Suse

Manager

19 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2016-1285

  • EPSS 67.84%
  • Published 09.03.2016 23:59:02
  • Last modified 12.04.2025 10:46:40

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed...

7.5

CVE-2014-8162

  • EPSS 0.61%
  • Published 14.05.2015 14:59:05
  • Last modified 12.04.2025 10:46:40

XML external entity (XXE) in the RPC interface in Spacewalk and Red Hat Network (RHN) Satellite 5.7 and earlier allows remote attackers to read arbitrary files and possibly have other unspecified impact via unknown vectors.

5

CVE-2015-2808

  • EPSS 52.59%
  • Published 01.04.2015 02:00:35
  • Last modified 12.04.2025 10:46:40

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial ...

3.5

CVE-2014-7812

  • EPSS 0.21%
  • Published 15.01.2015 15:59:02
  • Last modified 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allows remote authenticated users to inject arbitrary web script or HTML via the System Groups field.

3.5

CVE-2014-7811

  • EPSS 0.18%
  • Published 15.01.2015 15:59:01
  • Last modified 12.04.2025 10:46:40

Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allow remote authenticated users to inject arbitrary web script or HTML via crafted XML data to the REST API.

4.3

CVE-2014-3654

  • EPSS 0.3%
  • Published 03.11.2014 16:55:03
  • Last modified 12.04.2025 10:46:40

Multiple cross-site scripting (XSS) vulnerabilities in spacewalk-java 2.0.2 in Spacewalk and Red Hat Network (RHN) Satellite 5.5 and 5.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to (1) kickstart/cobbler/Cu...

4.3

CVE-2014-3595

  • EPSS 0.3%
  • Published 22.09.2014 15:55:07
  • Last modified 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in spacewalk-java 1.2.39, 1.7.54, and 2.0.2 in Spacewalk and Red Hat Network (RHN) Satellite 5.4 through 5.6 allows remote attackers to inject arbitrary web script or HTML via a crafted request that is not pro...

4.3

CVE-2013-4415

  • EPSS 0.33%
  • Published 14.02.2014 15:55:05
  • Last modified 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat Network (RHN) Satellite 5.6 allow remote attackers to inject arbitrary web script or HTML via the (1) whereCriteria variable in a software channels search; (2) end_year, (3)...

7.5

CVE-2013-4480

  • EPSS 0.7%
  • Published 18.11.2013 02:55:07
  • Last modified 11.04.2025 00:51:21

Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the first user for a satellite, which allows remote attackers to create administrator accounts.