Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
RedhatNetwork Satellite

10 matches found

CVE
CVEadded 2015/05/14 2:59 p.m.61 views

CVE-2014-8162

XML external entity (XXE) in the RPC interface in Spacewalk and Red Hat Network (RHN) Satellite 5.7 and earlier allows remote attackers to read arbitrary files and possibly have other unspecified impact via unknown vectors.

7.5CVSS7.1AI score0.00606EPSS
CVE
CVEadded 2013/11/18 2:55 a.m.60 views

CVE-2013-4480

Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the first user for a satellite, which allows remote attackers to create administrator accounts.

7.5CVSS6.7AI score0.00704EPSS
CVE
CVEadded 2015/01/15 3:59 p.m.49 views

CVE-2014-7811

Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allow remote authenticated users to inject arbitrary web script or HTML via crafted XML data to the REST API.

3.5CVSS5.2AI score0.00184EPSS
CVE
CVEadded 2014/02/05 6:55 p.m.46 views

CVE-2011-3344

Cross-site scripting (XSS) vulnerability in the Lookup Login/Password form in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allows remote attackers to inject arbitrary web script or HTML via the URI.

4.3CVSS5.8AI score0.00389EPSS
CVE
CVEadded 2014/02/05 6:55 p.m.42 views

CVE-2011-2919

Cross-site scripting (XSS) vulnerability in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allows remote attackers to inject arbitrary web script or HTML via the QueryString to the SystemGroupList.do page.

4.3CVSS5.8AI score0.00322EPSS
CVE
CVEadded 2014/02/05 6:55 p.m.42 views

CVE-2011-2920

Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allow remote attackers to inject arbitrary web script or HTML via the "Filter by Synopsis" field and other unspecified filter forms.

4.3CVSS5.9AI score0.00389EPSS
CVE
CVEadded 2014/04/17 2:55 p.m.42 views

CVE-2013-2143

The users controller in Katello 1.5.0-14 and earlier, and Red Hat Satellite, does not check authorization for the update_roles action, which allows remote authenticated users to gain privileges by setting a user account to an administrator account.

6.5CVSS6.6AI score0.61626EPSS
CVE
CVEadded 2008/05/23 3:32 p.m.40 views

CVE-2007-5961

Cross-site scripting (XSS) vulnerability in the Red Hat Network channel search feature, as used in RHN and Red Hat Network Satellite before 5.0.2, allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

4.3CVSS5.7AI score0.00329EPSS
CVE
CVEadded 2014/02/05 6:55 p.m.38 views

CVE-2011-1594

Open redirect vulnerability in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url_bounce parameter.

5.8CVSS6.8AI score0.00274EPSS
CVE
CVEadded 2014/02/05 6:55 p.m.37 views

CVE-2011-2927

Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allow remote attackers to inject arbitrary web script or HTML via vectors related to Search forms.

4.3CVSS5.7AI score0.00344EPSS