Suse Studio Onsite Security Vulnerabilities and Issues — Suse Studio Onsite CVE List

Lucene search

NovellSuse Studio Onsite

11 matches found

CVE•added 2011/08/23 9:55 p.m.•42 views

CVE-2011-2225

Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows attackers to have an unknown impact via a crafted directory pathname that is inserted into config.sh.

9.3CVSS6.7AI score0.0022EPSS

CVE•added 2011/08/23 9:55 p.m.•39 views

CVE-2011-2226

Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a pattern listing.

4.3CVSS5.9AI score0.00222EPSS

CVE•added 2011/08/23 9:55 p.m.•39 views

CVE-2011-2647

Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted archive name in the list of testdrive modified files.

7.5CVSS7.8AI score0.04212EPSS

CVE•added 2011/08/23 9:55 p.m.•37 views

CVE-2011-2646

Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted filename in the list of testdrive modified files.

7.5CVSS7.8AI score0.03151EPSS

CVE•added 2011/08/23 9:55 p.m.•37 views

CVE-2011-2650

Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via a crafted pattern name that is included in an RPM info display.

4.3CVSS5.8AI score0.00398EPSS

CVE•added 2011/08/23 9:55 p.m.•37 views

CVE-2011-2652

4.3CVSS5.8AI score0.00398EPSS

CVE•added 2011/08/23 9:55 p.m.•35 views

CVE-2011-2645

Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted filename for a custom RPM.

7.5CVSS7.8AI score0.03151EPSS

CVE•added 2011/08/23 9:55 p.m.•35 views

CVE-2011-2649

Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows attackers to execute arbitrary commands via shell metacharacters in an unspecified FileUtils function call.

7.5CVSS7.8AI score0.00585EPSS

CVE•added 2011/08/23 9:55 p.m.•34 views

CVE-2011-2644

4.3CVSS5.9AI score0.00398EPSS

CVE•added 2011/08/23 9:55 p.m.•34 views

CVE-2011-2651

Unspecified vulnerability in the file browser in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted filename.

7.5CVSS7.8AI score0.02479EPSS

CVE•added 2011/08/23 9:55 p.m.•33 views

CVE-2011-2648

Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a filter in a modified file.

7.5CVSS7.8AI score0.04212EPSS