Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
studio onsite vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2015-8808
The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 allows remote malicious users to cause a denial of service (uninitialized memory access) via a crafted GIF file.
Graphicsmagick Graphicsmagick
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Debuginfo 11
Suse Studio Onsite 1.3
Fedoraproject Fedora 22
NA
CVE-2011-4192
kiwi prior to 4.85.1, as used in SUSE Studio Onsite 1.2 prior to 1.2.1 and SUSE Studio Extension for System z 1.2 prior to 1.2.1, allows malicious users to execute arbitrary commands as demonstrated by "double quotes in kiwi_oemtitle of .profile."
Suse Kiwi
Suse Studio Extension For System Z 1.2
Suse Studio Onsite 1.2
NA
CVE-2011-4195
kiwi prior to 4.98.05, as used in SUSE Studio Onsite 1.2 prior to 1.2.1 and SUSE Studio Extension for System z 1.2 prior to 1.2.1, allows malicious users to execute arbitrary commands via shell metacharacters in an image name.
Suse Studio Extension For System Z 1.2
Suse Kiwi
Suse Studio Onsite 1.2
NA
CVE-2011-4193
Cross-site scripting (XSS) vulnerability in the overlay files tab in SUSE Studio Onsite 1.2 prior to 1.2.1 and SUSE Studio Extension for System z 1.2 prior to 1.2.1 allows remote malicious users to inject arbitrary web script or HTML via a crafted application, related to cloning.
Suse Studio Onsite 1.2
Suse Studio Extension For System Z 1.2
NA
CVE-2011-3180
kiwi prior to 4.98.08, as used in SUSE Studio Onsite 1.2 prior to 1.2.1 and SUSE Studio Extension for System z 1.2 prior to 1.2.1, allows malicious users to execute arbitrary commands via shell metacharacters in the path of an overlay file, related to chown.
Suse Kiwi
Suse Studio Onsite 1.2
Suse Studio Extension For System Z 1.2
NA
CVE-2013-3712
SUSE Studio Onsite 1.3.x prior to 1.3.6 and SUSE Studio Extension for System z 1.3 uses "static" secret tokens, which has unspecified impact and vectors.
Suse Studio Onsite 1.3
Suse Studio Onsite 1.3.1
Suse Studio Onsite 1.3.3
Suse Studio Onsite 1.3.5
Suse Studio Onsite 1.3.2
Suse Studio Onsite 1.3.4
Suse Studio Extension For System Z 1.3
NA
CVE-2013-3709
WebYaST 1.3 uses weak permissions for config/initializers/secret_token.rb, which allows local users to gain privileges by reading the Rails secret token from this file.
Suse Webyast 1.3
Suse Studio Onsite 1.3
Novell Suse Lifecycle Management Server 1.3
NA
CVE-2013-4547
nginx 0.8.41 up to and including 1.4.3 and 1.5.x prior to 1.5.7 allows remote malicious users to bypass intended restrictions via an unescaped space character in a URI.
F5 Nginx
Suse Lifecycle Management Server 1.3
Suse Studio Onsite 1.3
Suse Webyast 1.3
Opensuse Opensuse 11.4
Opensuse Opensuse 12.2
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
1 EDB exploit
1 Github repository
NA
CVE-2013-4589
The ExportAlphaQuantumType function in export.c in GraphicsMagick prior to 1.3.18 might allow remote malicious users to cause a denial of service (crash) via vectors related to exporting the alpha of an 8-bit RGBA image.
Novell Suse Linux Enterprise Debuginfo 11
Novell Suse Studio Onsite 1.3
Novell Suse Linux Enterprise Software Development Kit 11.0
Graphicsmagick Graphicsmagick 1.3.13
Graphicsmagick Graphicsmagick 1.1.11
Graphicsmagick Graphicsmagick 1.0.1
Graphicsmagick Graphicsmagick 1.3.15
Graphicsmagick Graphicsmagick 1.3.14
Graphicsmagick Graphicsmagick 1.3.11
Graphicsmagick Graphicsmagick 1.1
Graphicsmagick Graphicsmagick 1.2.2
Graphicsmagick Graphicsmagick 1.1.3
Graphicsmagick Graphicsmagick 1.1.5
Graphicsmagick Graphicsmagick 1.2.18
Graphicsmagick Graphicsmagick 1.1.10
Graphicsmagick Graphicsmagick 1.0
Graphicsmagick Graphicsmagick 1.2.5
Graphicsmagick Graphicsmagick 1.3.9
Graphicsmagick Graphicsmagick 1.2.3
Graphicsmagick Graphicsmagick 1.3.8
Graphicsmagick Graphicsmagick 1.3.16
Graphicsmagick Graphicsmagick 1.1.4
NA
CVE-2011-4315
Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx prior to 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.
F5 Nginx
Fedoraproject Fedora 16
Suse Studio 1.2
Suse Studio Onsite 1.2
Suse Webyast 1.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »