258371
|
- |
|
bzip
|
bzip2
|
The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by prec…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4089
|
2014-04-17 23:15 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258372
|
- |
|
suse
|
studio_extension_for_system_z studio_onsite
|
Cross-site scripting (XSS) vulnerability in the overlay files tab in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1 allows remote attackers to inject arbi…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4193
|
2014-04-17 23:04 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258373
|
- |
|
suse
|
kiwi studio_extension_for_system_z studio_onsite
|
kiwi before 4.85.1, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands as demonstrated by "double q…
|
NVD-CWE-Other
|
CVE-2011-4192
|
2014-04-17 22:53 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258374
|
- |
|
suse
|
kiwi studio_extension_for_system_z studio_onsite
|
Per: https://cwe.mitre.org/data/definitions/77.html
"CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')"
|
NVD-CWE-Other
|
CVE-2011-4192
|
2014-04-17 22:53 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258375
|
- |
|
suse
|
kiwi studio_extension_for_system_z studio_onsite
|
kiwi before 4.98.08, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands via shell metacharacters in…
|
NVD-CWE-Other
|
CVE-2011-3180
|
2014-04-17 22:36 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258376
|
- |
|
suse
|
kiwi studio_extension_for_system_z studio_onsite
|
Per: https://cwe.mitre.org/data/definitions/77.html
"CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')"
|
NVD-CWE-Other
|
CVE-2011-3180
|
2014-04-17 22:36 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258377
|
- |
|
oracle
|
supply_chain_products_suite
|
Unspecified vulnerability in the Oracle Agile Product Lifecycle component in Oracle Supply Chain Products Suite 6.1.0.3 and 6.1.1.3 allows remote attackers to affect integrity via unknown vectors rel…
|
NVD-CWE-noinfo
|
CVE-2014-2458
|
2014-04-17 03:34 |
2014-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258378
|
- |
|
oracle
|
supply_chain_products_suite
|
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 5.5.06, 6.0, 6.1, 6.2, 6.3, 6.3.1, 6.3.2, and 6.3.3 allows remote attackers to affect…
|
NVD-CWE-noinfo
|
CVE-2014-2461
|
2014-04-17 03:34 |
2014-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258379
|
- |
|
oracle
|
supply_chain_products_suite
|
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 5.5.06, 6.0, 6.1, 6.2, 6.3, 6.3.1, 6.3.2, and 6.3.3 allows remote authenticated users…
|
NVD-CWE-noinfo
|
CVE-2014-2460
|
2014-04-17 03:33 |
2014-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258380
|
- |
|
oracle
|
supply_chain_products_suite
|
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.3.2 and 6.3.3 allows local users to affect confidentiality, integrity, and availabi…
|
NVD-CWE-noinfo
|
CVE-2014-2459
|
2014-04-17 03:31 |
2014-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|