cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*
It was found that cobbler 2.6.x exposed all functions from its CobblerXMLRPCInterface class over XMLRPC. A remote, unauthenticated attacker could use this flaw to gain high privileges within cobbler, upload files to arbitrary location in the context of the daemon.
Max CVSS
9.8
EPSS Score
0.66%
Published
2018-08-09
Updated
2023-02-12
It was found that spacewalk-channel can be used by a non-admin user or disabled users to perform administrative tasks due to an incorrect authorization check in backend/server/rhnChannel.py.
Max CVSS
9.8
EPSS Score
0.52%
Published
2018-07-27
Updated
2023-02-12
The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before SR9 FP30, and 7 R1 before SR3 FP30 allows remote attackers to obtain sensitive information or inject data by invoking non-public interface methods.
Max CVSS
9.1
EPSS Score
0.61%
Published
2016-06-06
Updated
2019-06-19
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!