Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
studio onsite vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2011-2646
Unspecified vulnerability in Kiwi prior to 3.74.2, as used in SUSE Studio 1.1 prior to 1.1.4, allows remote malicious users to execute arbitrary code via a crafted filename in the list of testdrive modified files.
Marcus Schafer Kiwi
Novell Suse Studio Onsite 1.1
7.5
CVSSv2
CVE-2011-2648
Unspecified vulnerability in Kiwi prior to 3.74.2, as used in SUSE Studio 1.1 prior to 1.1.4, allows remote malicious users to execute arbitrary code via a filter in a modified file.
Marcus Schafer Kiwi
Novell Suse Studio Onsite 1.1
7.5
CVSSv2
CVE-2011-2651
Unspecified vulnerability in the file browser in Kiwi prior to 3.74.2, as used in SUSE Studio 1.1 prior to 1.1.4, allows remote malicious users to execute arbitrary code via a crafted filename.
Novell Suse Studio Onsite 1.1
Marcus Schafer Kiwi
7.5
CVSSv2
CVE-2011-2647
Unspecified vulnerability in Kiwi prior to 3.74.2, as used in SUSE Studio 1.1 prior to 1.1.4, allows remote malicious users to execute arbitrary code via a crafted archive name in the list of testdrive modified files.
Marcus Schafer Kiwi
Novell Suse Studio Onsite 1.1
7.5
CVSSv2
CVE-2011-2649
Kiwi prior to 3.74.2, as used in SUSE Studio 1.1 prior to 1.1.4, allows malicious users to execute arbitrary commands via shell metacharacters in an unspecified FileUtils function call.
Novell Suse Studio Onsite 1.1
Marcus Schafer Kiwi
7.2
CVSSv2
CVE-2013-3709
WebYaST 1.3 uses weak permissions for config/initializers/secret_token.rb, which allows local users to gain privileges by reading the Rails secret token from this file.
Suse Webyast 1.3
Suse Studio Onsite 1.3
Novell Suse Lifecycle Management Server 1.3
6.8
CVSSv2
CVE-2011-4315
Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx prior to 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.
F5 Nginx
Fedoraproject Fedora 16
Suse Studio 1.2
Suse Studio Onsite 1.2
Suse Webyast 1.2
6.5
CVSSv2
CVE-2011-0467
A vulnerability in the listing of available software of SUSE Studio Onsite, SUSE Studio Onsite 1.1 Appliance allows authenticated users to execute arbitrary SQL statements via SQL injection. Affected releases are SUSE Studio Onsite: versions before 1.0.3-0.18.1, SUSE Studio Onsit...
Suse Studio Onsite Appliance
Suse Studio Onsite
5.5
CVSSv2
CVE-2017-14807
An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in susestudio-ui-server of SUSE Studio onsite allows remote attackers with admin privileges in Studio to alter SQL statements, allowing for extraction and modification ...
Suse Studio Onsite 1.3
Suse Susestudio-ui-server
4.3
CVSSv2
CVE-2017-14806
A Improper Certificate Validation vulnerability in susestudio-common of SUSE Studio onsite allows remote malicious users to MITM connections to the repositories, which allows the modification of packages received over these connections. This issue affects: SUSE Studio onsite suse...
Suse Studio Onsite 1.3
Suse Susestudio-ui-server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »