Redhat

Satellite

228 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2017-3544

  • EPSS 0.38%
  • Veröffentlicht 24.04.2017 19:59:04
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit...

4.3

CVE-2017-3533

  • EPSS 0.65%
  • Veröffentlicht 24.04.2017 19:59:03
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit...

6.1

CVE-2016-2104

  • EPSS 0.3%
  • Veröffentlicht 13.04.2017 14:59:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Satellite 5 allow remote attackers to inject arbitrary web script or HTML via (1) the label parameter to admin/BunchDetail.do; (2) the package_name, (3) search_subscribed_channels, or (4)...

9.8

CVE-2017-5929

  • EPSS 10.14%
  • Veröffentlicht 13.03.2017 06:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components.

7.1

CVE-2016-10165

  • EPSS 0.87%
  • Veröffentlicht 03.02.2017 19:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.

6.1

CVE-2016-3097

  • EPSS 0.21%
  • Veröffentlicht 05.08.2016 14:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in spacewalk-java in Red Hat Satellite 5.7 allows remote attackers to inject arbitrary web script or HTML via a group name, related to viewing snapshot data.

6.1

CVE-2016-3080

  • EPSS 0.19%
  • Veröffentlicht 05.08.2016 14:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in spacewalk-java in Red Hat Satellite 5.7 allows remote attackers to inject arbitrary web script or HTML via the (1) RHNMD User or (2) Filesystem parameters, related to display of monitoring probes.

8.8

CVE-2016-3072

  • EPSS 0.39%
  • Veröffentlicht 07.06.2016 18:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple SQL injection vulnerabilities in the scoped_search function in app/controllers/katello/api/v2/api_controller.rb in Katello allow remote authenticated users to execute arbitrary SQL commands via the (1) sort_by or (2) sort_order parameter.

9.1

CVE-2015-5041

  • EPSS 0.89%
  • Veröffentlicht 06.06.2016 17:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before SR9 FP30, and 7 R1 before SR3 FP30 allows remote attackers to obtain sensitive information or inject data by invoking non-public interface methods.

8.1

CVE-2016-0376

  • EPSS 1.93%
  • Veröffentlicht 03.06.2016 14:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The com.ibm.rmi.io.SunSerializableFactory class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) does not pr...