Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
suse studio onsite 1.3 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-3712
SUSE Studio Onsite 1.3.x prior to 1.3.6 and SUSE Studio Extension for System z 1.3 uses "static" secret tokens, which has unspecified impact and vectors.
Suse Studio Onsite 1.3
Suse Studio Onsite 1.3.1
Suse Studio Onsite 1.3.3
Suse Studio Onsite 1.3.5
Suse Studio Onsite 1.3.2
Suse Studio Onsite 1.3.4
Suse Studio Extension For System Z 1.3
NA
CVE-2013-3709
WebYaST 1.3 uses weak permissions for config/initializers/secret_token.rb, which allows local users to gain privileges by reading the Rails secret token from this file.
Suse Webyast 1.3
Suse Studio Onsite 1.3
Novell Suse Lifecycle Management Server 1.3
8.1
CVSSv3
CVE-2017-14807
An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in susestudio-ui-server of SUSE Studio onsite allows remote attackers with admin privileges in Studio to alter SQL statements, allowing for extraction and modification ...
Suse Studio Onsite 1.3
Suse Susestudio-ui-server
5.9
CVSSv3
CVE-2017-14806
A Improper Certificate Validation vulnerability in susestudio-common of SUSE Studio onsite allows remote malicious users to MITM connections to the repositories, which allows the modification of packages received over these connections. This issue affects: SUSE Studio onsite suse...
Suse Studio Onsite 1.3
Suse Susestudio-ui-server
NA
CVE-2013-4547
nginx 0.8.41 up to and including 1.4.3 and 1.5.x prior to 1.5.7 allows remote malicious users to bypass intended restrictions via an unescaped space character in a URI.
F5 Nginx
Suse Lifecycle Management Server 1.3
Suse Studio Onsite 1.3
Suse Webyast 1.3
Opensuse Opensuse 11.4
Opensuse Opensuse 12.2
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
1 EDB exploit
1 Github repository
5.5
CVSSv3
CVE-2015-8808
The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 allows remote malicious users to cause a denial of service (uninitialized memory access) via a crafted GIF file.
Graphicsmagick Graphicsmagick
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Debuginfo 11
Suse Studio Onsite 1.3
Fedoraproject Fedora 22
5.5
CVSSv3
CVE-2016-2317
Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote malicious users to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2) GetToken function in magick/utility.c, and (3) GetTransformTokens function i...
Graphicsmagick Graphicsmagick 1.3.23
Debian Debian Linux 8.0
Suse Studio Onsite 1.3
Suse Linux Enterprise Software Development Kit 11
Opensuse Leap 42.1
Suse Linux Enterprise Debuginfo 11
Opensuse Opensuse 13.2
5.5
CVSSv3
CVE-2016-2318
GraphicsMagick 1.3.23 allows remote malicious users to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartElement function in coders/svg.c, and (3) TraceArcPath function in magick/rend...
Graphicsmagick Graphicsmagick 1.3.23
Debian Debian Linux 8.0
Opensuse Opensuse 13.2
Suse Studio Onsite 1.3
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Debuginfo 11
Opensuse Leap 42.1
9.8
CVSSv3
CVE-2016-0718
Expat allows context-dependent malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
Mozilla Firefox
Apple Mac Os X
Suse Linux Enterprise Server 11
Suse Studio Onsite 1.3
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Debuginfo 11
Opensuse Leap 42.1
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Server 12
Suse Linux Enterprise Desktop 12
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Libexpat Project Libexpat
Debian Debian Linux 8.0
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Mcafee Policy Auditor
Python Python
1 Article
5.5
CVSSv3
CVE-2014-9844
The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted image file.
Opensuse Project Suse Linux Enterprise Debuginfo 11.0
Opensuse Project Suse Linux Enterprise Server 11.0
Suse Studio Onsite 1.3
Opensuse Project Suse Linux Enterprise Software Development Kit 11.0
Opensuse Project Leap 42.1
Opensuse Opensuse 13.2
Opensuse Project Suse Linux Enterprise Desktop 12.0
Opensuse Project Suse Linux Enterprise Server 12.0
Opensuse Project Suse Linux Enterprise Software Development Kit 12.0
Opensuse Project Suse Linux Enterprise Workstation Extension 12.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.10
Imagemagick Imagemagick 6.8.8-9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »