4
CVE
CVE
added 2019/12/02 6:12 p.m.78 views

CVE-2012-5562

CVE-2012-5562 affects the rhn-proxy component used with Red Hat Satellite. The flaw enables the proxy to transmit user credentials in clear text when accessing RHN Satellite, leading to potential exposure of sensitive authentication details (information disclosure). Public references and CVSS dat...

8.6CVSS6.5AI score0.01027EPSS
Exploits0References4Affected Software1
Veracode
Veracode
added 2019/01/15 9:6 a.m.22 views

XML External Entity (XXE)

spacewalk-java is vulnerable to XML External Entity XXE attacks. The vulnerability exists as the RPC interface in Spacewalk and Red Hat Network RHN Satellite 5.7 and earlier allows remote attackers to read arbitrary files and possibly have other unspecified impact via unknown vectors...

7.5CVSS6.5AI score0.02694EPSS
Exploits0References8Affected Software2
Veracode
Veracode
added 2019/01/15 9:1 a.m.22 views

Cross-site Scripting (XSS)

spacewalk-java is vulnerable to cross-site scripting XSS attacks. The vulnerability exists as spacewalk-java 1.2.39, 1.7.54, and 2.0.2 in Spacewalk and Red Hat Network RHN Satellite 5.4 through 5.6 allows remote attackers to inject arbitrary web script or HTML via a crafted request that is not...

4.3CVSS5.1AI score0.01759EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder