Filtered by vendor Novell
Subscriptions
Total
675 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-3862 | 1 Novell | 1 Edirectory | 2026-04-23 | N/A |
| The NDSD process in Novell eDirectory 8.7.3 before 8.7.3.10 ftf2 and eDirectory 8.8 before 8.8.5 ftf1 does not properly handle certain LDAP search requests, which allows remote attackers to cause a denial of service (application hang) via a search request with a NULL BaseDN value. | ||||
| CVE-2007-3570 | 1 Novell | 1 Access Manager | 2026-04-23 | N/A |
| The Linux Access Gateway in Novell Access Manager before 3.0 SP1 Release Candidate 1 (RC1) allows remote attackers to bypass unspecified security controls via Fullwidth/Halfwidth Unicode encoded data in a HTTP POST request. | ||||
| CVE-2009-1636 | 1 Novell | 1 Groupwise | 2026-04-23 | N/A |
| Multiple buffer overflows in the Internet Agent (aka GWIA) component in Novell GroupWise 7.x before 7.03 HP3 and 8.x before 8.0 HP2 allow remote attackers to execute arbitrary code via (1) a crafted e-mail address in an SMTP session or (2) an SMTP command. | ||||
| CVE-2009-2457 | 1 Novell | 1 Edirectory | 2026-04-23 | N/A |
| The DS\NDSD component in Novell eDirectory 8.8 before SP5 allows remote attackers to cause a denial of service (crash) via a malformed bind LDAP packet. | ||||
| CVE-2008-2704 | 1 Novell | 1 Groupwise Messenger | 2026-04-23 | N/A |
| Novell GroupWise Messenger (GWIM) before 2.0.3 Hot Patch 1 allows remote attackers to cause a denial of service (crash) via a long user ID, possibly involving a popup alert. NOTE: it is not clear whether this issue crosses privilege boundaries. | ||||
| CVE-2008-4636 | 3 Novell, Opensuse, Suse | 7 Linux Desktop, Open Enterprise Server, Opensuse and 4 more | 2026-04-23 | N/A |
| yast2-backup 2.14.2 through 2.16.6 on SUSE Linux and Novell Linux allows local users to gain privileges via shell metacharacters in filenames used by the backup process. | ||||
| CVE-2009-0611 | 1 Novell | 1 Open Enterprise Server | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in qfsearch/AdminServlet in QuickFinder Server in Novell Open Enterprise Server 1.x allow remote attackers to inject arbitrary web script or HTML via (1) the siteloc parameter in a displayaddsite action, the site parameter in a (2) generalproperties or (3) clusterserviceproperties action, (4) the adminurl parameter in a global action, or (5) the print-list parameter. | ||||
| CVE-2009-1569 | 1 Novell | 1 Iprint | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in Novell iPrint Client 4.38, 5.30, and possibly other versions before 5.32 allow remote attackers to execute arbitrary code via vectors related to (1) Date and (2) Time. | ||||
| CVE-2007-3200 | 1 Novell | 1 Modular Authentication Service | 2026-04-23 | N/A |
| NMASINST in Novell Modular Authentication Service (NMAS) 3.1.2 and earlier on NetWare logs its invoking command line to NMASINST.LOG, which might allow local users to obtain the admin username and password by reading this file. | ||||
| CVE-2007-2923 | 1 Novell | 1 Extend Director | 2026-04-23 | N/A |
| The launch method in the LocalExec ActiveX control (LocalExec.ocx) in Novell exteNd Director 4.1 and Portal Services allows remote attackers to execute arbitrary commands. | ||||
| CVE-2006-5813 | 1 Novell | 1 Edirectory | 2026-04-23 | N/A |
| Unspecified vulnerability in Novell eDirectory 8.8 allows attackers to cause a denial of service, as demonstrated by vd_novell3.pm, a "Novell eDirectory 8.8 DoS." NOTE: As of 20061108, this disclosure has no actionable information. However, since it is from a reliable researcher, it is being assigned a CVE identifier for tracking purposes. | ||||
| CVE-2008-6722 | 1 Novell | 1 Access Manager | 2026-04-23 | N/A |
| Novell Access Manager 3 SP4 does not properly expire X.509 certificate sessions, which allows physically proximate attackers to obtain a logged-in session by using a victim's web-browser process that continues to send the original and valid SSL sessionID, related to inability of Apache Tomcat to clear entries from its SSL cache. | ||||
| CVE-2008-4478 | 1 Novell | 1 Edirectory | 2026-04-23 | N/A |
| Multiple integer overflows in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.73 before 8.7.3.10 ftf1, allow remote attackers to execute arbitrary code via a crafted (1) Content-Length header in a SOAP request or (2) Netware Core Protocol opcode 0x0F message, which triggers a heap-based buffer overflow. | ||||
| CVE-2008-5073 | 1 Novell | 1 Zenworks Desktop Management | 2026-04-23 | N/A |
| Heap-based buffer overflow in an ActiveX control in Novell ZENworks Desktop Management 6.5 allows remote attackers to execute arbitrary code via a long argument to the CanUninstall method. | ||||
| CVE-2006-6761 | 1 Novell | 1 Netmail | 2026-04-23 | N/A |
| Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via a long argument to the SUBSCRIBE command. | ||||
| CVE-2007-5767 | 1 Novell | 1 Bordermanager | 2026-04-23 | N/A |
| Heap-based buffer overflow in the Client Trust application (clntrust.exe) in Novell BorderManager 3.8 before Update 1.5 allows remote attackers to execute arbitrary code via a validation request in which the Novell tree name is not properly delimited with a wide-character backslash or NULL character. | ||||
| CVE-2008-2145 | 1 Novell | 1 Client | 2026-04-23 | N/A |
| Stack-based buffer overflow in Novell Client 4.91 SP4 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long username in the "forgotten password" dialog. | ||||
| CVE-2009-0895 | 1 Novell | 1 Edirectory | 2026-04-23 | N/A |
| Integer overflow in Novell eDirectory 8.7.3.x before 8.7.3.10 ftf2 and 8.8.x before 8.8.5.2 allows remote attackers to execute arbitrary code via an NDS Verb 0x1 request containing a large integer value that triggers a heap-based buffer overflow. | ||||
| CVE-2006-6425 | 1 Novell | 1 Netmail | 2026-04-23 | N/A |
| Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via unspecified vectors involving the APPEND command. | ||||
| CVE-2009-1568 | 1 Novell | 1 Iprint Client | 2026-04-23 | N/A |
| Stack-based buffer overflow in ienipp.ocx in Novell iPrint Client 5.30, and possibly other versions before 5.32, allows remote attackers to execute arbitrary code via a long target-frame parameter. | ||||