Filtered by vendor Redhat
Subscriptions
Filtered by product Network Satellite
Subscriptions
Total
757 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-3879 | 2 Redhat, Sun | 5 Enterprise Linux, Network Satellite, Rhel Extras and 2 more | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in the (1) X11 and (2) Win32GraphicsDevice subsystems in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and attack vectors, related to failure to clone arrays that are returned by the getConfigurations function, aka Bug Id 6822057. | ||||
| CVE-2009-3883 | 2 Redhat, Sun | 6 Enterprise Linux, Network Satellite, Rhel Extras and 3 more | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in the Windows Pluggable Look and Feel (PL&F) feature in the Swing implementation in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and remote attack vectors, related to "information leaks in mutable variables," aka Bug Id 6657138. | ||||
| CVE-2007-6388 | 2 Apache, Redhat | 6 Http Server, Certificate System, Enterprise Linux and 3 more | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-1101 | 2 Redhat, Sun | 5 Enterprise Linux, Network Satellite, Rhel Extras and 2 more | 2025-04-09 | N/A |
| Unspecified vulnerability in the lightweight HTTP server implementation in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allows remote attackers to cause a denial of service (probably resource consumption) for a JAX-WS service endpoint via a connection without any data, which triggers a file descriptor "leak." | ||||
| CVE-2009-0783 | 2 Apache, Redhat | 7 Tomcat, Enterprise Linux, Jboss Enterprise Application Platform and 4 more | 2025-04-09 | N/A |
| Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application. | ||||
| CVE-2008-5356 | 2 Redhat, Sun | 5 Network Satellite, Rhel Extras, Jdk and 2 more | 2025-04-09 | N/A |
| Heap-based buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file. | ||||
| CVE-2009-3884 | 2 Redhat, Sun | 5 Enterprise Linux, Network Satellite, Rhel Extras and 2 more | 2025-04-09 | N/A |
| The TimeZone.getTimeZone method in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local files via vectors related to handling of zoneinfo (aka tz) files, aka Bug Id 6824265. | ||||
| CVE-2009-1100 | 2 Redhat, Sun | 5 Network Satellite, Rhel Extras, Rhel Extras Sap and 2 more | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allow remote attackers to cause a denial of service (disk consumption) via vectors related to temporary font files and (1) "limits on Font creation," aka CR 6522586, and (2) another unspecified vector, aka CR 6632886. | ||||
| CVE-2009-1094 | 2 Redhat, Sun | 6 Enterprise Linux, Network Satellite, Rhel Extras and 3 more | 2025-04-09 | N/A |
| Unspecified vulnerability in the LDAP implementation in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.1_24 and earlier; and 1.4.2_19 and earlier allows remote LDAP servers to execute arbitrary code via unknown vectors related to serialized data. | ||||
| CVE-2009-2409 | 4 Gnu, Mozilla, Openssl and 1 more | 7 Gnutls, Network Security Services, Openssl and 4 more | 2025-04-09 | N/A |
| The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash collision in less than brute-force time. NOTE: the scope of this issue is currently limited because the amount of computation required is still large. | ||||
| CVE-2008-5357 | 2 Redhat, Sun | 5 Network Satellite, Rhel Extras, Jdk and 2 more | 2025-04-09 | N/A |
| Integer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file, which triggers a heap-based buffer overflow. | ||||
| CVE-2008-0128 | 2 Apache, Redhat | 3 Tomcat, Certificate System, Network Satellite | 2025-04-09 | N/A |
| The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure flag for the JSESSIONIDSSO cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie. | ||||
| CVE-2009-1093 | 2 Redhat, Sun | 6 Enterprise Linux, Network Satellite, Rhel Extras and 3 more | 2025-04-09 | N/A |
| LdapCtx in the LDAP service in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.1_24 and earlier; and 1.4.2_19 and earlier does not close the connection when initialization fails, which allows remote attackers to cause a denial of service (LDAP service hang). | ||||
| CVE-2008-1192 | 2 Redhat, Sun | 5 Network Satellite, Rhel Extras, Jdk and 2 more | 2025-04-09 | N/A |
| Unspecified vulnerability in the Java Plug-in for Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier; and SDK and JRE 1.4.2_16 and earlier, and 1.3.1_21 and earlier; allows remote attackers to bypass the same origin policy and "execute local applications" via unknown vectors. | ||||
| CVE-2008-1194 | 2 Redhat, Sun | 4 Network Satellite, Rhel Extras, Jdk and 1 more | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in the color management library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to cause a denial of service (crash) via unknown vectors. | ||||
| CVE-2008-1947 | 2 Apache, Redhat | 5 Tomcat, Enterprise Linux, Network Satellite and 2 more | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via the name parameter (aka the hostname attribute) to host-manager/html/add. | ||||
| CVE-2008-2369 | 1 Redhat | 2 Network Satellite, Satellite | 2025-04-09 | 9.1 Critical |
| manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has a hard-coded authentication key, which allows remote attackers to connect to the server and obtain sensitive information about user accounts and entitlements. | ||||
| CVE-2008-3271 | 2 Apache, Redhat | 2 Tomcat, Network Satellite | 2025-04-09 | N/A |
| Apache Tomcat 5.5.0 and 4.1.0 through 4.1.31 allows remote attackers to bypass an IP address restriction and obtain sensitive information via a request that is processed concurrently with another request but in a different thread, leading to an instance-variable overwrite associated with a "synchronization problem" and lack of thread safety, and related to RemoteFilterValve, RemoteAddrValve, and RemoteHostValve. | ||||
| CVE-2008-3103 | 2 Redhat, Sun | 4 Network Satellite, Rhel Extras, Jdk and 1 more | 2025-04-09 | N/A |
| Unspecified vulnerability in the Java Management Extensions (JMX) management agent in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier, when local monitoring is enabled, allows remote attackers to "perform unauthorized operations" via unspecified vectors. | ||||
| CVE-2008-3104 | 2 Redhat, Sun | 5 Network Satellite, Rhel Extras, Jdk and 2 more | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allow remote attackers to violate the security model for an applet's outbound connections by connecting to localhost services running on the machine that loaded the applet. | ||||