Satellite Security Vulnerabilities and Issues — Satellite CVE List

Lucene search

RedhatSatellite

8 matches found

CVE•added 2019/07/23 11:15 p.m.•330 views

CVE-2019-2786

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...

3.4CVSS3.6AI score0.00154EPSS

CVE•added 2019/07/23 11:15 p.m.•315 views

CVE-2019-2769

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Utilities). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Easily exploitable vulnerability allows unauthenticated attacker with network access via ...

5.3CVSS4.6AI score0.00168EPSS

CVE•added 2019/07/23 11:15 p.m.•286 views

CVE-2019-2816

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access v...

5.8CVSS4.2AI score0.00101EPSS

CVE•added 2019/07/23 11:15 p.m.•262 views

CVE-2019-2762

5.3CVSS4.6AI score0.00095EPSS

CVE•added 2019/07/02 8:15 p.m.•184 views

CVE-2019-10137

A path traversal flaw was found in spacewalk-proxy, all versions through 2.9, in the way the proxy processes cached client tokens. A remote, unauthenticated attacker could use this flaw to test the existence of arbitrary files, if they have access to the proxy's filesystem, or can execute arbitrary...

9.8CVSS9.6AI score0.08937EPSS

CVE•added 2019/07/02 8:15 p.m.•179 views

CVE-2019-10136

It was found that Spacewalk, all versions through 2.9, did not safely compute client token checksums. An attacker with a valid, but expired, authenticated set of headers could move some digits around, artificially extending the session validity without modifying the checksum.

4.3CVSS4.3AI score0.00102EPSS

CVE•added 2019/07/31 10:15 p.m.•105 views

CVE-2019-10198

An authentication bypass vulnerability was discovered in foreman-tasks before 0.15.7. Previously, commit tasks were searched through find_resource, which performed authorization checks. After the change to Foreman, an unauthenticated user can view the details of a task through the web UI or API, if...

6.5CVSS6.9AI score0.01182EPSS

CVE•added 2019/07/30 2:15 p.m.•77 views

CVE-2019-11775

All builds of Eclipse OpenJ9 prior to 0.15 contain a bug where the loop versioner may fail to privatize a value that is pulled out of the loop by versioning - for example if there is a condition that is moved out of the loop that reads a field we may not privatize the value of that field in the mod...

7.4CVSS8.2AI score0.01505EPSS