Redhat

Satellite

223 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9

CVE-2018-3183

  • EPSS 0.58%
  • Veröffentlicht 17.10.2018 01:31:20
  • Zuletzt bearbeitet 21.11.2024 04:05:21

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Scripting). Supported versions that are affected are Java SE: 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerabil...

8.3

CVE-2018-3169

  • EPSS 0.43%
  • Veröffentlicht 17.10.2018 01:31:19
  • Zuletzt bearbeitet 21.11.2024 04:05:20

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthentica...

8.3

CVE-2018-3149

  • EPSS 0.31%
  • Veröffentlicht 17.10.2018 01:31:17
  • Zuletzt bearbeitet 21.11.2024 04:05:17

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit v...

3.4

CVE-2018-3136

  • EPSS 0.33%
  • Veröffentlicht 17.10.2018 01:31:16
  • Zuletzt bearbeitet 21.11.2024 04:05:14

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unau...

3.1

CVE-2018-3139

  • EPSS 0.08%
  • Veröffentlicht 17.10.2018 01:31:16
  • Zuletzt bearbeitet 21.11.2024 04:05:14

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows un...

5.8

CVE-2017-7513

  • EPSS 0.09%
  • Veröffentlicht 22.08.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:32:03

It was found that Satellite 5 configured with SSL/TLS for the PostgreSQL backend failed to correctly validate X.509 server certificate host name fields. A man-in-the-middle attacker could use this flaw to spoof a PostgreSQL server using a specially c...

7.5

CVE-2018-1517

  • EPSS 0.59%
  • Veröffentlicht 20.08.2018 21:29:01
  • Zuletzt bearbeitet 21.11.2024 03:59:57

A flaw in the java.math component in IBM SDK, Java Technology Edition 6.0, 7.0, and 8.0 may allow an attacker to inflict a denial-of-service attack with specially crafted String data. IBM X-Force ID: 141681.

6.5

CVE-2018-1656

  • EPSS 0.53%
  • Veröffentlicht 20.08.2018 21:29:01
  • Zuletzt bearbeitet 21.11.2024 04:00:08

The IBM Java Runtime Environment's Diagnostic Tooling Framework for Java (DTFJ) (IBM SDK, Java Technology Edition 6.0 , 7.0, and 8.0) does not protect against path traversal attacks when extracting compressed dump files. IBM X-Force ID: 144882.

7.5

CVE-2018-1000632

Exploit
  • EPSS 1.61%
  • Veröffentlicht 20.08.2018 19:31:31
  • Zuletzt bearbeitet 21.11.2024 03:40:16

dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be explo...

9.8

CVE-2018-10931

  • EPSS 67.78%
  • Veröffentlicht 09.08.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:20

It was found that cobbler 2.6.x exposed all functions from its CobblerXMLRPCInterface class over XMLRPC. A remote, unauthenticated attacker could use this flaw to gain high privileges within cobbler, upload files to arbitrary location in the context ...