Filtered by vendor Redhat Subscriptions
Filtered by product Satellite Capsule Subscriptions
Total 274 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2016-10745 2 Palletsprojects, Redhat 9 Jinja, Enterprise Linux, Rhel Aus and 6 more 2024-11-21 N/A
In Pallets Jinja before 2.8.1, str.format allows a sandbox escape.
CVE-2016-10516 2 Palletsprojects, Redhat 3 Werkzeug, Satellite, Satellite Capsule 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in the render_full function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 (as used in Pallets Flask and other products) allows remote attackers to inject arbitrary web script or HTML via a field that contains an exception message.
CVE-2016-1000352 2 Bouncycastle, Redhat 4 Legion-of-the-bouncy-castle-java-crytography-api, Jboss Fuse, Satellite and 1 more 2024-11-21 N/A
In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider.
CVE-2016-1000346 3 Bouncycastle, Debian, Redhat 5 Legion-of-the-bouncy-castle-java-crytography-api, Debian Linux, Jboss Fuse and 2 more 2024-11-21 N/A
In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not fully validated. This can cause issues as invalid keys can be used to reveal details about the other party's private key where static Diffie-Hellman is in use. As of release 1.56 the key parameters are checked on agreement calculation.
CVE-2016-1000345 3 Bouncycastle, Debian, Redhat 5 Legion-of-the-bouncy-castle-java-crytography-api, Debian Linux, Jboss Fuse and 2 more 2024-11-21 N/A
In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES/ECIES CBC mode vulnerable to padding oracle attack. For BC 1.55 and older, in an environment where timings can be easily observed, it is possible with enough observations to identify when the decryption is failing due to padding.
CVE-2016-1000344 2 Bouncycastle, Redhat 4 Legion-of-the-bouncy-castle-java-crytography-api, Jboss Fuse, Satellite and 1 more 2024-11-21 N/A
In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider.
CVE-2016-1000343 3 Bouncycastle, Debian, Redhat 5 Legion-of-the-bouncy-castle-java-crytography-api, Debian Linux, Jboss Fuse and 2 more 2024-11-21 N/A
In the Bouncy Castle JCE Provider version 1.55 and earlier the DSA key pair generator generates a weak private key if used with default values. If the JCA key pair generator is not explicitly initialised with DSA parameters, 1.55 and earlier generates a private value assuming a 1024 bit key size. In earlier releases this can be dealt with by explicitly passing parameters to the key pair generator.
CVE-2016-1000342 3 Bouncycastle, Debian, Redhat 5 Legion-of-the-bouncy-castle-java-crytography-api, Debian Linux, Jboss Fuse and 2 more 2024-11-21 N/A
In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of 'invisible' data into a signed structure.
CVE-2016-1000341 3 Bouncycastle, Debian, Redhat 5 Legion-of-the-bouncy-castle-java-crytography-api, Debian Linux, Jboss Fuse and 2 more 2024-11-21 N/A
In the Bouncy Castle JCE Provider version 1.55 and earlier DSA signature generation is vulnerable to timing attack. Where timings can be closely observed for the generation of signatures, the lack of blinding in 1.55, or earlier, may allow an attacker to gain information about the signature's k value and ultimately the private value as well.
CVE-2016-1000340 2 Bouncycastle, Redhat 4 Legion-of-the-bouncy-castle-java-crytography-api, Jboss Fuse, Satellite and 1 more 2024-11-21 N/A
In the Bouncy Castle JCE Provider versions 1.51 to 1.55, a carry propagation bug was introduced in the implementation of squaring for several raw math classes have been fixed (org.bouncycastle.math.raw.Nat???). These classes are used by our custom elliptic curve implementations (org.bouncycastle.math.ec.custom.**), so there was the possibility of rare (in general usage) spurious calculations for elliptic curve scalar multiplications. Such errors would have been detected with high probability by the output validation for our scalar multipliers.
CVE-2016-1000339 3 Bouncycastle, Debian, Redhat 5 Legion-of-the-bouncy-castle-java-crytography-api, Debian Linux, Jboss Fuse and 2 more 2024-11-21 N/A
In the Bouncy Castle JCE Provider version 1.55 and earlier the primary engine class used for AES was AESFastEngine. Due to the highly table driven approach used in the algorithm it turns out that if the data channel on the CPU can be monitored the lookup table accesses are sufficient to leak information on the AES key being used. There was also a leak in AESEngine although it was substantially less. AESEngine has been modified to remove any signs of leakage (testing carried out on Intel X86-64) and is now the primary AES class for the BC JCE provider from 1.56. Use of AESFastEngine is now only recommended where otherwise deemed appropriate.
CVE-2016-1000338 4 Bouncycastle, Canonical, Netapp and 1 more 6 Legion-of-the-bouncy-castle-java-crytography-api, Ubuntu Linux, 7-mode Transition Tool and 3 more 2024-11-21 7.5 High
In Bouncy Castle JCE Provider version 1.55 and earlier the DSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of 'invisible' data into a signed structure.
CVE-2015-7518 2 Redhat, Theforeman 3 Satellite, Satellite Capsule, Foreman 2024-11-21 N/A
Multiple cross-site scripting (XSS) vulnerabilities in information popups in Foreman before 1.10.0 allow remote attackers to inject arbitrary web script or HTML via (1) global parameters, (2) smart class parameters, or (3) smart variables in the (a) host or (b) hostgroup edit forms.
CVE-2015-6644 2 Google, Redhat 6 Android, Jboss Amq, Jboss Enterprise Application Platform and 3 more 2024-11-21 N/A
Bouncy Castle in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to obtain sensitive information via a crafted application, aka internal bug 24106146.
CVE-2015-5282 2 Redhat, Theforeman 3 Satellite, Satellite Capsule, Foreman 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in Foreman 1.7.0 and after.
CVE-2015-5233 2 Redhat, Theforeman 3 Satellite, Satellite Capsule, Foreman 2024-11-21 N/A
Foreman before 1.8.4 and 1.9.x before 1.9.1 do not properly apply view_hosts permissions, which allows (1) remote authenticated users with the view_reports permission to read reports from arbitrary hosts or (2) remote authenticated users with the destroy_reports permission to delete reports from arbitrary hosts via direct access to the (a) individual report show/delete pages or (b) APIs.
CVE-2015-5152 2 Redhat, Theforeman 3 Satellite, Satellite Capsule, Foreman 2024-11-21 N/A
Foreman after 1.1 and before 1.9.0-RC1 does not redirect HTTP requests to HTTPS when the require_ssl setting is set to true, which allows remote attackers to obtain user credentials via a man-in-the-middle attack.
CVE-2015-3448 2 Redhat, Rest-client Project 4 Cloudforms Managementengine, Satellite, Satellite Capsule and 1 more 2024-11-21 N/A
REST client for Ruby (aka rest-client) before 1.7.3 logs usernames and passwords, which allows local users to obtain sensitive information by reading the log.
CVE-2015-3235 2 Redhat, Theforeman 3 Satellite, Satellite Capsule, Foreman 2024-11-21 N/A
Foreman before 1.9.0 allows remote authenticated users with the edit_users permission to edit administrator users and change their passwords via unspecified vectors.
CVE-2015-3225 4 Debian, Opensuse, Rack Project and 1 more 6 Debian Linux, Opensuse, Rack and 3 more 2024-11-21 N/A
lib/rack/utils.rb in Rack before 1.5.4 and 1.6.x before 1.6.2, as used with Ruby on Rails 3.x and 4.x and other products, allows remote attackers to cause a denial of service (SystemStackError) via a request with a large parameter depth.