Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

studio extension for system z vulnerabilities and exploits

(subscribe to this query)
4.3
CVSSv2
CVE-2011-4193
Cross-site scripting (XSS) vulnerability in the overlay files tab in SUSE Studio Onsite 1.2 prior to 1.2.1 and SUSE Studio Extension for System z 1.2 prior to 1.2.1 allows remote malicious users to inject arbitrary web script or HTML via a crafted application, related to cloning.
Suse Studio Onsite 1.2Suse Studio Extension For System Z 1.2
7.5
CVSSv2
CVE-2011-3180
kiwi prior to 4.98.08, as used in SUSE Studio Onsite 1.2 prior to 1.2.1 and SUSE Studio Extension for System z 1.2 prior to 1.2.1, allows malicious users to execute arbitrary commands via shell metacharacters in the path of an overlay file, related to chown.
Suse KiwiSuse Studio Onsite 1.2Suse Studio Extension For System Z 1.2
7.5
CVSSv2
CVE-2011-4192
kiwi prior to 4.85.1, as used in SUSE Studio Onsite 1.2 prior to 1.2.1 and SUSE Studio Extension for System z 1.2 prior to 1.2.1, allows malicious users to execute arbitrary commands as demonstrated by "double quotes in kiwi_oemtitle of .profile."
Suse KiwiSuse Studio Extension For System Z 1.2Suse Studio Onsite 1.2
7.5
CVSSv2
CVE-2011-4195
kiwi prior to 4.98.05, as used in SUSE Studio Onsite 1.2 prior to 1.2.1 and SUSE Studio Extension for System z 1.2 prior to 1.2.1, allows malicious users to execute arbitrary commands via shell metacharacters in an image name.
Suse Studio Extension For System Z 1.2Suse KiwiSuse Studio Onsite 1.2
10
CVSSv2
CVE-2013-3712
SUSE Studio Onsite 1.3.x prior to 1.3.6 and SUSE Studio Extension for System z 1.3 uses "static" secret tokens, which has unspecified impact and vectors.
Suse Studio Onsite 1.3Suse Studio Onsite 1.3.1Suse Studio Onsite 1.3.3Suse Studio Onsite 1.3.5Suse Studio Onsite 1.3.2Suse Studio Onsite 1.3.4Suse Studio Extension For System Z 1.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322administrator privilegesCVE-2024-1579hardcodedCVE-2023-20198CVE-2024-33587CVE-2024-33449CVE-2024-4308HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook