Max CVSS 9.3 Min CVSS 1.9 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2018-14623 4.0
A SQL injection flaw was found in katello's errata-related API. An authenticated remote attacker can craft input data to force a malformed SQL query to the backend database, which will leak internal IDs. This is issue is related to an incomplete fix
09-10-2019 - 23:35 14-12-2018 - 00:29
CVE-2017-2672 4.0
A flaw was found in foreman before version 1.15 in the logging of adding and registering images. An attacker with access to the foreman log file would be able to view passwords for provisioned systems in the log file, allowing them to access those sy
09-10-2019 - 23:27 21-06-2018 - 13:29
CVE-2017-2667 6.8
Hammer CLI, a CLI utility for Foreman, before version 0.10.0, did not explicitly set the verify_ssl flag for apipie-bindings that disable it by default. As a result the server certificates are not checked and connections are prone to man-in-the-middl
09-10-2019 - 23:27 12-03-2018 - 15:29
CVE-2016-8639 3.5
It was found that foreman before 1.13.0 is vulnerable to a stored XSS via an organization or location name. This could allow an attacker with privileges to set the organization or location name to display arbitrary HTML including scripting code withi
09-10-2019 - 23:20 01-08-2018 - 13:29
CVE-2016-9595 3.6
A flaw was found in katello-debug before 3.4.0 where certain scripts and log files used insecure temporary files. A local user could exploit this flaw to conduct a symbolic-link attack, allowing them to overwrite the contents of arbitrary files.
09-10-2019 - 23:20 27-07-2018 - 18:29
CVE-2016-9593 4.0
foreman-debug before version 1.15.0 is vulnerable to a flaw in foreman-debug's logging. An attacker with access to the foreman log file would be able to view passwords, allowing them to access those systems.
09-10-2019 - 23:20 16-04-2018 - 15:29
CVE-2016-8634 3.5
A vulnerability was found in foreman 1.14.0. When creating an organization or location in Foreman, if the name contains HTML then the second step of the wizard (/organizations/id/step2) will render the HTML. This occurs in the alertbox on the page. T
09-10-2019 - 23:20 01-08-2018 - 12:29
CVE-2016-8613 4.3
A flaw was found in foreman 1.5.1. The remote execution plugin runs commands on hosts over SSH from the Foreman web UI. When a job is submitted that contains HTML tags, the console output shown in the web UI does not escape the output causing any HTM
09-10-2019 - 23:20 31-07-2018 - 20:29
CVE-2016-7077 4.0
foreman before 1.14.0 is vulnerable to an information leak. It was found that Foreman form helper does not authorize options for associated objects. Unauthorized user can see names of such objects if their count is less than 6.
09-10-2019 - 23:19 10-09-2018 - 15:29
CVE-2016-7078 4.0
foreman before version 1.15.0 is vulnerable to an information leak through organizations and locations feature. When a user is assigned _no_ organizations/locations, they are able to view all resources instead of none (mirroring an administrator's vi
09-10-2019 - 23:19 10-09-2018 - 15:29
CVE-2014-8183 6.5
It was found that foreman, versions 1.x.x before 1.15.6, in Satellite 6 did not properly enforce access controls on certain resources. An attacker with access to the API and knowledge of the resource name can access resources in other organizations.
09-10-2019 - 23:12 01-08-2019 - 14:15
CVE-2016-4996 1.9
discovery-debug in Foreman before 6.2 when the ssh service has been enabled on discovered nodes displays the root password in plaintext in the system journal when used to log in, which allows local users with access to the system journal to obtain th
06-05-2019 - 18:06 17-07-2017 - 13:18
CVE-2016-4995 3.5
Foreman before 1.11.4 and 1.12.x before 1.12.1 does not properly restrict access to preview provisioning templates, which allows remote authenticated users with permission to view some hosts to obtain sensitive host configuration information via a UR
26-02-2019 - 16:30 19-08-2016 - 21:59
CVE-2016-1669 9.3
The Zone::New function in zone.cc in Google V8 before 5.0.71.47, as used in Google Chrome before 50.0.2661.102, does not properly determine when to expand certain memory allocations, which allows remote attackers to cause a denial of service (buffer
30-10-2018 - 16:27 14-05-2016 - 21:59
CVE-2017-2295 6.0
Versions of Puppet prior to 4.10.1 will deserialize data off the wire (from the agent to the server, in this case) with a attacker-specified format. This could be used to force YAML deserialization in an unsafe manner, which would lead to remote code
24-05-2018 - 13:36 05-07-2017 - 15:29
CVE-2017-15699 6.8
A Denial of Service vulnerability was found in Apache Qpid Dispatch Router versions 0.7.0 and 0.8.0. To exploit this vulnerability, a remote user must be able to establish an AMQP connection to the Qpid Dispatch Router and send a specifically crafted
15-03-2018 - 19:29 13-02-2018 - 22:29
CVE-2013-6459 4.3
Cross-site scripting (XSS) vulnerability in the will_paginate gem before 3.0.5 for Ruby allows remote attackers to inject arbitrary web script or HTML via vectors involving generated pagination links.
