Search Results (297 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2015-5152 2 Redhat, Theforeman 3 Satellite, Satellite Capsule, Foreman 2025-04-20 N/A
Foreman after 1.1 and before 1.9.0-RC1 does not redirect HTTP requests to HTTPS when the require_ssl setting is set to true, which allows remote attackers to obtain user credentials via a man-in-the-middle attack.
CVE-2015-5282 2 Redhat, Theforeman 3 Satellite, Satellite Capsule, Foreman 2025-04-20 N/A
Cross-site scripting (XSS) vulnerability in Foreman 1.7.0 and after.
CVE-2016-3112 2 Pulpproject, Redhat 3 Pulp, Satellite, Satellite Capsule 2025-04-20 N/A
client/consumer/cli.py in Pulp before 2.8.3 writes consumer private keys to etc/pki/pulp/consumer/consumer-cert.pem as world-readable, which allows remote authenticated users to obtain the consumer private keys and escalate privileges by reading /etc/pki/pulp/consumer/consumer-cert, and authenticating as a consumer user.
CVE-2017-7233 2 Djangoproject, Redhat 4 Django, Openstack, Satellite and 1 more 2025-04-20 N/A
Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 relies on user input in some cases to redirect the user to an "on success" URL. The security check for these redirects (namely ``django.utils.http.is_safe_url()``) considered some numeric URLs "safe" when they shouldn't be, aka an open redirect vulnerability. Also, if a developer relies on ``is_safe_url()`` to provide safe redirect targets and puts such a URL into a link, they could suffer from an XSS attack.
CVE-2016-3107 2 Pulpproject, Redhat 3 Pulp, Satellite, Satellite Capsule 2025-04-20 N/A
The Node certificate in Pulp before 2.8.3 contains the private key, and is stored in a world-readable file in the "/etc/pki/pulp/nodes/" directory, which allows local users to gain access to sensitive data.
CVE-2015-0224 2 Apache, Redhat 4 Qpid, Enterprise Mrg, Satellite and 1 more 2025-04-20 N/A
qpidd in Apache Qpid 0.30 and earlier allows remote attackers to cause a denial of service (daemon crash) via a crafted protocol sequence set. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0203.
CVE-2016-10516 2 Palletsprojects, Redhat 3 Werkzeug, Satellite, Satellite Capsule 2025-04-20 N/A
Cross-site scripting (XSS) vulnerability in the render_full function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 (as used in Pallets Flask and other products) allows remote attackers to inject arbitrary web script or HTML via a field that contains an exception message.
CVE-2016-4996 1 Redhat 3 Enterprise Linux Server, Satellite, Satellite Capsule 2025-04-20 N/A
discovery-debug in Foreman before 6.2 when the ssh service has been enabled on discovered nodes displays the root password in plaintext in the system journal when used to log in, which allows local users with access to the system journal to obtain the root password by reading the system journal, or by clicking Logs on the console.
CVE-2017-17718 2 Net-ldap Project, Redhat 3 Net-ldap, Satellite, Satellite Capsule 2025-04-20 N/A
The Net::LDAP (aka net-ldap) gem before 0.16.0 for Ruby has Missing SSL Certificate Validation.
CVE-2017-15100 2 Redhat, Theforeman 3 Satellite, Satellite Capsule, Foreman 2025-04-20 6.1 Medium
An attacker submitting facts to the Foreman server containing HTML can cause a stored XSS on certain pages: (1) Facts page, when clicking on the "chart" button and hovering over the chart; (2) Trends page, when checking the graph for a trend based on a such fact; (3) Statistics page, for facts that are aggregated on this page.
CVE-2016-3108 2 Pulpproject, Redhat 3 Pulp, Satellite, Satellite Capsule 2025-04-20 N/A
The pulp-gen-nodes-certificate script in Pulp before 2.8.3 allows local users to leak the keys or write to arbitrary files via a symlink attack.
CVE-2016-3704 3 Fedoraproject, Pulpproject, Redhat 4 Fedora, Pulp, Satellite and 1 more 2025-04-20 N/A
Pulp before 2.8.5 uses bash's $RANDOM in an unsafe way to generate passwords.
CVE-2014-4616 5 Opensuse, Opensuse Project, Python and 2 more 8 Opensuse, Opensuse, Python and 5 more 2025-04-20 5.9 Medium
Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the raw_decode function.
CVE-2022-40899 2 Pythoncharmers, Redhat 4 Python-future, Rhui, Satellite and 1 more 2025-04-15 7.5 High
An issue discovered in Python Charmers Future 0.18.2 and earlier allows remote attackers to cause a denial of service via crafted Set-Cookie header from malicious web server.
CVE-2022-4130 1 Redhat 3 Satellite, Satellite Capsule, Satellite Utils 2025-04-14 4.5 Medium
A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker's server by modifying the Referer header in an HTTP request of specific resources in the server.
CVE-2015-1844 2 Redhat, Theforeman 3 Satellite, Satellite Capsule, Foreman 2025-04-12 N/A
Foreman before 1.7.5 allows remote authenticated users to bypass organization and location restrictions by connecting through the REST API.
CVE-2014-3653 2 Redhat, Theforeman 3 Satellite, Satellite Capsule, Foreman 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the template preview function in Foreman before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted provisioning template.
CVE-2015-1816 2 Redhat, Theforeman 3 Satellite, Satellite Capsule, Foreman 2025-04-12 N/A
Forman before 1.7.4 does not verify SSL certificates for LDAP connections, which allows man-in-the-middle attackers to spoof LDAP servers via a crafted certificate.
CVE-2016-2100 2 Redhat, Theforeman 3 Satellite, Satellite Capsule, Foreman 2025-04-12 N/A
Foreman before 1.10.3 and 1.11.0 before 1.11.0-RC2 allow remote authenticated users to read, modify, or delete private bookmarks by leveraging the (1) edit_bookmarks or (2) destroy_bookmarks permission.
CVE-2015-5233 2 Redhat, Theforeman 3 Satellite, Satellite Capsule, Foreman 2025-04-12 N/A
Foreman before 1.8.4 and 1.9.x before 1.9.1 do not properly apply view_hosts permissions, which allows (1) remote authenticated users with the view_reports permission to read reports from arbitrary hosts or (2) remote authenticated users with the destroy_reports permission to delete reports from arbitrary hosts via direct access to the (a) individual report show/delete pages or (b) APIs.