Studio onsite
This hub aggregates every CVE we track for Studio onsite, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.
23
CVEs tracked
7
Critical
7
High
2
In CISA KEV
Severity distribution
MEDIUM8HIGH7CRITICAL7LOW1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Studio onsite.
- CVE-2017-14807SQL injection in ui-server/app/models/diary_entry.rb in SUSE Studio onsite8.1
- CVE-2017-14806Insecure handling of repodata and packages in SUSE Studio onlite3.7
- CVE-2011-0467SQL injection in SUSE studio via select parameter8.8
- CVE-2014-9846Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact.9.8
- CVE-2014-9845The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file.5.5
- CVE-2014-9844The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.5.5
- CVE-2014-9847The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact.9.8
- CVE-2016-2317Multiple buffer overflows in GraphicsMagick 1.3.23 allow remote attackers to cause a denial of service (crash) via a crafted SVG file, related to the (1) TracePoint function in magick/render.c, (2)...5.5
- CVE-2016-2318GraphicsMagick 1.3.23 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted SVG file, related to the (1) DrawImage function in magick/render.c, (2) SVGStartE...5.5
- CVE-2015-8808The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted GIF file.5.5
- CVE-2016-5118The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.9.8
- CVE-2016-0718Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.9.8
- CVE-2015-1283Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service...6.8
- CVE-2014-7169GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or po...KEV9.8
- CVE-2014-6271GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment,...KEV9.8
Product normalization is registry-driven with AI assist and human review. How it works