Marcus Schafer

marcus_schafer

11 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (11)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2011-2652 2Marcus Schafer Novell 2Kiwi Suse Studio Onsite Apr 29, 2026 Aug 23, 2011 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via a crafted archive file list that is used in an o...Show more Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via a crafted archive file list that is used in an overlay file.Show less
CVE-2011-2651 2Marcus Schafer Novell 2Kiwi Suse Studio Onsite Apr 29, 2026 Aug 23, 2011 N/A· v4 N/A· v3 7.5 HIGH· v2 Unspecified vulnerability in the file browser in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted filename.
CVE-2011-2650 2Marcus Schafer Novell 2Kiwi Suse Studio Onsite Apr 29, 2026 Aug 23, 2011 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via a crafted pattern name that is included in an RP...Show more Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via a crafted pattern name that is included in an RPM info display.Show less
CVE-2011-2649 2Marcus Schafer Novell 2Kiwi Suse Studio Onsite Apr 29, 2026 Aug 23, 2011 N/A· v4 N/A· v3 7.5 HIGH· v2 Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows attackers to execute arbitrary commands via shell metacharacters in an unspecified FileUtils function call.
CVE-2011-2648 2Marcus Schafer Novell 2Kiwi Suse Studio Onsite Apr 29, 2026 Aug 23, 2011 N/A· v4 N/A· v3 7.5 HIGH· v2 Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a filter in a modified file.
CVE-2011-2647 2Marcus Schafer Novell 2Kiwi Suse Studio Onsite Apr 29, 2026 Aug 23, 2011 N/A· v4 N/A· v3 7.5 HIGH· v2 Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted archive name in the list of testdrive modified files.
CVE-2011-2646 2Marcus Schafer Novell 2Kiwi Suse Studio Onsite Apr 29, 2026 Aug 23, 2011 N/A· v4 N/A· v3 7.5 HIGH· v2 Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted filename in the list of testdrive modified files.
CVE-2011-2645 2Marcus Schafer Novell 2Kiwi Suse Studio Onsite Apr 29, 2026 Aug 23, 2011 N/A· v4 N/A· v3 7.5 HIGH· v2 Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted filename for a custom RPM.
CVE-2011-2644 2Marcus Schafer Novell 2Kiwi Suse Studio Onsite Apr 29, 2026 Aug 23, 2011 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to an RPM info disp...Show more Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to an RPM info display.Show less
CVE-2011-2226 2Marcus Schafer Novell 2Kiwi Suse Studio Onsite Apr 29, 2026 Aug 23, 2011 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a pattern listin...Show more Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a pattern listing.Show less
CVE-2011-2225 2Marcus Schafer Novell 2Kiwi Suse Studio Onsite Apr 29, 2026 Aug 23, 2011 N/A· v4 N/A· v3 9.3 HIGH· v2 Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows attackers to have an unknown impact via a crafted directory pathname that is inserted into config.sh.