Filtered by vendor Novell
Subscriptions
Total
675 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-2653 | 1 Novell | 1 Zenworks Asset Management | 2025-04-11 | N/A |
| Directory traversal vulnerability in the rtrlet component in Novell ZENworks Asset Management (ZAM) 7.5 allows remote attackers to execute arbitrary code by uploading an executable file. | ||||
| CVE-2013-4854 | 10 Fedoraproject, Freebsd, Hp and 7 more | 12 Fedora, Freebsd, Hp-ux and 9 more | 2025-04-11 | N/A |
| The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013. | ||||
| CVE-2010-0284 | 2 Microsoft, Novell | 2 Windows, Access Manager | 2025-04-11 | N/A |
| Directory traversal vulnerability in the getEntry method in the PortalModuleInstallManager component in a servlet in nps.jar in the Administration Console (aka Access Management Console) in Novell Access Manager 3.1 before 3.1.2-281 on Windows allows remote attackers to create arbitrary files with any contents, and consequently execute arbitrary code, via a .. (dot dot) in a parameter, aka ZDI-CAN-678. | ||||
| CVE-2005-4887 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | N/A |
| NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5 allows attackers to have an unspecified impact via vectors related to passwords. | ||||
| CVE-2000-1245 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | N/A |
| Multiple unspecified vulnerabilities in NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allow remote attackers to bypass intended restrictions on anonymous access via unknown vectors. | ||||
| CVE-2013-2770 | 1 Novell | 2 Kanaka, Open Enterprise Server | 2025-04-11 | N/A |
| The installation functionality in the Novell Kanaka component before 2.8 for Novell Open Enterprise Server (OES) on Mac OS X does not verify the server's X.509 certificate during an SSL session, which allows man-in-the-middle attackers to spoof servers via an arbitrary certificate. | ||||
| CVE-2012-4957 | 1 Novell | 1 File Reporter | 2025-04-11 | N/A |
| Absolute path traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to read arbitrary files via a /FSF/CMD request with a full pathname in a PATH element of an SRS record. | ||||
| CVE-2011-3179 | 1 Novell | 2 Groupwise Messenger, Messenger | 2025-04-11 | N/A |
| The server process in Novell Messenger 2.1 and 2.2.x before 2.2.1, and Novell GroupWise Messenger 2.04 and earlier, allows remote attackers to read from arbitrary memory locations via a crafted command. | ||||
| CVE-2012-6534 | 1 Novell | 1 Sentinel Log Manager | 2025-04-11 | N/A |
| Novell Sentinel Log Manager before 1.2.0.3 allows remote attackers to create data retention policies via a crafted text/x-gwt-rpc request to novelllogmanager/datastorageservice.rpc, and allows remote authenticated Report Administrators to create data retention policies via a search-results "Save Query As" "Save As Retention Policy" action. | ||||
| CVE-2013-1082 | 1 Novell | 1 Zenworks Mobile Management | 2025-04-11 | N/A |
| Directory traversal vulnerability in DUSAP.php in Novell ZENworks Mobile Management before 2.7.1 allows remote attackers to include and execute arbitrary local files via the language parameter. | ||||
| CVE-2010-3912 | 1 Novell | 1 Suse Linux | 2025-04-11 | N/A |
| The supportconfig script in supportutils in SUSE Linux Enterprise 11 SP1 and 10 SP3 does not "disguise passwords" in configuration files, which has unknown impact and attack vectors. | ||||
| CVE-2003-1596 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | N/A |
| NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway home directories, which allows remote attackers to bypass intended access restrictions via an FTP session. | ||||
| CVE-2011-3174 | 1 Novell | 1 Zenworks Configuration Management | 2025-04-11 | N/A |
| Buffer overflow in the DoFindReplace function in the ISGrid.Grid2.1 ActiveX control in InstallShield/ISGrid2.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary code via a long bstrReplaceText parameter. | ||||
| CVE-2011-2658 | 1 Novell | 1 Zenworks Configuration Management | 2025-04-11 | N/A |
| The ISList.ISAvi ActiveX control in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 provides access to the mscomct2.ocx file, which allows remote attackers to execute arbitrary code by leveraging unspecified mscomct2 flaws. | ||||
| CVE-2011-2651 | 2 Marcus Schafer, Novell | 2 Kiwi, Suse Studio Onsite | 2025-04-11 | N/A |
| Unspecified vulnerability in the file browser in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted filename. | ||||
| CVE-2003-1595 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | N/A |
| NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intruder detection," which has unspecified impact and attack vectors. | ||||
| CVE-2011-2650 | 2 Marcus Schafer, Novell | 2 Kiwi, Suse Studio Onsite | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via a crafted pattern name that is included in an RPM info display. | ||||
| CVE-2011-2225 | 2 Marcus Schafer, Novell | 2 Kiwi, Suse Studio Onsite | 2025-04-11 | N/A |
| Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows attackers to have an unknown impact via a crafted directory pathname that is inserted into config.sh. | ||||
| CVE-2011-0334 | 1 Novell | 1 Groupwise | 2025-04-11 | N/A |
| Stack-based buffer overflow in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a long HTTP request for a .css file. | ||||
| CVE-2011-1696 | 1 Novell | 2 Identity Manager Roles Based Provisioning Module, Identity Manager User Application | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Novell Identity Manager (aka IDM) User Application 3.5.0, 3.5.1, 3.6.0, 3.6.1, 3.7.0, and 4.0.0, and Identity Manager Roles Based Provisioning Module 3.6.0, 3.6.1, 3.7.0, and 4.0.0, allows remote attackers to inject arbitrary web script or HTML via the apwaDetail (aka apwaDetailId) parameter, aka Bug 692972. | ||||