ReportizFlow
Filtered by vendor Novell
Subscriptions
Total
675 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-3173 | 1 Novell | 1 Iprint Open Enterprise Server 2 | 2025-04-11 | N/A |
| Stack-based buffer overflow in the GetDriverSettings function in nipplib.dll in the iPrint client in Novell Open Enterprise Server 2 (aka OES2) SP3 allows remote attackers to execute arbitrary code via a long (1) hostname or (2) port field. | ||||
| CVE-2011-2653 | 1 Novell | 1 Zenworks Asset Management | 2025-04-11 | N/A |
| Directory traversal vulnerability in the rtrlet component in Novell ZENworks Asset Management (ZAM) 7.5 allows remote attackers to execute arbitrary code by uploading an executable file. | ||||
| CVE-2011-2658 | 1 Novell | 1 Zenworks Configuration Management | 2025-04-11 | N/A |
| The ISList.ISAvi ActiveX control in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 provides access to the mscomct2.ocx file, which allows remote attackers to execute arbitrary code by leveraging unspecified mscomct2 flaws. | ||||
| CVE-2007-6735 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | N/A |
| NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended access restrictions via an FTP session. | ||||
| CVE-2011-2219 | 1 Novell | 1 Groupwise | 2025-04-11 | N/A |
| Unspecified vulnerability in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to cause a denial of service (daemon crash) via unknown vectors, a different vulnerability than CVE-2011-2218. | ||||
| CVE-2011-2220 | 1 Novell | 2 File Reporter, File Reporter Engine | 2025-04-11 | N/A |
| Stack-based buffer overflow in NFREngine.exe in Novell File Reporter Engine before 1.0.2.53, as used in Novell File Reporter and other products, allows remote attackers to execute arbitrary code via a crafted RECORD element. | ||||
| CVE-2011-2221 | 1 Novell | 2 Data Synchronizer, Mobility Pack | 2025-04-11 | N/A |
| The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 allows remote attackers to bypass WebAdmin authentication and obtain sensitive GroupWise information via unspecified vectors. | ||||
| CVE-2011-2222 | 1 Novell | 2 Data Synchronizer, Mobility Pack | 2025-04-11 | N/A |
| Session fixation vulnerability in WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 allows remote attackers to hijack web sessions via unspecified vectors. | ||||
| CVE-2011-2223 | 1 Novell | 2 Data Synchronizer, Mobility Pack | 2025-04-11 | N/A |
| The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 sends the Admin LDAP password in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network. | ||||
| CVE-2011-2224 | 1 Novell | 2 Data Synchronizer, Mobility Pack | 2025-04-11 | N/A |
| The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors. | ||||
| CVE-2011-2226 | 2 Marcus Schafer, Novell | 2 Kiwi, Suse Studio Onsite | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a pattern listing. | ||||
| CVE-2011-3174 | 1 Novell | 1 Zenworks Configuration Management | 2025-04-11 | N/A |
| Buffer overflow in the DoFindReplace function in the ISGrid.Grid2.1 ActiveX control in InstallShield/ISGrid2.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary code via a long bstrReplaceText parameter. | ||||
| CVE-2011-3175 | 1 Novell | 1 Zenworks Configuration Management | 2025-04-11 | N/A |
| Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to execute arbitrary code via an opcode 0x6c request. | ||||
| CVE-2011-4187 | 2 Microsoft, Novell | 2 Windows, Iprint | 2025-04-11 | N/A |
| Buffer overflow in the GetDriverSettings function in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a long realm field, a different vulnerability than CVE-2011-3173. | ||||
| CVE-2011-4188 | 1 Novell | 1 Imanager | 2025-04-11 | N/A |
| Buffer overflow in the Create Attribute function in jclient in Novell iManager 2.7.4 before patch 4 allows remote authenticated users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted EnteredAttrName parameter, a related issue to CVE-2010-1929. | ||||
| CVE-2011-4191 | 1 Novell | 1 Netware | 2025-04-11 | N/A |
| Stack-based buffer overflow in the xdrDecodeString function in XNFS.NLM in Novell NetWare 6.5 SP8 allows remote attackers to execute arbitrary code or cause a denial of service (abend or NFS outage) via long packets. | ||||
| CVE-2013-1379 | 8 Adobe, Apple, Google and 5 more | 10 Adobe Air, Adobe Air Sdk, Flash Player and 7 more | 2025-04-11 | N/A |
| Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 do not properly initialize pointer arrays, which allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | ||||
| CVE-2009-4878 | 1 Novell | 1 Access Manager | 2025-04-11 | N/A |
| Unspecified vulnerability in the Administration Console in Novell Access Manager before 3.1 SP1 allows attackers to access system files via unknown attack vectors. | ||||
| CVE-2009-4879 | 1 Novell | 1 Access Manager | 2025-04-11 | N/A |
| The Identity Server in Novell Access Manager before 3.1 SP1 allows attackers with disabled Active Directory accounts to authenticate using X.509 authentication, which bypasses intended access restrictions. | ||||
| CVE-2010-4711 | 1 Novell | 1 Groupwise | 2025-04-11 | N/A |
| Double free vulnerability in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a large parameter in a LIST command. | ||||