23-02-2018 - 02:29 31-12-2013 - 16:04
CVE-2016-6319 4.3
Cross-site scripting (XSS) vulnerability in app/helpers/form_helper.rb in Foreman before 1.12.2, as used by Remote Execution and possibly other plugins, allows remote attackers to inject arbitrary web script or HTML via the label parameter.
23-02-2018 - 02:29 19-08-2016 - 21:59
CVE-2016-4451 6.0
The (1) Organization and (2) Locations APIs in Foreman before 1.11.3 and 1.12.x before 1.12.0-RC1 allow remote authenticated users with unlimited filters to bypass organization and location restrictions and read or modify data for an arbitrary organi
23-02-2018 - 02:29 19-08-2016 - 21:59
CVE-2016-3704 5.0
Pulp before 2.8.5 uses bash's $RANDOM in an unsafe way to generate passwords.
23-02-2018 - 02:29 13-06-2017 - 17:29
CVE-2016-3693 6.8
The Safemode gem before 1.2.4 for Ruby, when initialized with a delegate object that is a Rails controller, allows context-dependent attackers to obtain sensitive information via the inspect method.
23-02-2018 - 02:29 20-05-2016 - 14:59
CVE-2016-3696 2.1
The pulp-qpid-ssl-cfg script in Pulp before 2.8.5 allows local users to obtain the CA key.
23-02-2018 - 02:29 13-06-2017 - 16:29
CVE-2016-3107 2.1
The Node certificate in Pulp before 2.8.3 contains the private key, and is stored in a world-readable file in the "/etc/pki/pulp/nodes/" directory, which allows local users to gain access to sensitive data.
05-01-2018 - 02:30 08-06-2017 - 18:29
CVE-2016-3112 5.0
client/consumer/cli.py in Pulp before 2.8.3 writes consumer private keys to etc/pki/pulp/consumer/consumer-cert.pem as world-readable, which allows remote authenticated users to obtain the consumer private keys and escalate privileges by reading /etc
05-01-2018 - 02:30 08-06-2017 - 18:29
CVE-2016-3728 6.8
Eval injection vulnerability in tftp_api.rb in the TFTP module in the Smart-Proxy in Foreman before 1.10.4 and 1.11.x before 1.11.2 allows remote attackers to execute arbitrary code via the PXE template type portion of the PATH_INFO to tftp/.
05-01-2018 - 02:30 20-05-2016 - 14:59
CVE-2016-3111 2.1
pulp.spec in the installation process for Pulp 2.8.3 generates the RSA key pairs used to validate messages between the pulp server and pulp consumers in a directory that is world-readable before later modifying the permissions, which might allow loca
05-01-2018 - 02:30 08-06-2017 - 18:29
CVE-2016-3108 3.6
The pulp-gen-nodes-certificate script in Pulp before 2.8.3 allows local users to leak the keys or write to arbitrary files via a symlink attack.
05-01-2018 - 02:30 08-06-2017 - 18:29
CVE-2015-5282 4.3
Cross-site scripting (XSS) vulnerability in Foreman 1.7.0 and after.
29-09-2017 - 15:23 25-09-2017 - 17:29
CVE-2015-5152 4.3
Foreman after 1.1 and before 1.9.0-RC1 does not redirect HTTP requests to HTTPS when the require_ssl setting is set to true, which allows remote attackers to obtain user credentials via a man-in-the-middle attack.
27-07-2017 - 15:05 17-07-2017 - 13:18
Back to Top Mark selected
Back to Top