22 matches found
CVE-2014-6271
CVE-2014-6271 (Shellshock) affects GNU Bash up to 4.3, enabling remote code execution by processing trailing strings after function definitions in environment variables. Exploitation vectors include OpenSSH ForceCommand, mod_cgi/mod_cgid in Apache, DHCP client scripts, and other environment-passi...
CVE-2014-7169
CVE-2014-7169 affects GNU Bash up to 4.3, where parsing of function definitions in environment variables can be exploited to run commands or impact other attributes across privilege boundaries (notably via ForceCommand in OpenSSH sshd and via mod_cgi/mod_cgid in Apache, as well as DHCP client scr...
CVE-2013-4547
CVE-2013-4547 affects nginx versions 0.8.41–1.4.3 and 1.5.x prior to 1.5.7. Root cause: an unescaped space character in a URI can bypass intended restrictions, enabling remote bypass of access controls as described in the entry. Impact: restriction bypass is possible; exploitation and mitigation ...
CVE-2016-0718
CVE-2016-0718 is evidenced in connected Apple documents as part of the Expat (libexpat) updates applied to OS X El Capitan and iTunes-related components. The Expat/libexpat entry notes that processing XML can trigger vulnerabilities in affected builds, with CVE-2016-0718 specifically associated w...
CVE-2015-1283
The material confirms CVE-2015-1283 is an Expat XML_GetBuffer integer/heap overflow issue, with impact on multiple products using expat up to 2.1.0 (e.g., Chrome before 44.0.2403.89). Related CVEs include CVE-2015-2716 and CVE-2016-4472 (note: the latter indicates the overflow protection was remo...
CVE-2016-5118
CVE-2016-5118 affects GraphicsMagick and ImageMagick: the OpenBlob handling accepts a leading ‘|’ pipe in a filename, enabling remote code execution. Connected advisories confirm the issue and note remediation by upgrading to at least GraphicsMagick 1.3.24 (and corresponding ImageMagick fixes) an...
CVE-2016-2317
GraphicsMagick’s SVG processing for CVE-2016-2317 comprises stack and heap buffer overflows in MVG/SVG rendering (TracePoint, GetToken, GetTransformTokens). Connected advisories confirm this was addressed in newer GraphicsMagick packages across distros (e.g., Debian Jessie: 1.3.20-3+deb8u2; Stret...
CVE-2011-4315
CVE-2011-4315 describes a heap-based buffer overflow in nginx’s DNS resolver path (core/ngx_resolver.c) that can be triggered by compression-pointer processing. Affected: nginx versions prior to 1.0.10. Impact stated across sources: remote resolvers may cause a denial of service (daemon crash) an...
CVE-2014-9846
CVE-2014-9846 involves a buffer overflow in the ReadRLEImage function (coders/rle.c) of ImageMagick, exposed in at least ImageMagick 6.8.9.9. Remote, unauthenticated attackers could trigger an overflow, with impact described as unspecified in the CVE record. The connected OpenVAS/Nessus entries c...
CVE-2014-9845
CVE-2014-9845 : ImageMagick’s ReadDIBImage function (coders/dib.c) is vulnerable to a denial of service by processing a corrupted DIB file. The vulnerability exists in the ImageMagick code path that reads DIB images. The connected sources confirm the affected component and the crash outcome but d...
CVE-2016-2318
GraphicsMagick 1.3.23 is affected by CVE-2016-2318, which can cause denial of service via a crafted SVG file due to segmentation faults in render SVG handling (DrawImage, SVGStartElement, TraceArcPath). Patches exist in downstream advisories: Debian/DSA-3746 fixes to GraphicsMagick (e.g., 1.3.20-...
CVE-2015-8808
CVE-2015-8808 affects GraphicsMagick (GIF decoding path). The DecodeImage function in coders/gif.c can trigger an out-of-bounds read on crafted GIFs, leading to denial of service via uninitialized memory access. The issue is tied to the GIF parser in GraphicsMagick 1.3.18 and has been addressed i...
CVE-2014-9844
CVE-2014-9844 affects ImageMagick 6.8.9.9, where the ReadRLEImage function in coders/rle.c is vulnerable. A crafted image file can trigger an out-of-bounds read, enabling a remote denial of service. The vulnerability is tied to processing of RLE-encoded data within ImageMagick. The provided conne...
CVE-2013-3709
CVE-2013-3709 affects WebYaST 1.3 where the config/initializers/secret_token.rb file has weak permissions, allowing a local attacker to read the Rails secret token and potentially forge session cookies. SUSE/openSUSE advisories (openSUSE-SU-2013:1952/1954/1961) patch this by making secret_token.r...
CVE-2017-14807
CVE-2017-14807 is an SQL injection vulnerability in SUSE Studio onsite susestudio-ui-server (affected: version 1.3.17-56.6.3 and prior). The issue is described as Improper Neutralization of Special Elements used in an SQL Command, enabling remote attackers with admin privileges in Studio to alter...
CVE-2017-14806
CVE-2017-14806 concerns an Improper Certificate Validation in SUSE Studio onsite’s susestudio-common, affecting version 1.3.17-56.6.3 and earlier. The vulnerability could allow remote attackers to perform MITM on repository connections, enabling modification of delivered packages. Connected docum...
CVE-2011-0467
CVE-2011-0467 affects SUSE Studio Onsite and SUSE Studio Onsite Appliance. The issue is a SQL injection vulnerability in the listing of available software, exploitable by authenticated users. Affected releases: SUSE Studio Onsite prior to 1.0.3-0.18.1 and SUSE Studio Onsite 1.1 Appliance prior to...
CVE-2011-4195
CVE-2011-4195 affects kiwi before 4.98.05, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1. An attacker can execute arbitrary commands via shell metacharacters in an image name. Impact: arbitrary command execution with network-accessible cont...
CVE-2013-3712
CVE-2013-3712 affects SUSE Studio Onsite 1.3.x before 1.3.6 and SUSE Studio Extension for System z 1.3, which use static secret tokens. The material states the impact and attack vectors as unspecified in the description; no concrete exploitation details, affected component versions, root cause sp...
CVE-2011-3180
Kiwi before 4.98.08, used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands via shell metacharacters in the path of an overlay file, related to chown. Root cause: untrusted path handling in Kiwi leads to ...
CVE-2011-4193
CVE-2011-4193 describes a Cross-site scripting (XSS) flaw in the overlay files tab of SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1. The vulnerability allows remote attackers to inject arbitrary web script or HTML via a crafted application, related to...
CVE-2011-4192
CVE-2011-4192 affects kiwi before 4.85.1, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1. The issue allows attackers to execute arbitrary commands, demonstrated by "double quotes in kiwi_oemtitle of .profile." The connected documents corrobo...